Skip to content

Instantly share code, notes, and snippets.

@elonderin

elonderin/AwsParamStoreHowtoTest.java

Forked from adrian-baker/AWSCredentialsProvider.java
Last active November 2, 2018 12:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save elonderin/50211bf3a0009b391310b80c7a3e26ee to your computer and use it in GitHub Desktop.
Save elonderin/50211bf3a0009b391310b80c7a3e26ee to your computer and use it in GitHub Desktop.
Download ZIP
Raw
AwsParamStoreHowtoTest.java
import static org.junit.Assert.assertEquals;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.profile.internal.AllProfiles;
import com.amazonaws.auth.profile.internal.AwsProfileNameLoader;
import com.amazonaws.auth.profile.internal.BasicProfile;
import com.amazonaws.auth.profile.internal.BasicProfileConfigLoader;
import com.amazonaws.auth.profile.internal.ProfileAssumeRoleCredentialsProvider;
import com.amazonaws.auth.profile.internal.ProfileStaticCredentialsProvider;
import com.amazonaws.auth.profile.internal.securitytoken.STSProfileCredentialsServiceLoader;
import com.amazonaws.profile.path.AwsProfileFileLocationProvider;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder;
import com.amazonaws.services.simplesystemsmanagement.model.DescribeParametersRequest;
import com.amazonaws.services.simplesystemsmanagement.model.DescribeParametersResult;
import com.amazonaws.services.simplesystemsmanagement.model.ParameterMetadata;
import java.util.HashMap;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* this one is to figure out how to access the AWS Paramstore on the test account in connection with IAM, MFA, etc ... die welt liegt uns zu
* fuessen und wir stehen drauf ;).
*
* @author menzelt
* @since #89
*/
public class AwsParamStoreHowtoTest {
// @Rule
// public TestLogger testLogger = new TestLogger();
/** The log. */
protected final Logger log = LoggerFactory.getLogger(getClass());
/**
* this class is just a prep to turn this into a spring config.
*/
static class Config {
/**
* the current active AWS profile as per ENV/JAVA -D parameter.
*
* @note the loadProfileName() is a misnomer as it aint loading anything but evaluates those configs
*/
private final String activeProfileName = AwsProfileNameLoader.INSTANCE.loadProfileName();
/**
* Ssm client.
*
* @return the AWS simple systems management
*/
AWSSimpleSystemsManagement ssmClient() {
final AWSSimpleSystemsManagementClientBuilder builder = AWSSimpleSystemsManagementClientBuilder.standard();
final AllProfiles allProfiles = getAllProfiles();
final BasicProfile activeProfile = allProfiles.getProfile(activeProfileName);
final AWSSimpleSystemsManagement defaultClient = builder.withRegion(activeProfile.getRegion())
.withCredentials(getCredentialsProvider(allProfiles, activeProfile))
.build();
return defaultClient;
}
/**
* this reads from the .aws/ the current crdentials as per the AWS_PROFILE env var
*
* @param allProfiles the all profiles
* @param activeProfile the active profile
* @return the credentials provider
* @see taken from https://github.com/aws/aws-sdk-java/issues/803#issuecomment-374043898
*/
private AWSCredentialsProvider getCredentialsProvider(final AllProfiles allProfiles, final BasicProfile activeProfile) {
if (activeProfile.isRoleBasedProfile()) {
return new ProfileAssumeRoleCredentialsProvider(STSProfileCredentialsServiceLoader.getInstance(), allProfiles, activeProfile);
}
else {
return new ProfileStaticCredentialsProvider(activeProfile);
}
}
/**
* Gets the all profiles.
*
* @return the all profiles
*/
private AllProfiles getAllProfiles() {
final AllProfiles allProfiles =
new AllProfiles(Stream.concat(BasicProfileConfigLoader.INSTANCE.loadProfiles(AwsProfileFileLocationProvider.DEFAULT_CONFIG_LOCATION_PROVIDER.getLocation())
.getProfiles()
.values()
.stream(),
BasicProfileConfigLoader.INSTANCE.loadProfiles(AwsProfileFileLocationProvider.DEFAULT_CREDENTIALS_LOCATION_PROVIDER.getLocation())
.getProfiles()
.values()
.stream())
.map(profile -> new BasicProfile(profile.getProfileName()
.replaceFirst("^profile ", ""),
profile.getProperties()))
.collect(Collectors.toMap(profile -> profile.getProfileName(),
profile -> profile,
(left, right) -> {
final Map<String,
String> properties =
new HashMap<>(left.getProperties());
properties.putAll(right.getProperties());
return new BasicProfile(left.getProfileName(),
properties);
}))) {
/**
*/
@Override
public BasicProfile getProfile(final String profileName) {
final BasicProfile profile = super.getProfile(profileName);
if (profile == null) {
throw new RuntimeException(String.format("Profile '%s' not found in %s",
profileName,
getProfiles().keySet()));
}
return profile;
}
};
return allProfiles;
}
}
/**
* preconditions:
* <ul>
* <li>have some props in the AWS param store
* <li>have ur .aws/config & credentials setup with valid keys
* </ul>
*/
@Test
public void testGetParams() throws Exception {
final Config config = new Config();
final DescribeParametersResult params = config.ssmClient().describeParameters(new DescribeParametersRequest());
assertEquals("expected to have at least some properties config'ed", true, params.getParameters().size() > 0);
for (final ParameterMetadata param : params.getParameters()) {
log.debug("param: " + param);
}
}
}
@elonderin
Copy link
Author

i expanded on the solution to also get the region from the profile as this is affected also by bug #803

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment