[英]What is the best way to switch AWSCredentialsProviders?
I am writing a Java application that users Spring for dependency injection and AWS for various services. 我正在编写一个Java应用程序,该用户使用Spring进行依赖注入,使用AWS进行各种服务。 I will be deploying the application to EC2. 我将把应用程序部署到EC2。 The issue I am having is setting the AWS credentials in a secure way during development/deployment. 我遇到的问题是在开发/部署期间以安全的方式设置AWS凭证。 Because the service is running on EC2, I would like to use the InstanceProfileCredentialsProvider in production. 因为该服务在EC2上运行,所以我想在生产中使用InstanceProfileCredentialsProvider 。 However, these credentials are not available during development. 但是,这些凭证在开发期间不可用。
Almost all the AWS clients are currently injected using Spring. 当前,几乎所有的AWS客户端都是使用Spring注入的。 Here is an example using DynamoDB: 这是使用DynamoDB的示例:
@Lazy
@Configuration
public class SpringConfiguration {
@Bean(name = "my.dynamoDB")
public DynamoDB dynamoDB() {
return DynamoDB dynamoDB = new DynamoDB(new AmazonDynamoDBClient(
new AWSCredentialsProvider() /* What should go here? */));
}
}
Any thoughts? 有什么想法吗?
Try creating a separate bean that returns a credentials provider. 尝试创建一个单独的返回证书提供者的bean。 Within that method switch between the two credential sources based on stage or host type. 在该方法中,根据阶段或主机类型在两个凭据源之间切换。
/**
* @return: an AWSCredentialsProvider appropriate for the stage.
*/
@Bean
public AWSCredentialsProvider awsCredentialsProvider() {
if(isProd() /* define what this means in your configuration code */) {
return new InstanceProfileCredentialsProvider()
} else {
return new AWSCredentialsProvider()
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.