Merge pull request #894 from agabeev-godaddy/aws-sdk-v2

Upgrade AWS SDK to v2
godaddy · Jun 6, 2023 · 19904ff · 19904ff
2 parents b4d07cb + b63270f
commit 19904ff
Show file tree

Hide file tree

Showing 10 changed files with 465 additions and 297 deletions.
diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md
@@ -17,3 +17,4 @@ These people contributed to Asherah's design, implementation, testing, and open
   * Nikhil Lohia ([@nikoo28](https://github.com/nikoo28))
   * Ryanne Fox
   * Sushant Mimani ([@sushantmimani](https://github.com/sushantmimani))
+  * Artyom Gabeev
diff --git a/java/app-encryption/README.md b/java/app-encryption/README.md
@@ -30,7 +30,7 @@ You can specify the current release of Asherah as a project dependency using the
   <dependency>
     <groupId>com.godaddy.asherah</groupId>
     <artifactId>appencryption</artifactId>
-    <version>0.1.1</version>
+    <version>0.3.0</version>
   </dependency>
 </dependencies>
 ```
@@ -97,13 +97,14 @@ build the metastore by calling the `build` method.
  - **withTableName**: Specifies the name of the DynamoDb table.
  - **withRegion**: Specifies the region for the AWS DynamoDb client.
  - **withEndPointConfiguration**: Adds an EndPoint configuration to the AWS DynamoDb client.
+ - **withClientOverride**: Specifies a custom AWS DynamoDb client. Region and endpoint configuration will be ignored if custom client is provided.
 
 Below is an example of a DynamoDB metastore that uses a Global Table named `TestTable`
 
 ```java
-Metastore dynamoDbMetastore = DynamoDbMetastoreImpl.newBuilder()
-      .withKeySuffix("us-west-2")
+Metastore dynamoDbMetastore = DynamoDbMetastoreImpl.newBuilder("us-west-2")
       .withTableName("TestTable")
+      .withKeySuffix()
       .build();
 ```
 
@@ -129,6 +130,17 @@ Map<String, String> regionMap = ImmutableMap.of("us-east-1", "arn_of_us-east-1",
 KeyManagementService keyManagementService = AwsKeyManagementServiceImpl.newBuilder(regionMap, "us-east-1").build();
 ```
 
