By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Need Assistance with Boilerplate SNS Publish Authentication

0

I'm trying to set up a code example with the boilerplate SNS Publish Message java code example.

https://github.com/awsdocs/aws-doc-sdk-examples/blob/main/javav2/example_code/sns/src/main/java/com/example/sns/PublishTopic.java

There are three problems:

  1. Even though I've configured my credentials file in the .aws directory with the credentials, I get the following error: "Profile file contained no credentials for profile 'default'", etc.
  2. Even if we got point #1 working, this is not how we want to do it. We'd prefer the AWS credentials to be stored in Java Environment variables in a properties file associated with the project, so the code is dependent on the user's setup. (It's supposed to be an example.)
  3. There's apparently a problem everyone in my department is having with our AWS credentials, in that the AWS Session Token is only valid for 10 minutes after generation via the AWS Command Line console. We need a way around this.

Thanks in advance

Topics
Application Integration
Tags
Amazon Simple Notification Service (SNS)
Language
English
JFoelster_ETS
asked a year ago491 views
2 Answers
1

You are correct. The code example does need import statements for the AWSCredentials and BasicAWSCredentials classes. Here is the full code with the import statements included:

import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.services.sns.AmazonSNS;
import com.amazonaws.services.sns.AmazonSNSClientBuilder;

public class SNSApp {
    public static void main(String[] args) {
        String accessKey = System.getenv("AWS_ACCESS_KEY_ID");
        String secretKey = System.getenv("AWS_SECRET_ACCESS_KEY");
    
        AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey);
    
        AmazonSNS snsClient = AmazonSNSClientBuilder.standard()
                                                    .withCredentials(new AWSStaticCredentialsProvider(credentials))
                                                    .withRegion("your-region")
                                                    .build();
    }
}

To find the required import statements, you can look at the AWS SDK for Java documentation. The AWSCredentials and BasicAWSCredentials classes are part of the com.amazonaws.auth package, and the AmazonSNSClientBuilder class is part of the com.amazonaws.services.sns package.

References:

https://docs.aws.amazon.com/sdk-for-java

https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/sns

EXPERT
cloudgeek7
answered a year ago
  • JFoelster_ETS
    a year ago

    This is incredibly helpful, thank you.

  • JFoelster_ETS
    a year ago

    Minor problem. The boss doesn't want me to import the jar file that would be needed to make com.amazonaws.auth format import statements work (says it needs to be Java 2.0 IIRC), and I need to have the import statements in the format of:

    import software.amazon.awssdk.auth.credentials.AwsCredentials;

    ...and so on. The above seems to be correct for the AwsCredentials object, but I can't figure out the matching import statement in that format for BasicAWSCredentials and AWSStaticCredentialsProvider.

    Thanks :/

1

For problem 1, you can resolve this error by either specifying the profile name in the Java code using the AWSCredentialsProvider interface, or by setting the AWS_PROFILE environment variable in your environment to the correct profile name.

Here's an example of how to specify the profile name in your Java code:

AWSCredentialsProvider credentialsProvider = new ProfileCredentialsProvider("your-profile-name");
AmazonSNS snsClient = AmazonSNSClientBuilder.standard()
                                            .withCredentials(credentialsProvider)
                                            .withRegion("your-region")
                                            .build();

For problem 2, you can store the AWS credentials in Java environment variables. You can then read the environment variables in your Java code using System.getenv("AWS_ACCESS_KEY_ID") and System.getenv("AWS_SECRET_ACCESS_KEY") to get the access key and secret access key, respectively. You can then use these values to build an instance of BasicAWSCredentials:

String accessKey = System.getenv("AWS_ACCESS_KEY_ID");
String secretKey = System.getenv("AWS_SECRET_ACCESS_KEY");

AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey);

AmazonSNS snsClient = AmazonSNSClientBuilder.standard()
                                            .withCredentials(new AWSStaticCredentialsProvider(credentials))
                                            .withRegion("your-region")
                                            .build();

For problem 3, you can use an IAM user with a longer session token. Alternatively, you can use the AWS SDK for Java's STSAssumeRoleSessionCredentialsProvider class to assume a role with a longer session token. This class will automatically refresh the session token when it expires. Here's an example:

String roleArn = "your-role-arn";
String roleSessionName = "your-role-session-name";

STSAssumeRoleSessionCredentialsProvider stsAssumeRoleSessionCredentialsProvider =
        new STSAssumeRoleSessionCredentialsProvider.Builder(roleArn, roleSessionName)
                .withStsClient(AmazonSTSClientBuilder.standard().withRegion("your-region").build())
                .build();

AmazonSNS snsClient = AmazonSNSClientBuilder.standard()
                                            .withCredentials(stsAssumeRoleSessionCredentialsProvider)
                                            .withRegion("your-region")
                                            .build();

P.S. The code is obtained from different source, please validate before applying.

EXPERT
cloudgeek7
answered a year ago
  • JFoelster_ETS
    a year ago

    World's dumbest follow up question. It looks like the AWSCredentials/BasicAWSCredentials objects in your 2nd code example above require import statements to get the relevant classes loaded in. I also don't know how to look up which import statement I need to add to get them to compile. (Useless, aren't I?)

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content