Menu
I am using the code below to update a secret in Amazon's secret manager service. Shortly after I update the secret value, I retrieve the secret from AWS, and it isn't the most recently updated value. The code below doesn't throw an exceptions. I am looking for best practices on how to confirm an update to AWS secret manager is successful.
public void updateSecretValue(String fullAwsKey, String keyValue) {
UpdateSecretRequest updateSecretRequest = new UpdateSecretRequest ().withSecretId(fullAwsKey);
updateSecretRequest.setSecretString(keyValue);
AWSSecretsManager client = buildAWSSecretsManager();
try {
performUpdate(updateSecretRequest, client);
} catch (SdkClientException e) {
throw new RuntimeException(e);
} finally {
client.shutdown();
}
}
protected void performUpdate(UpdateSecretRequest updateSecretRequest, AWSSecretsManager client) {
boolean processed = false;
int tryCount = 0;
while (!processed) {
UpdateSecretResult result = client.updateSecret(updateSecretRequest);
if (result.getSdkHttpMetadata().getHttpStatusCode() == 200) {
processed = true;
} else {
tryCount++;
if (tryCount >= 5) {
throw new RuntimeException("performUpdate, unable to update secret: " + result.toString());
}
}
}
}
563
You are using the older V1 API. Amazon recommends using AWS SDK for Java 2.x, which is a major rewrite of the 1.11.x code base built on top of Java 8+. Java SDK 2.x has improved consistency, ease of use, and strongly enforced immutability. It also has support for non-blocking I/O and the ability to plug in a different HTTP implementation at run time.
Here is the Secret Manager V2 examples:
https://github.com/awsdocs/aws-doc-sdk-examples/tree/master/javav2/example_code/secretsmanager/src/main/java/com/example/secrets
If you are not familiar with getting up and running with V2 APIs, then please refer to this topic that will explain it:
Get started with the AWS SDK for Java 2.x
163
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