+It is possible to specify AWS KMS client factory to be used, instead of default one:
+```java
+// Define AWS KMS client factory
+AwsKmsClientFactory awsKmsClientFactory = ...;
+
+// Build the Key Management Service using the region map and your preferred (usually current) region and custom AWS KMS client factory
+KeyManagementService keyManagementService = AwsKeyManagementServiceImpl.newBuilder(regionMap, "us-east-1")
+    .withAwsKmsClientFactory(awsKmsClientFactory)
+    .build();
+``` 
+
 #### Static KMS (FOR TESTING ONLY)
 
 ```java

diff --git a/java/app-encryption/pom.xml b/java/app-encryption/pom.xml
@@ -4,7 +4,7 @@
 
   <groupId>com.godaddy.asherah</groupId>
   <artifactId>appencryption</artifactId>
-  <version>0.2.5</version>
+  <version>0.3.0</version>
   <name>Asherah</name>
   <description>
     An application-layer encryption SDK that provides advanced encryption features and in depth defense against
@@ -45,6 +45,7 @@
     <apache.commons.version>3.12.0</apache.commons.version>
     <amazonaws.version>1.21.1</amazonaws.version>
     <aws.sdk.version>1.12.468</aws.sdk.version>
+    <aws.sdk-v2.version>2.20.69</aws.sdk-v2.version>
     <bouncycastle.version>1.70</bouncycastle.version>
     <build.helper.version>3.3.0</build.helper.version>
     <caffeine.version>3.1.6</caffeine.version>
@@ -299,21 +300,15 @@
     </dependency>
 
     <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-core</artifactId>
-      <version>${aws.sdk.version}</version>
-    </dependency>
-
-    <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-kms</artifactId>
-      <version>${aws.sdk.version}</version>
+      <groupId>software.amazon.awssdk</groupId>
+      <artifactId>kms</artifactId>
+      <version>${aws.sdk-v2.version}</version>
     </dependency>
 
     <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-dynamodb</artifactId>
-      <version>${aws.sdk.version}</version>
+      <groupId>software.amazon.awssdk</groupId>
+      <artifactId>dynamodb</artifactId>
+      <version>${aws.sdk-v2.version}</version>
     </dependency>
 
     <dependency>
@@ -323,6 +318,12 @@
     </dependency>
 
     <!-- Test Dependencies -->
+    <dependency>
+      <groupId>com.amazonaws</groupId>
+      <artifactId>aws-java-sdk-dynamodb</artifactId>
+      <version>${aws.sdk.version}</version>
+      <scope>test</scope>
+    </dependency>
 
     <dependency>
       <groupId>ch.qos.logback</groupId>

diff --git a/java/app-encryption/src/it/java/com/godaddy/asherah/TestSetup.java b/java/app-encryption/src/it/java/com/godaddy/asherah/TestSetup.java
@@ -6,23 +6,35 @@
 import com.godaddy.asherah.appencryption.kms.AwsKeyManagementServiceImpl;
 import com.godaddy.asherah.appencryption.kms.KeyManagementService;
 import com.godaddy.asherah.appencryption.kms.StaticKeyManagementServiceImpl;
-import com.godaddy.asherah.appencryption.persistence.DynamoDbMetastoreImpl;
-import com.godaddy.asherah.appencryption.persistence.InMemoryMetastoreImpl;
-import com.godaddy.asherah.appencryption.persistence.JdbcMetastoreImpl;
-import com.godaddy.asherah.appencryption.persistence.Metastore;
+import com.godaddy.asherah.appencryption.persistence.*;
 import com.google.common.base.Splitter;
 import com.zaxxer.hikari.HikariDataSource;
 import org.apache.commons.lang3.StringUtils;
 import org.json.JSONObject;
+import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
+import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
 
 import java.io.File;
 import java.io.IOException;
+import java.net.URI;
 import java.util.Map;
 
 import static com.godaddy.asherah.testhelpers.Constants.*;
 
 public class TestSetup {
 
+  public static DynamoDbClient createDynamoDbClient(String endpoint, String region) {
+    return DynamoDbClient.builder()
+      .region(Region.of(region))
+      .endpointOverride(URI.create(endpoint))
+      .credentialsProvider(
+        StaticCredentialsProvider.create(
+          AwsBasicCredentials.create("test", "test")))
+      .build();
+  }
+
   public static Metastore<JSONObject> createMetastore() {
     String metastoreType = configReader().getMetastoreType();
     if (metastoreType.equalsIgnoreCase(METASTORE_JDBC)) {
@@ -37,10 +49,6 @@ public static Metastore<JSONObject> createMetastore() {
       return JdbcMetastoreImpl.newBuilder(dataSource).build();
     }
 
-    if (metastoreType.equalsIgnoreCase(METASTORE_DYNAMODB)) {
-      return DynamoDbMetastoreImpl.newBuilder("us-west-2").build();
-    }
-
     return new InMemoryMetastoreImpl<>();
