Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS Java SDK - Issues between V2 and secrets manager jdbc

0

Hello,

I have a Java application that uses some V2 dependencies to manage our AWS environment. Than, these are my other aws dependencies

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>secretsmanager</artifactId>
    <version>2.21.21</version>
</dependency>
<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>cloudfront</artifactId>
    <version>2.21.21</version>
</dependency>

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>s3</artifactId>
    <version>2.21.21</version>
    
</dependency>

To connect to our S3 buckets we build the S3 client in this way

S3ClientBuilder builder = S3Client.builder().region(Region.of(this.regionName)).forcePathStyle(true);
S3Client client = builder.build();

Now we need to use SecretsManager to manage the RDS DB credentials, so we added this dependency to our pom.xml

<dependency>
    <groupId>com.amazonaws.secretsmanager</groupId>
    <artifactId>aws-secretsmanager-jdbc</artifactId>
    <version>2.0.0</version>
</dependency>

and modified our application.yml to connect via SM.

spring:
 datasource:
    driver-class-name: com.amazonaws.secretsmanager.sql.AWSSecretsManagerMySQLDriver
    url: jdbc-secretsmanager:mysql://db_url:3306/db
    username: db/secret/test

The DB connection works well but we cannot build the S3Client anymore: the thread with it hangs indefinitely, no error, no exit, it just hang forever blocking all the application. As soon as we remove the aws-secretsmanager-jdbc dependency everything works well again. It looks like there is some incompatibility between the V2 sdk and the JDBC one. Any advice on how to use both? Thanks

Argomenti
DatabaseSicurezza, identità e conformitàSviluppo Java
Tag
DatabaseGestore AWS SecretsSviluppo Java
Lingua
English
mario
posta 6 mesi fa367 visualizzazioni
1 Risposta
0

Hello, Thank you for contacting AWS.

Could you please provide/confirm below information:

1)Sample code to reproduce the issue (it would be better is sample Maven project along with pom.xml and other files could be shared). 2)Customer application type 3)Application execution environment

4)Was below code executing successfully earlier: S3ClientBuilder builder = S3Client.builder().region(Region.of(this.regionName)).forcePathStyle(true); S3Client client = builder.build();

5)In apart from changing code to use aws-secretsmanager-jdbc package, what additional changes were made (e.g. IAM role/permissions added/removed, etc.) 6)How are credentials configured? (per documentation at https://github.com/aws/aws-secretsmanager-jdbc#credentials, the aws-secretsmanager-jdbc uses default credential profile chain).

AWS
rePost-User-2912429
con risposta 6 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente