使用AWS Secrets Manager管理RDS访问

Question

我目前正在使用Eclipse和适用于Eclipse的AWS工具包。我的项目已经工作，并且正在执行其工作，该工作是连接到RDS实例并将JSON对象返回给API Gateway调用。

我只是有一个新的要求，我们将使用服务SecretsManager来自动轮流RDS配置，例如用户，密码等。

问题是，当我尝试导入类，比如GetSecretValueResponse，我收到了The import com.amazonaws.services.secretsmanager cannot be resolved。在浏览文档和SDK时，存在一个，GetSecretValueRequest但不存在GetSecretValueResponse，因此我无法理解应该做什么，也没有找到与我可以研究的示例相似的内容。

以下代码是我要实现的代码，由Amazon本身提供（在Secrets Manager页面中，有一个按钮，您可以单击以查看它在这种情况下如何与Java配合使用），并且无需进行任何修改即可显示但是因为如我所说，我不知道如何导入几个类：

// Use this code snippet in your app.
public static void getSecret() {
String secretName = "secretName";
String endpoint = "secretEndpoint";
String region = "region";

AwsClientBuilder.EndpointConfiguration config = new AwsClientBuilder.EndpointConfiguration(endpoint, region);
AWSSecretsManagerClientBuilder clientBuilder = AWSSecretsManagerClientBuilder.standard();
clientBuilder.setEndpointConfiguration(config);
AWSSecretsManager client = clientBuilder.build();

String secret;
ByteBuffer binarySecretData;
GetSecretValueRequest getSecretValueRequest = GetSecretValueRequest.builder()
        .withSecretId(secretName)
        .build();
GetSecretValueResponse getSecretValueResponse = null;
try {
    getSecretValueResponse = client.getSecretValue(getSecretValueRequest);

} catch(ResourceNotFoundException e) {
    System.out.println("The requested secret " + secretName + " was not found");
} catch (InvalidRequestException e) {
    System.out.println("The request was invalid due to: " + e.getMessage());
} catch (InvalidParameterException e) {
    System.out.println("The request had invalid params: " + e.getMessage());
}

if(getSecretValueResponse == null) {
    return;
}

// Decrypted secret using the associated KMS CMK
// Depending on whether the secret was a string or binary, one of these fields will be populated
if(getSecretValueResponse.getSecretString() != null) {
    secret = getSecretValueResponse.getSecretString();
}
else {
    binarySecretData = getSecretValueResponse.getSecretBinary();
}

// Your code goes here. 
}

Answer 1

我遇到了同样的问题，AWS页面上显示的代码无法立即使用。您要查找的类是GetSecretValueResult 最新的Java文档

https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/services/secretsmanager/model/GetSecretValueResult.html

这是一个可行的方法：

public void printRdsSecret() throws IOException {
    String secretName = "mySecretName";

    System.out.println("Requesting secret...");
    AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard().build();

    GetSecretValueRequest getSecretValueRequest = new GetSecretValueRequest().withSecretId(secretName);

    GetSecretValueResult getSecretValueResult = client.getSecretValue(getSecretValueRequest);

    System.out.println("secret retrieved ");
    final String secretBinaryString = getSecretValueResult.getSecretString();
    final ObjectMapper objectMapper = new ObjectMapper();

    final HashMap<String, String> secretMap = objectMapper.readValue(secretBinaryString, HashMap.class);

    String url = String.format("jdbc:postgresql://%s:%s/dbName", secretMap.get("host"), secretMap.get("port"));
    System.out.println("Secret url = "+url);
    System.out.println("Secret username = "+secretMap.get("username"));
    System.out.println("Secret password = "+secretMap.get("password"));
 }

已通过aws-java-sdk-secretsmanager版本测试1.11.337