   }
 

diff --git a/java/app-encryption/src/it/java/com/godaddy/asherah/regression/DynamoDbGlobalTableIT.java b/java/app-encryption/src/it/java/com/godaddy/asherah/regression/DynamoDbGlobalTableIT.java
@@ -1,22 +1,19 @@
 package com.godaddy.asherah.regression;
 
-import com.amazonaws.client.builder.AwsClientBuilder;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
-import com.amazonaws.services.dynamodbv2.document.DynamoDB;
 import com.amazonaws.services.dynamodbv2.local.main.ServerRunner;
 import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer;
-import com.amazonaws.services.dynamodbv2.model.AttributeDefinition;
-import com.amazonaws.services.dynamodbv2.model.CreateTableRequest;
-import com.amazonaws.services.dynamodbv2.model.KeySchemaElement;
-import com.amazonaws.services.dynamodbv2.model.KeyType;
-import com.amazonaws.services.dynamodbv2.model.ProvisionedThroughput;
-import com.amazonaws.services.dynamodbv2.model.ScalarAttributeType;
 import com.godaddy.asherah.TestSetup;
 import com.godaddy.asherah.appencryption.Session;
 import com.godaddy.asherah.appencryption.SessionFactory;
 import com.godaddy.asherah.appencryption.persistence.DynamoDbMetastoreImpl;
 import com.godaddy.asherah.utils.PayloadGenerator;
 import com.godaddy.asherah.utils.SessionFactoryGenerator;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
+import software.amazon.awssdk.services.dynamodb.model.AttributeDefinition;
+import software.amazon.awssdk.services.dynamodb.model.KeySchemaElement;
+import software.amazon.awssdk.services.dynamodb.model.KeyType;
+import software.amazon.awssdk.services.dynamodb.model.ProvisionedThroughput;
+import software.amazon.awssdk.services.dynamodb.model.ScalarAttributeType;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -43,22 +40,37 @@ public void setup() throws Exception {
     server.start();
 
     // Setup client pointing to our local dynamodb
-    DynamoDB dynamoDbDocumentClient = new DynamoDB(
-      AmazonDynamoDBClientBuilder.standard()
-        .withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(
-          "http://localhost:" + DYNAMO_DB_PORT, "us-west-2"))
-        .build());
+    DynamoDbClient dynamoDbClient =
+      TestSetup.createDynamoDbClient("http://localhost:" + DYNAMO_DB_PORT, "us-west-2");
 
     // Create table schema
-    dynamoDbDocumentClient.createTable(new CreateTableRequest()
-      .withTableName(TABLE_NAME)
-      .withKeySchema(
-        new KeySchemaElement(PARTITION_KEY, KeyType.HASH),
-        new KeySchemaElement(SORT_KEY, KeyType.RANGE))
-      .withAttributeDefinitions(
-        new AttributeDefinition(PARTITION_KEY, ScalarAttributeType.S),
-        new AttributeDefinition(SORT_KEY, ScalarAttributeType.N))
-      .withProvisionedThroughput(new ProvisionedThroughput(1L, 1L)));
+    dynamoDbClient.createTable(request ->
+      request
+        .tableName(TABLE_NAME)
+        .keySchema(
+          KeySchemaElement.builder()
+            .attributeName(PARTITION_KEY)
+            .keyType(KeyType.HASH)
+            .build(),
+          KeySchemaElement.builder()
+            .attributeName(SORT_KEY)
+            .keyType(KeyType.RANGE)
+            .build())
+        .attributeDefinitions(
+          AttributeDefinition.builder()
+            .attributeName(PARTITION_KEY)
+            .attributeType(ScalarAttributeType.S)
+            .build(),
+          AttributeDefinition.builder()
+            .attributeName(SORT_KEY)
+            .attributeType(ScalarAttributeType.N)
+            .build())
+        .provisionedThroughput(ProvisionedThroughput.builder()
+          .readCapacityUnits(1L)
+          .writeCapacityUnits(1L)
+          .build()));
+
+    dynamoDbClient.close();
   }
 
   @AfterEach
@@ -67,11 +79,13 @@ public void teardown() throws Exception {
   }
 
   private SessionFactory getSessionFactory(boolean withKeySuffix, String region) {
-    DynamoDbMetastoreImpl.BuildStep builder = DynamoDbMetastoreImpl.newBuilder(region)
-      .withEndPointConfiguration("http://localhost:" + DYNAMO_DB_PORT, "us-west-2");
+    DynamoDbClient dynamoDbClient =
+      TestSetup.createDynamoDbClient("http://localhost:" + DYNAMO_DB_PORT, "us-west-2");
+    DynamoDbMetastoreImpl.Builder builder = DynamoDbMetastoreImpl.newBuilder(region);
+    builder.withClientOverride(dynamoDbClient);
 
     if (withKeySuffix) {
-      builder = builder.withKeySuffix();
+      builder.withKeySuffix();
     }
 
     DynamoDbMetastoreImpl dynamoDbMetastore = builder.build();