The version 2 of the AWS Java SDK is much less documented than the first one. Okay it's newer so there are less blogs and projects, obviously, but finding official code examples with v2 on AWS sites is a real struggle. Luckily, using the SDK has become much simpler and straightforward.
Every service will be accessed in a pretty much similar pattern. Let's say, you want to read some data you keep in the parameter store of AWS's SSM (Systems Manager). After you include in your project the BOM of AWS for versions and the SSM dependency:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>bom</artifactId>
<version>${aws.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
...
</dependencyManagement>
<dependencies>
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>ssm</artifactId>
</dependency>
...
Note: the biggest challenge is to figure out what is the artifact name for a certain AWS service, there's like zero references to that. But reading through the (huge) BOM with some common sense will let you find it.
The following piece of code will let you read your encrypted parameters by path.
final AwsCredentialsProviderChain chain = AwsCredentialsProviderChain
.of(ProfileCredentialsProvider.builder().build(), DefaultCredentialsProvider.create());
final SsmClient ssm = SsmClient.builder().credentialsProvider(chain).build();
final GetParametersByPathResponse secretsResult = ssm.getParametersByPath(
GetParametersByPathRequest.builder().path("/your/secrets").withDecryption(true).build());
The pattern is always the same:
- build a client, the AWS builder pattern will always be in the form of
YourNeededClient.builder().optionaldata().build()
- build a service request, again in the same pattern
YourNeededOperationRequest.builder().operationdata().build()
- call the operation
client.operationName(request)
- it will return a result of type
YourNeededOperationResult
where you can read the requested data. >Note: In my example the SsmClient needed also the credentials provider to grab the account key - the parameters were encrypted remember?
Your homework will be every time to search through the SDK classes: first find the client class name, find out the operation needed, deduce the request class name, and there you go. Sometimes you'll be able to find examples too, but you can try also blindly - most of the time the error messages will be pretty straightforward, like some request needs signing, or you're missing some needed role, or…
(Published as part of the #100DaysToOffload challenge https://100daystooffload.com/)
Top comments (0)