How to invoke secrets from AWS Secrets Manager into code to get the data from an Amazon DyanmoDB table

0
votes

I have stored AWS IAM user Access key's and Secret keys in a secret of AWS Secrets Manager.

This secret is helpful to get the data from an Amazon DynamoDB table, and keys's having full access to the Amazon DynamoDB table. I need to use this secret in java/.Net code to retrieve the data from DynamoDB table.

Secretname: dynamodbtesting

Below is the sample key names which I used while creating secret.

{
 "aws_access_key_id": "value",
 "aws_secret_access_key": "secret value"
}

How to use secret in java/.Net code to get the date from DynamoDB table?

Note: I could see one sample code after creation of secret in secret manager, is it helpful?

2
amazon-web-servicesamazon-dynamodbaws-secrets-manager

2 Answers

0
votes

When using the AWS Java SDK, when you build the client which accesses dynamodb, you can pass credentials explicitly:

https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-explicit

For example:

BasicAWSCredentials awsCreds = new BasicAWSCredentials("access_key_id", "secret_key_id");
AmazonS3 dynamodbClient = AmazonDynamoDBClientBuilder.standard()
                    .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
                    .build();
0
votes

To answer your question: "How to use secret in java"

You can use the Secrets Manager Java API V2 to retrive a secret. The following Java code shows you how to perform this use case:

import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
import software.amazon.awssdk.services.secretsmanager.model.SecretsManagerException;
//snippet-end:[secretsmanager.java2.get_secret.import]

/**
 * To run this AWS code example, ensure that you have setup your development environment, including your AWS credentials.
 *
 * For information, see this documentation topic:
 *
 *https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
 */

public class GetSecretValue {

    public static void main(String[] args) {

        final String USAGE = "\n" +
                "Usage:\n" +
                "    GetSecretValue  <secretName> \n\n" +
                "Where:\n" +
                "    secretName - the name of the secret (for example, tutorials/MyFirstSecret). \n";

        if (args.length != 1) {
            System.out.println(USAGE);
            System.exit(1);
        }

        String secretName = args[0];
        Region region = Region.US_EAST_1;
        SecretsManagerClient secretsClient = SecretsManagerClient.builder()
                .region(region)
                .build();

        getValue(secretsClient, secretName);
        secretsClient.close();
    }

    //snippet-start:[secretsmanager.java2.get_secret.main]
    public static void getValue(SecretsManagerClient secretsClient,String secretName) {

        try {
            GetSecretValueRequest valueRequest = GetSecretValueRequest.builder()
                .secretId(secretName)
                .build();

            GetSecretValueResponse valueResponse = secretsClient.getSecretValue(valueRequest);
            String secret = valueResponse.secretString();
            System.out.println(secret);

        } catch (SecretsManagerException e) {
            System.err.println(e.awsErrorDetails().errorMessage());
            System.exit(1);
        }
    }
    //snippet-end:[secretsmanager.java2.get_secret.main]
}

You can find this example and others for this AWS Service here:

https://github.com/awsdocs/aws-doc-sdk-examples/tree/master/javav2/example_code/secretsmanager