首页 > 编程语言> > java – 使用AWS Secrets Manager管理RDS访问

java – 使用AWS Secrets Manager管理RDS访问

2019-09-10 17:03:50 作者：互联网

我目前正在使用Eclipse和AWS Toolkit for Eclipse.我的项目已经运行,它正在完成它的工作,即连接到RDS实例并将JSON对象返回到API网关调用.

我刚刚得到了一个新的要求,我们将使用服务SecretsManager自动轮换RDS配置,如用户,密码等.

问题是当我尝试导入GetSecretValueResponse等类时,我得到了一个导入com.amazonaws.services.secretsmanager无法解析.当我浏览文档和SDK时,存在GetSecretValueRequest而不是GetSecretValueResponse,所以我无法理解我应该做什么,也没有找到类似于我可以学习的例子.

以下代码是我试图实现的,由亚马逊自己提供(在Secrets Manager页面中有一个按钮,您可以单击以查看它将如何与Java一起使用,在这种情况下),它没有任何修改但因为我说我不知道如何导入几个类：

// Use this code snippet in your app.
public static void getSecret() {
String secretName = "secretName";
String endpoint = "secretEndpoint";
String region = "region";

AwsClientBuilder.EndpointConfiguration config = new AwsClientBuilder.EndpointConfiguration(endpoint, region);
AWSSecretsManagerClientBuilder clientBuilder = AWSSecretsManagerClientBuilder.standard();
clientBuilder.setEndpointConfiguration(config);
AWSSecretsManager client = clientBuilder.build();

String secret;
ByteBuffer binarySecretData;
GetSecretValueRequest getSecretValueRequest = GetSecretValueRequest.builder()
        .withSecretId(secretName)
        .build();
GetSecretValueResponse getSecretValueResponse = null;
try {
    getSecretValueResponse = client.getSecretValue(getSecretValueRequest);

} catch(ResourceNotFoundException e) {
    System.out.println("The requested secret " + secretName + " was not found");
} catch (InvalidRequestException e) {
    System.out.println("The request was invalid due to: " + e.getMessage());
} catch (InvalidParameterException e) {
    System.out.println("The request had invalid params: " + e.getMessage());
}

if(getSecretValueResponse == null) {
    return;
}

// Decrypted secret using the associated KMS CMK
// Depending on whether the secret was a string or binary, one of these fields will be populated
if(getSecretValueResponse.getSecretString() != null) {
    secret = getSecretValueResponse.getSecretString();
}
else {
    binarySecretData = getSecretValueResponse.getSecretBinary();
}

// Your code goes here. 
}

解决方法:

我遇到了同样的问题,AWS页面上的代码无法开箱即用.您正在寻找的课程是GetSecretValueResult
这是最新的java文档

https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/services/secretsmanager/model/GetSecretValueResult.html

这是一个应该工作的作品：

public void printRdsSecret() throws IOException {
    String secretName = "mySecretName";

    System.out.println("Requesting secret...");
    AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard().build();

    GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest().withSecretId(secretName);

    GetSecretValueResult getSecretValueResult = client.getSecretValue(getSecretValueRequest);

    System.out.println("secret retrieved ");
    final String secretBinaryString = getSecretValueResult.getSecretString();
    final ObjectMapper objectMapper = new ObjectMapper();

    final HashMap<String, String> secretMap = objectMapper.readValue(secretBinaryString, HashMap.class);

    String url = String.format("jdbc:postgresql://%s:%s/dbName", secretMap.get("host"), secretMap.get("port"));
    System.out.println("Secret url = "+url);
    System.out.println("Secret username = "+secretMap.get("username"));
    System.out.println("Secret password = "+secretMap.get("password"));
 }

这是使用版本1.11.337的aws-java-sdk-secretsmanager测试的

标签：java,amazon-web-services,aws-lambda,aws-sdk,aws-secrets-manager
来源： https://codeday.me/bug/20190910/1799997.html