Vendor app based on Java running in AWS EKS to connect to RDS Oracle using Secrets Manager
Satish568 opened this issue · 4 comments
Describe the bug
Deploying Vendor app build on Java to AWS EKS and need to connect to RDS-Oracle through Secret Manager for the db credentials. Currently in the data source definition of "context.xml" referring to the secrets manager jar file in order to fetch the password dynamically from secrets manager resource and use that user & password retrieved to connect to the db. Currently its just giving invalid error in the log during the app startup.
java.sql.SQLException: Cannot create PoolableConnectionFactory (ORA-01017: invalid username/password; logon denied
It just gives the above error with out any additional logging.
Questions:
- We are using Vendor app, don't have ability to pass the "secretmanager.properties" file by embedded in to the source code. What are the other ways to pass the below two settings to the container pod.
Set a PrivateLink DNS endpoint URL and a region in the secretsmanager.properties file:
drivers.vpcEndpointUrl= #The endpoint URL
drivers.vpcEndpointRegion= #The endpoint region
- Currently the secrets manager jdbc jar file is not even able to reach the "secrets manager" resource, however nothing is written in the app start up logs except the invalid user/password login message.
==================================
To Reproduce
Steps to reproduce the behavior:
- Java Application with tomcat app server having context.xml to configure the data source using the secrets manager integration to fetch the username and password dynamically.
Below is the datasource config in the context.xml file.
For "user" field passing the secretID and hoping that AWS Secret Manager driver use that secretID to fetch the user & password from the SecretManager resource.
Expected behavior
A description of what you expected to happen.
When the app comes up it loads the context,xml and do the data source connectivity which internally goes to the secrets manager for the data source credentials.
===================
Environment:
Details about your environment (OS, Java version, AWS SDK version...)
openjdk version "11.0.15" 2022-04-19
aws-secretsmanager-jdbc-1.0.11.jar
aws-java-sdk-secretsmanager-1.12.95.jar
================
Additional context
Add any other context about the problem here.
Thank you for reporting this Satish. We have noted this as an enhancement request.