How can I use it with AWS SDK 2.x ?

Question

How can I use it with AWS SDK 2.x ?

Closed this issue 3 years ago · 10 comments

Hello,

I'm using aws-secretsmanager-jdbc 1.06 with springboot 2.3.4 and gradle:
implementation 'com.amazonaws.secretsmanager:aws-secretsmanager-jdbc:1.0.6'

It works for me locally, on my development PC, and I'm able to connect to Aurora Postgres with a secret coming from SecertsManager.

But I noticed that it loads by default java-sdk-core:1.11.418 and java-sdk-secretsmanager:1.11.418

I need to implement the same in EKS environment and assume IAM role for service account.
However, per AWS documentation, the minimal SDK version required is 2.10.11
https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-minimum-sdk.html

Any plan to support SDK 2.X dependency?
I saw that the underlying dependency aws-secretsmanager-caching-java has an opened PR on that:
aws/aws-secretsmanager-caching-java#6

Regards,
Ori.

Answer 1 · 2020-11-03T21:18:05.000Z

I added PR #51 .

Answer 2 · 2021-01-06T17:59:41.000Z

It's quite unfortunate that this library doesn't work with the newest SDK / with EKS. I spent basically a whole day trying to understand why it wouldn't work.

That said, despite what it says in the documentation, I was able to get version 1.0.6 of this library to work by including the following explicit dependencies:

runtimeOnly "com.amazonaws:aws-java-sdk-core:1.11.923"
runtimeOnly "com.amazonaws:aws-java-sdk-secretsmanager:1.11.923"
runtimeOnly "com.amazonaws:aws-java-sdk-sts:1.11.923"

Indeed, it appears that the WebIdentityTokenCredentialsProvider was added in AWS SDK version 1.11.603, although it also appears that aws-java-sdk-sts needs to be on the classpath for this to work.

Answer 3 · 2021-01-06T20:53:44.000Z

@Fryie , have you seen my PR #51 ?
It's working with SDK2.x also now.

Answer 4 · 2021-01-06T21:50:59.000Z

sure, but that PR is not merged nor is a new version released. this fix works with the currently released version.

Obviously, it would be better if this library used the new SDK, but we'll have to wait for the maintainers for that.

Answer 5 · 2021-05-26T16:18:26.000Z

Thank you for your feedback. We have noted this as a feature request.

Answer 6 · 2021-05-27T13:48:38.000Z

Thank you for your feedback. We have noted this as a feature request.

@willtong1234 , note PR #51 - why not simply merge it?

Answer 7 · 2022-02-01T16:42:50.000Z

@willtong1234 - it looks like @oridool has done the legwork to support a version 2 of this in both this project and the SecretCache one. I imagine you'd need a second release train so both major versions of the SDK can be supported. What help do you guys need to bring this over the line?

As it is, I'm faced with the horrible dilemma of rolling my own solution to this because I need something I can guarantee will be available and want to use SDK v2, even though this solution is an excellent one in itself.

Answer 8 · 2022-05-11T19:16:40.000Z

@simonmarty I see some movement in this repo again after quite a long time of silence. Are you able to share if migration to AWS SDK v2 is going to happen and when?

We at https://github.com/awspring/spring-cloud-aws considering integration with this library but only if there are plans to keep it maintained and if it gets migrated to AWS SDK v2.

Answer 9 · 2022-05-11T20:49:22.000Z

Migrating to AWS SDK v2 is not planned atm, you should be able to use the two versions of the SDK side-by-side. However, if this is causing you pain, please elaborate so we can investigate further.

Answer 10 · 2022-05-11T22:11:36.000Z

Having them side by side sounds like an acceptable temporary solutions, but ideally I would not like to clutter my application with two versions of dependencies that do the same.