Use AWSKMSClientBuilder #6
Conversation
| * .build(); | ||
| * </pre> | ||
| */ | ||
| public class KmsMasterKeyProviderBuilder { |
There was a problem hiding this comment.
This is already missing withMetricsCollector() and withRequestHandlers(). Does it make sense to simply inherit from AwsClientBuilder so that you always get the appropriate (and new) configuration as available? That said, I'm worried that you might need to use reflection (possibly Proxies, which would be ugly) to properly plumb all current and future calls to your inner client builder.
At the very least, please add withMetricsCollector() and withRequestHandlers() and consider more future proof solutions.
pom.xml
Outdated
| @@ -37,7 +37,7 @@ | |||
| <dependency> | |||
| <groupId>com.amazonaws</groupId> | |||
| <artifactId>aws-java-sdk</artifactId> | |||
| <version>1.10.61</version> | |||
| <version>1.11.18</version> | |||
There was a problem hiding this comment.
Upgrade & Builder change both of the part of the PR. Shouldn't the title say so?
| @@ -0,0 +1,71 @@ | |||
| package com.amazonaws.crypto.examples; | |||
There was a problem hiding this comment.
Examples are great however we should prefer unit test cases as they assert the functionality as part of the build and also show the usage of it.
There was a problem hiding this comment.
Yes, and we should also just update existing examples to use the new API instead of adding a new bespoke example.
There was a problem hiding this comment.
@bdonlan,
Since you are the contributor and know more about this project than I do.
I have commented it in other PR and asking the same question here again.
Do you think we should put examples as part of the main sdk library,
or we should either create separate maven modules or keep them under src/test?
Usually the tendency is that being it an example, developers can put less secured code and insensitive logging or other kinds of code which could be prone to security threats. e.g. example providing public methods or utils which could reveal secrets. This is the one example I can think of right now however there could be more.
just a thought.
There was a problem hiding this comment.
Generally I think if we're checking in example code we should make sure it's production quality example code that we want people to imitate. We should also avoid pulling in new dependencies for examples in the main repository. For the more complex example you refer to, since it involves a lot of moving parts (a client component, a server in lambda, a cloudformation template...) it might be preferable to split it off to avoid confusion - or maybe have it as a separate maven subproject in a subdirectory? I'm not enough of a maven expert to know if that is a good approach here though.
There was a problem hiding this comment.
agree with you.
I have maven expertise and will create PR so that you can review if it makes sense.
actually aws-encryption-sdk-java dir will have a pom.xml which links to poms inside 2 subdirectories. It looks something like:
aws-encryption-sdk-java\
-> pom.xml //artifact name for this can be aws-encryption-sdk-java-parent
-> aws-encryption-sdk-java-core
-> pom.xml, src //this generates aws-encryption-sdk-java artifact
-> aws-encryption-sdk-java-examples
-> pom.xml, src //this generates aws-encryption-sdk-java-examples artifactthis way, the renaming of repo (aws-encryption-sdk-java) will not be required. And the current and future users will not be affected.
| try { | ||
| kms_.setRegion(region); | ||
| } catch (UnsupportedOperationException e) { | ||
| // Ignored. Not a problem, region should already be set by the builder. |
| return region; | ||
| } else { | ||
| final String regionName = regionProvider.getRegion(); | ||
| if (regionName != null) { |
There was a problem hiding this comment.
instead of using US_WEST_2 as default, could we use Regions.getCurrentRegion()?
There was a problem hiding this comment.
Where do you see us using us-west-2 as default?
There was a problem hiding this comment.
This looks like a fallback in the case where the SDK's default region selection logic fails, which is reasonable enough.
There was a problem hiding this comment.
@SalusaSecondus,
in Regions.java inside aws-java-sdk-core:
/**
* The default region that new customers in the US are encouraged to use
* when using AWS services for the first time.
*/
public static final Regions DEFAULT_REGION = US_WEST_2;@bdonlan agree with you. looks good to me.
| @@ -83,7 +93,7 @@ | |||
| private Region region_ = Region.getRegion(Regions.DEFAULT_REGION); | |||
|
|
|||
| @Override | |||
| public void createAlias(CreateAliasRequest arg0) throws AmazonServiceException, AmazonClientException { | |||
| public CreateAliasResult createAlias(CreateAliasRequest arg0) throws AmazonServiceException, AmazonClientException { | |||
There was a problem hiding this comment.
I see changes in the contract here.
doesn't it break the existing test cases written by developers in their own applications?
There was a problem hiding this comment.
This is not part of the public API as it's in the test directory. It's also responding to breaking SDK API changes (i.e. it's a build fix after the dependency update).
| * .build(); | ||
| * </pre> | ||
| */ | ||
| public class KmsMasterKeyProviderBuilder extends AwsClientBuilder<KmsMasterKeyProviderBuilder, KmsMasterKeyProvider> { |
There was a problem hiding this comment.
So, one thing I note is that the Python SDK supports using key IDs from multiple regions in a single KMS MKP. I'd prefer to align the Java behavior more closely with the Python behavior in this regard, and we need to make sure the builder API we're creating here is amenable to this.
There was a problem hiding this comment.
I believe this is supported with withKeyIds.
withKeyIds does not set a region, so you could use withDefaultRegion, add multiple key IDs, and it should create a KMS MKP for the region you set in withDefaultRegion.
| /** | ||
| * Sets the region to be used by the client. Overrides any previously set region. | ||
| */ | ||
| public KmsMasterKeyProviderBuilder withRegion(Region region) { |
There was a problem hiding this comment.
I'd prefer to call this withDefaultRegion to leave open the possibility of supporting keys from multiple regions in the same client in future versions.
| } | ||
|
|
||
| /** | ||
| * Sets the region using a keyId. This will override any previously set regions. |
There was a problem hiding this comment.
We should only infer the region from a key ID if the user hasn't manually configured a region, to avoid confusion. The rule is that we'd use withDefaultRegion first, followed by the implied region in withKeyId, followed by the SDK default region.
There was a problem hiding this comment.
This sounds good to me. Should we throw an exception if the user tries to use withKeyId after they have already set a default region? Or just continue with the region set with withDefaultRegion?
I'm leaning towards being explicit, and throwing an exception so that there is no unexpected behavior on the user's end. But I could be swayed.
| @@ -125,7 +125,12 @@ protected KmsMasterKeyProvider(final AWSKMSClient kms, final Region region, fina | |||
| kms_ = kms; | |||
There was a problem hiding this comment.
We should @Deprecated the old constructors and encourage folks to move to the builder API.
I'd also suggest a builder() static method on KmsMasterKeyProvider for consistency with other builders in the SDK.
| @@ -0,0 +1,71 @@ | |||
| package com.amazonaws.crypto.examples; | |||
There was a problem hiding this comment.
Yes, and we should also just update existing examples to use the new API instead of adding a new bespoke example.
pom.xml
Outdated
| @@ -37,7 +37,7 @@ | |||
| <dependency> | |||
| <groupId>com.amazonaws</groupId> | |||
| <artifactId>aws-java-sdk</artifactId> | |||
There was a problem hiding this comment.
This will probably need a rebase.
|
I should note that it would be useful to be able to reuse KMS clients, but I don't want to tie us to an API for that until we know what multi-region KMS MKPs would look like. |
|
Regarding testing, we'll need to figure out how we want to run automated integration tests for this. We have some cross-language compatibility tests that operate on KMS, but I'm not sure if we've put those in a public repository just yet, and we certainly haven't set up a publicly visible test fleet using actual AWS credentials to run KMS calls. When we do that's probably the best place to put tests for client construction. |
austinmoore-
force-pushed
the
client-builders
branch
2 times, most recently
from
8d3813c to
40f8624
Compare
|
Since this isn't apparent by the commit messages, I've rebased this PR onto master. I've also added 2 new commits: |
|
Thanks for the submission, and sorry for the radio silence - it wasn't obvious that progress was happening on this for a while and it dropped off my raday. In the meantime, I've had some work-in-progress code that did something like this kicking around for a while in my local git repo and finally put it up as PR #40. The main notable differences are that the one I submitted supports contacting multiple regions from the same MKP, and marks a bunch of older methods as now being deprecated. It also includes tests ;) I'd encourage you to check it out and see if it is along the lines of what you wanted to see from the API. |
|
Closing this as moot at this point as we merged a different version of the builder concept. |
I decided to make a new
KmsMasterKeyProviderBuilderclass instead of just using the builder directly insideKmsMasterKeyProvider. There are two reasons for this:KmsMasterKeyProviderthat change the state of the KMS client (e.g.KmsMasterKeyProvider#setRegion), will throw an exception, and won't change as expected. This way felt safer.Also, feel free to share thoughts on how the new builder can be tested. I originally added an
equalsmethod to KmsMasterKeyProvider, and was going to ensure that both the builder and constructor created objects with the same properties, but becauseAWSKMSClientdoes not haveequalsoverriden, this proved to be difficult.