stackoom
  简体   繁体   中英

How do I connect to my AWS DynamoDB instance from a Spring Java Elastic Beanstalk app?

 原文  2018-06-07 18:36:37       java/ amazon-web-services/ amazon-dynamodb/ amazon-elastic-beanstalk

Question

I am dabbling with DynamoDB and have written an application using Spring Boot.

I have developed it locally (on my own desktop) connecting to my own instance of DynamoDB also running locally. My connection info is held in a properties file in resources (included in the classpath).

I want to run it on Elastic Beanstalk in AWS to connect to a AWS-hosted DynamoDB instance.

What should I put in my properties file? or better yet, does AWS make it easy to have environment-specific properties? I would, for example, prefer to not have to hold my live instance access keys in a plain text file in source control. Or should I roll my own mechanism?

1 answers

solution1
 0  2018-06-07 22:20:47

This question is really two questions: 1) How to connect a Java application to an AWS Dynamo DB instance and 2) How to securely manage credentials.

For 1 it is pretty straightforward, there is a java AWS SDK that provides an interface for connecting to Dynamo instances. The main way is to export some AWS credentials as environment variables, and then the AWS SDK will pick them up and authenticate automatically: 

export AWS_ACCESS_KEY_ID=your_access_key_id
export AWS_SECRET_ACCESS_KEY=your_secret_access_key

Then you can instantiate a Dynamo client in your code: 

AmazonDynamoDB client = AmazonDynamoDBClientBuilder.standard()
    .withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(
        "http://localhost:8000",
        "us-west-2"))
    .build();

https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/CodeSamples.Java.html

For 2, there is no one correct answer. I do agree with you that putting credentials in plain text in the repo is not a great way to go. There are several better ways. The basic idea is that you would encrypt the text file holding your secrets in the repo and then decrypt it when deploying. This decryption can be done manually or in some kind of deploy script. Look into AWS KMS services for AWS secrets management. Unfortunately your question is too open-ended to answer more concretely.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to connect to a google cloud sql instance from AWS elastic beanstalk How do I upload an updated JAR to an existing Java Elastic Beanstalk instance using the AWS CLI 2? How do I keep my Elastic Beanstalk instance healthy when using Spring WebSecurityConfigurerAdapter? How do I access servlets after deploying to AWS Elastic Beanstalk? How do I configure a load balancer in an AWS Elastic Beanstalk environment? How can I clone an Elastic Beanstalk environment from the AWS SDK for Java? How do I get the Client Hostname and/or client IP address from within a Spring Boot application in Elastic Beanstalk? AWS Elastic Beanstalk (single instance) : how to enable HTTPS for a Spring Boot application? How do I connect to AWS RDS MySQL from Java/Spring application using AWS IAM Authentication? Deploying Spring on AWS Elastic Beanstalk
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM