com.amazonaws.secretsmanager.caching.SecretCacheConfiguration Java Examples

protected SecretCache createSecretCache(
    String awsAccessKey,
    String awsSecretKey,
    String region,
    int cacheSize,
    long cacheTTL
) {
  AWSCredentialsProvider credentials = getCredentialsProvider(awsAccessKey, awsSecretKey);
  AWSSecretsManagerClientBuilder clientBuilder = AWSSecretsManagerClientBuilder
      .standard()
      .withRegion(region)
      .withCredentials(credentials);

  SecretCacheConfiguration cacheConf = new SecretCacheConfiguration()
      .withMaxCacheSize(cacheSize)
      .withCacheItemTTL(cacheTTL)
      .withClient(clientBuilder.build());

  return new SecretCache(cacheConf);
}
 

@Test
public void testInitDefaultConfigs() throws Exception {
  String region = "us-west-2";
  String awsAccessKey = "access-key";
  String awsSecretKey = "secret-key";

  CredentialStore.Context context = Mockito.mock(CredentialStore.Context.class);
  Mockito.when(context.getConfig(AWSSecretsManagerCredentialStore.AWS_REGION_PROP)).thenReturn(region);
  Mockito.when(context.getConfig(AWSSecretsManagerCredentialStore.AWS_ACCESS_KEY_PROP)).thenReturn(awsAccessKey);
  Mockito.when(context.getConfig(AWSSecretsManagerCredentialStore.AWS_SECRET_KEY_PROP)).thenReturn(awsSecretKey);

  SecretCache secretCache = Mockito.mock(SecretCache.class);
  AWSSecretsManagerCredentialStore secretManager = createAWSSecretsManagerCredentialStore(secretCache);
  List<CredentialStore.ConfigIssue> issues = secretManager.init(context);
  Assert.assertEquals(0, issues.size());

  Mockito.verify(secretManager, Mockito.times(1)).createSecretCache(
      awsAccessKey,
      awsSecretKey,
      region,
      SecretCacheConfiguration.DEFAULT_MAX_CACHE_SIZE,
      SecretCacheConfiguration.DEFAULT_CACHE_ITEM_TTL
  );
}
 

@Override
public List<ConfigIssue> init(Context context) {
  List<ConfigIssue> issues = new ArrayList<>();

  nameKeySeparator = context.getConfig(NAME_KEY_SEPARATOR_PROP);
  if (nameKeySeparator == null) {
    nameKeySeparator = NAME_KEY_SEPARTOR_DEFAULT;
  }

  String region = context.getConfig(AWS_REGION_PROP);
  if (region == null || region.isEmpty()) {
    issues.add(context.createConfigIssue(Errors.AWS_SECRETS_MANAGER_CRED_STORE_00, AWS_REGION_PROP));
  }

  String accessKey = context.getConfig(AWS_ACCESS_KEY_PROP);
  String secretKey = context.getConfig(AWS_SECRET_KEY_PROP);

  String cacheSizeStr = context.getConfig(CACHE_MAX_SIZE_PROP);
  int cacheSize = (cacheSizeStr != null)
      ? Integer.parseInt(cacheSizeStr)
      : SecretCacheConfiguration.DEFAULT_MAX_CACHE_SIZE;

  String cacheTTLStr = context.getConfig(CACHE_TTL_MILLIS_PROP);
  long cacheTTL = (cacheTTLStr != null)
      ? Integer.parseInt(cacheTTLStr)
      : SecretCacheConfiguration.DEFAULT_CACHE_ITEM_TTL;

  if (issues.isEmpty()) {
    LOG.debug("Creating Secret Cache for region '{}'", region);
    secretCache = createSecretCache(accessKey, secretKey, region, cacheSize, cacheTTL);
    validateCredentialStoreConnection(context, issues);
  }

  return issues;
}
 

/**
 * Construct a new cached version for the secret.
 *
 * @param secretId
 *            The secret identifier.  This identifier could be the full ARN
 *            or the friendly name for the secret.
 * @param versionId
 *            The version identifier that should be used when requesting the
 *            secret value from AWS Secrets Manager.
 * @param client
 *            The AWS Secrets Manager client to use for requesting the secret.
 * @param config
 *            The secret cache configuration.
 */
public SecretCacheVersion(final String secretId,
                          final String versionId,
                          final AWSSecretsManager client,
                          final SecretCacheConfiguration config) {
    super(secretId, client, config);
    this.versionId = versionId;
    hash = String.format("%s %s", secretId, versionId).hashCode();
}
 

/**
 * Construct a new cached item for the secret.
 *
 * @param secretId
 *            The secret identifier.  This identifier could be the full ARN
 *            or the friendly name for the secret.
 * @param client
 *            The AWS Secrets Manager client to use for requesting the secret.
 * @param config
 *            The secret cache configuration.
 */
public SecretCacheObject(final String secretId,
                         final AWSSecretsManager client,
                         final SecretCacheConfiguration config) {
    this.secretId = secretId;
    this.client = client;
    this.config = config;
}
 

/**
 * Construct a new cached item for the secret.
 *
 * @param secretId
 *            The secret identifier.  This identifier could be the full ARN
 *            or the friendly name for the secret.
 * @param client
 *            The AWS Secrets Manager client to use for requesting the secret.
 * @param config
 *            Cache configuration.
 */
public SecretCacheItem(final String secretId,
                       final AWSSecretsManager client,
                       final SecretCacheConfiguration config) {
    super(secretId, client, config);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerMySQLDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerOracleDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerMSSQLServerDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
protected AWSSecretsManagerDriver(SecretCacheConfiguration cacheConfig) {
    this(new SecretCache(cacheConfig));
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerPostgreSQLDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerMariaDBDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}
 

/**
 * Constructs the driver setting the properties from the properties file using system properties as defaults.
 * Instantiates the secret cache with the provided cache configuration.
 *
 * @param cacheConfig                                       Cache configuration to instantiate cache
 */
public AWSSecretsManagerDummyDriver(SecretCacheConfiguration cacheConfig) {
    super(cacheConfig);
}