Last active
August 31, 2020 05:54
-
-
Save davidrosenstark/4a33f2c0eab59d9d7e429bd1c20aea92 to your computer and use it in GitHub Desktop.
Java client to wrap access to AWS parameter store
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import com.amazonaws.ClientConfiguration; | |
import com.amazonaws.auth.AWSCredentialsProvider; | |
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; | |
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClient; | |
import com.amazonaws.services.simplesystemsmanagement.model.*; | |
import org.apache.commons.lang3.tuple.ImmutablePair; | |
import org.apache.commons.lang3.tuple.Pair; | |
import org.slf4j.Logger; | |
import org.slf4j.LoggerFactory; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.beans.factory.annotation.Value; | |
import org.springframework.context.annotation.Lazy; | |
import org.springframework.stereotype.Component; | |
import javax.annotation.PostConstruct; | |
import java.util.HashMap; | |
import java.util.List; | |
import java.util.Map; | |
import java.util.stream.Collectors; | |
/** | |
* Class to wrap getting and setting parameters in AWS Parameter Store | |
* Need to provide credentials or IAM role access to AWS Parameter Store | |
*/ | |
@Component | |
@Lazy | |
public class SSMClient { | |
@Autowired(required = false) | |
//this is not required if you are using IAM Role on instance | |
private AWSCredentialsProvider awsCredentialsProvider; | |
private AWSSimpleSystemsManagement awsSimpleSystemsManagement; | |
@Value("${ssm.region}") | |
//We have found that even if profile of Credentials has region still required to provide | |
private String region; | |
@Autowired(required = false) | |
//use this for custom configuration like acess via proxy | |
private ClientConfiguration clientConfiguration; | |
public SSMClient() { | |
} | |
//constructor for non spring use to class | |
public SSMClient(AWSCredentialsProvider awsCredentialsProvider, String region) { | |
this.awsCredentialsProvider = awsCredentialsProvider; | |
this.region = region; | |
} | |
@PostConstruct | |
public void init() { | |
awsSimpleSystemsManagement = AWSSimpleSystemsManagementClient.builder().withCredentials(awsCredentialsProvider) | |
.withClientConfiguration(clientConfiguration) | |
.withRegion(region).build(); | |
} | |
/** | |
* Get parameter from SSM, with or without encryption (use IAM role for decryption) | |
* Throws {@Link com.amazonaws.services.simplesystemsmanagement.model.ParameterNotFoundException} if not found | |
* @param key | |
* @param encryption | |
* @return value | |
*/ | |
public String getParameter(String key, boolean encryption) { | |
GetParameterRequest getparameterRequest = new GetParameterRequest().withName(key).withWithDecryption(encryption); | |
final GetParameterResult result = awsSimpleSystemsManagement.getParameter(getparameterRequest); | |
return result.getParameter().getValue(); | |
} | |
/** | |
* Get parameter from SSM by path, with or without encryption (use IAM role for decryption) | |
* Returns Map of all values, with all path parameters removed, since we assume that the path is for environment | |
* @param path | |
* @param encryption | |
* @return Map of all values in path | |
*/ | |
public Map<String, String> getParametersByPath(String path, boolean encryption) { | |
GetParametersByPathRequest getParametersByPathRequest = new GetParametersByPathRequest().withPath(path) | |
.withWithDecryption(encryption) | |
.withRecursive(true); | |
String token = null; | |
Map<String, String> params = new HashMap<>(); | |
do { | |
getParametersByPathRequest.setNextToken(token); | |
GetParametersByPathResult parameterResult = awsSimpleSystemsManagement.getParametersByPath | |
(getParametersByPathRequest); | |
token = parameterResult.getNextToken(); | |
params.putAll(addParamsToMap(parameterResult.getParameters())); | |
} while (token != null); | |
return params; | |
} | |
private Map<String,String> addParamsToMap(List<Parameter> parameters) { | |
return parameters.stream().map( param -> { | |
int envSeparator = param.getName().indexOf("/",1); | |
return new ImmutablePair<>(param.getName().substring(envSeparator+1), param.getValue()); | |
}).collect(Collectors.toMap(Pair::getLeft, Pair::getRight)); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Done