Search in sources :

Example 41 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project bazel-buildfarm by bazelbuild.

the class AwsMetricsPublisher method getAwsSecret.

@SuppressWarnings("unchecked")
private void getAwsSecret(String secretName) {
    AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard().withRegion(region).build();
    GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest().withSecretId(secretName);
    GetSecretValueResult getSecretValueResult;
    try {
        getSecretValueResult = client.getSecretValue(getSecretValueRequest);
    } catch (Exception e) {
        logger.log(Level.SEVERE, String.format("Could not get secret %s from AWS.", secretName));
        return;
    }
    String secret;
    if (getSecretValueResult.getSecretString() != null) {
        secret = getSecretValueResult.getSecretString();
    } else {
        secret = new String(Base64.getDecoder().decode(getSecretValueResult.getSecretBinary()).array());
    }
    if (secret != null) {
        try {
            final ObjectMapper objectMapper = new ObjectMapper();
            final HashMap<String, String> secretMap = objectMapper.readValue(secret, HashMap.class);
            accessKeyId = secretMap.get("access_key");
            secretKey = secretMap.get("secret_key");
        } catch (IOException e) {
            logger.log(Level.SEVERE, String.format("Could not parse secret %s from AWS", secretName));
        }
    }
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) AWSSecretsManager(com.amazonaws.services.secretsmanager.AWSSecretsManager) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest) IOException(java.io.IOException) IOException(java.io.IOException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 42 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project aws-secretsmanager-caching-java by aws.

the class SecretCacheObject method getSecretValue.

/**
 * Return the cached result from AWS Secrets Manager for GetSecretValue.
 *
 * @return The cached GetSecretValue result.
 */
public GetSecretValueResult getSecretValue() {
    synchronized (lock) {
        refresh();
        if (null == this.data) {
            if (null != this.exception) {
                throw this.exception;
            }
        }
        GetSecretValueResult gsv = this.getSecretValue(this.getResult());
        // If there is no cached result, return null.
        if (null == gsv) {
            return null;
        }
        // We want to clone the result to prevent callers from modifying
        // the cached data.
        gsv = gsv.clone();
        // The prior clone did not perform a deep clone of all objects.
        // Handle cloning the byte buffer it one exists.
        gsv.setSecretBinary(clone(gsv.getSecretBinary()));
        gsv.setVersionStages(clone(gsv.getVersionStages()));
        return gsv;
    }
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult)

Example 43 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project aws-secretsmanager-caching-java by aws.

the class SecretCache method getSecretBinary.

/**
 * Method to retrieve a binary secret from AWS Secrets Manager.
 *
 * @param secretId
 *        The identifier for the secret being requested.
 * @return The binary secret
 */
public ByteBuffer getSecretBinary(final String secretId) {
    SecretCacheItem secret = this.getCachedSecret(secretId);
    GetSecretValueResult gsv = secret.getSecretValue();
    if (null == gsv) {
        return null;
    }
    return gsv.getSecretBinary();
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) SecretCacheItem(com.amazonaws.secretsmanager.caching.cache.SecretCacheItem)

Example 44 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project aws-secretsmanager-caching-java by aws.

the class SecretCache method getSecretString.

/**
 * Method to retrieve a string secret from AWS Secrets Manager.
 *
 * @param secretId
 *        The identifier for the secret being requested.
 * @return The string secret
 */
public String getSecretString(final String secretId) {
    SecretCacheItem secret = this.getCachedSecret(secretId);
    GetSecretValueResult gsv = secret.getSecretValue();
    if (null == gsv) {
        return null;
    }
    return gsv.getSecretString();
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) SecretCacheItem(com.amazonaws.secretsmanager.caching.cache.SecretCacheItem)

Example 45 with GetSecretValueResult

use of com.amazonaws.services.secretsmanager.model.GetSecretValueResult in project aws-athena-query-federation by awslabs.

the class CacheableSecretsManagerTest method resolveSecrets.

@Test
public void resolveSecrets() {
    when(mockSecretsManager.getSecretValue(any(GetSecretValueRequest.class))).thenAnswer((InvocationOnMock invocation) -> {
        GetSecretValueRequest request = invocation.getArgumentAt(0, GetSecretValueRequest.class);
        String result = request.getSecretId();
        if (result.equalsIgnoreCase("unknown")) {
            throw new RuntimeException("Unknown secret!");
        }
        return new GetSecretValueResult().withSecretString(result);
    });
    String oneSecret = "${OneSecret}";
    String oneExpected = "OneSecret";
    assertEquals(oneExpected, cachableSecretsManager.resolveSecrets(oneSecret));
    String twoSecrets = "ThisIsMyStringWith${TwoSecret}SuperSecret${Secrets}";
    String twoExpected = "ThisIsMyStringWithTwoSecretSuperSecretSecrets";
    assertEquals(twoExpected, cachableSecretsManager.resolveSecrets(twoSecrets));
    String noSecrets = "ThisIsMyStringWithTwoSecretSuperSecretSecrets";
    String noSecretsExpected = "ThisIsMyStringWithTwoSecretSuperSecretSecrets";
    assertEquals(noSecretsExpected, cachableSecretsManager.resolveSecrets(noSecrets));
    String commonErrors = "ThisIsM}yStringWi${thTwoSecretS{uperSecretSecrets";
    String commonErrorsExpected = "ThisIsM}yStringWi${thTwoSecretS{uperSecretSecrets";
    assertEquals(commonErrorsExpected, cachableSecretsManager.resolveSecrets(commonErrors));
    String unknownSecret = "This${Unknown}";
    try {
        cachableSecretsManager.resolveSecrets(unknownSecret);
        fail("Should not see this!");
    } catch (RuntimeException ex) {
    }
}
Also used : GetSecretValueResult(com.amazonaws.services.secretsmanager.model.GetSecretValueResult) InvocationOnMock(org.mockito.invocation.InvocationOnMock) GetSecretValueRequest(com.amazonaws.services.secretsmanager.model.GetSecretValueRequest) Test(org.junit.Test)

Aggregations

GetSecretValueResult (com.amazonaws.services.secretsmanager.model.GetSecretValueResult)60 GetSecretValueRequest (com.amazonaws.services.secretsmanager.model.GetSecretValueRequest)51 AWSSecretsManager (com.amazonaws.services.secretsmanager.AWSSecretsManager)25 Before (org.junit.Before)21 JdbcConnectionFactory (com.amazonaws.athena.connectors.jdbc.connection.JdbcConnectionFactory)18 JdbcCredentialProvider (com.amazonaws.athena.connectors.jdbc.connection.JdbcCredentialProvider)18 AmazonAthena (com.amazonaws.services.athena.AmazonAthena)17 FederatedIdentity (com.amazonaws.athena.connector.lambda.security.FederatedIdentity)16 Connection (java.sql.Connection)13 Test (org.junit.jupiter.api.Test)10 Test (org.junit.Test)8 AmazonS3 (com.amazonaws.services.s3.AmazonS3)6 DatabaseConnectionConfig (com.amazonaws.athena.connectors.jdbc.connection.DatabaseConnectionConfig)5 InvocationOnMock (org.mockito.invocation.InvocationOnMock)5 Map (java.util.Map)4 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)4 QueryStatusChecker (com.amazonaws.athena.connector.lambda.QueryStatusChecker)3 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 IOException (java.io.IOException)3