Forked from adrian-baker/AWSCredentialsProvider.java
Last active
November 2, 2018 12:04
-
-
Save elonderin/50211bf3a0009b391310b80c7a3e26ee to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import static org.junit.Assert.assertEquals; | |
import com.amazonaws.auth.AWSCredentialsProvider; | |
import com.amazonaws.auth.profile.internal.AllProfiles; | |
import com.amazonaws.auth.profile.internal.AwsProfileNameLoader; | |
import com.amazonaws.auth.profile.internal.BasicProfile; | |
import com.amazonaws.auth.profile.internal.BasicProfileConfigLoader; | |
import com.amazonaws.auth.profile.internal.ProfileAssumeRoleCredentialsProvider; | |
import com.amazonaws.auth.profile.internal.ProfileStaticCredentialsProvider; | |
import com.amazonaws.auth.profile.internal.securitytoken.STSProfileCredentialsServiceLoader; | |
import com.amazonaws.profile.path.AwsProfileFileLocationProvider; | |
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; | |
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder; | |
import com.amazonaws.services.simplesystemsmanagement.model.DescribeParametersRequest; | |
import com.amazonaws.services.simplesystemsmanagement.model.DescribeParametersResult; | |
import com.amazonaws.services.simplesystemsmanagement.model.ParameterMetadata; | |
import java.util.HashMap; | |
import java.util.Map; | |
import java.util.stream.Collectors; | |
import java.util.stream.Stream; | |
import org.junit.Test; | |
import org.slf4j.Logger; | |
import org.slf4j.LoggerFactory; | |
/** | |
* this one is to figure out how to access the AWS Paramstore on the test account in connection with IAM, MFA, etc ... die welt liegt uns zu | |
* fuessen und wir stehen drauf ;). | |
* | |
* @author menzelt | |
* @since #89 | |
*/ | |
public class AwsParamStoreHowtoTest { | |
// @Rule | |
// public TestLogger testLogger = new TestLogger(); | |
/** The log. */ | |
protected final Logger log = LoggerFactory.getLogger(getClass()); | |
/** | |
* this class is just a prep to turn this into a spring config. | |
*/ | |
static class Config { | |
/** | |
* the current active AWS profile as per ENV/JAVA -D parameter. | |
* | |
* @note the loadProfileName() is a misnomer as it aint loading anything but evaluates those configs | |
*/ | |
private final String activeProfileName = AwsProfileNameLoader.INSTANCE.loadProfileName(); | |
/** | |
* Ssm client. | |
* | |
* @return the AWS simple systems management | |
*/ | |
AWSSimpleSystemsManagement ssmClient() { | |
final AWSSimpleSystemsManagementClientBuilder builder = AWSSimpleSystemsManagementClientBuilder.standard(); | |
final AllProfiles allProfiles = getAllProfiles(); | |
final BasicProfile activeProfile = allProfiles.getProfile(activeProfileName); | |
final AWSSimpleSystemsManagement defaultClient = builder.withRegion(activeProfile.getRegion()) | |
.withCredentials(getCredentialsProvider(allProfiles, activeProfile)) | |
.build(); | |
return defaultClient; | |
} | |
/** | |
* this reads from the .aws/ the current crdentials as per the AWS_PROFILE env var | |
* | |
* @param allProfiles the all profiles | |
* @param activeProfile the active profile | |
* @return the credentials provider | |
* @see taken from https://github.com/aws/aws-sdk-java/issues/803#issuecomment-374043898 | |
*/ | |
private AWSCredentialsProvider getCredentialsProvider(final AllProfiles allProfiles, final BasicProfile activeProfile) { | |
if (activeProfile.isRoleBasedProfile()) { | |
return new ProfileAssumeRoleCredentialsProvider(STSProfileCredentialsServiceLoader.getInstance(), allProfiles, activeProfile); | |
} | |
else { | |
return new ProfileStaticCredentialsProvider(activeProfile); | |
} | |
} | |
/** | |
* Gets the all profiles. | |
* | |
* @return the all profiles | |
*/ | |
private AllProfiles getAllProfiles() { | |
final AllProfiles allProfiles = | |
new AllProfiles(Stream.concat(BasicProfileConfigLoader.INSTANCE.loadProfiles(AwsProfileFileLocationProvider.DEFAULT_CONFIG_LOCATION_PROVIDER.getLocation()) | |
.getProfiles() | |
.values() | |
.stream(), | |
BasicProfileConfigLoader.INSTANCE.loadProfiles(AwsProfileFileLocationProvider.DEFAULT_CREDENTIALS_LOCATION_PROVIDER.getLocation()) | |
.getProfiles() | |
.values() | |
.stream()) | |
.map(profile -> new BasicProfile(profile.getProfileName() | |
.replaceFirst("^profile ", ""), | |
profile.getProperties())) | |
.collect(Collectors.toMap(profile -> profile.getProfileName(), | |
profile -> profile, | |
(left, right) -> { | |
final Map<String, | |
String> properties = | |
new HashMap<>(left.getProperties()); | |
properties.putAll(right.getProperties()); | |
return new BasicProfile(left.getProfileName(), | |
properties); | |
}))) { | |
/** | |
*/ | |
@Override | |
public BasicProfile getProfile(final String profileName) { | |
final BasicProfile profile = super.getProfile(profileName); | |
if (profile == null) { | |
throw new RuntimeException(String.format("Profile '%s' not found in %s", | |
profileName, | |
getProfiles().keySet())); | |
} | |
return profile; | |
} | |
}; | |
return allProfiles; | |
} | |
} | |
/** | |
* preconditions: | |
* <ul> | |
* <li>have some props in the AWS param store | |
* <li>have ur .aws/config & credentials setup with valid keys | |
* </ul> | |
*/ | |
@Test | |
public void testGetParams() throws Exception { | |
final Config config = new Config(); | |
final DescribeParametersResult params = config.ssmClient().describeParameters(new DescribeParametersRequest()); | |
assertEquals("expected to have at least some properties config'ed", true, params.getParameters().size() > 0); | |
for (final ParameterMetadata param : params.getParameters()) { | |
log.debug("param: " + param); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
i expanded on the solution to also get the region from the profile as this is affected also by bug #803