问题:
使用aws-secretsmanager-jdbc从AWS机密管理器读取RDS机密时发生异常
郭意
我在我的项目中使用AWS SDK for java,现在想使用AWS秘密管理器来存储RDS详细信息。在集成aws-secretsmanager-jdbc时,对数据库运行查询时出现以下错误:
java.lang.NoSuchFieldError: SERVICE_ID
at com.amazonaws.services.secretsmanager.AWSSecretsManagerClient.executeDescribeSecret(AWSSecretsManagerClient.java:885)
at com.amazonaws.services.secretsmanager.AWSSecretsManagerClient.describeSecret(AWSSecretsManagerClient.java:866)
at com.amazonaws.secretsmanager.caching.cache.SecretCacheItem.executeRefresh(SecretCacheItem.java:102)
at com.amazonaws.secretsmanager.caching.cache.SecretCacheItem.executeRefresh(SecretCacheItem.java:32)
at com.amazonaws.secretsmanager.caching.cache.SecretCacheObject.refresh(SecretCacheObject.java:188)
at com.amazonaws.secretsmanager.caching.cache.SecretCacheObject.getSecretValue(SecretCacheObject.java:286)
at com.amazonaws.secretsmanager.caching.SecretCache.getSecretString(SecretCache.java:123)
at com.amazonaws.secretsmanager.sql.AWSSecretsManagerDriver.connectWithSecret(AWSSecretsManagerDriver.java:321)
at com.amazonaws.secretsmanager.sql.AWSSecretsManagerDriver.connect(AWSSecretsManagerDriver.java:384)
at com.mchange.v2.c3p0.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:175)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:220)
at com.mchange.v2.c3p0.WrapperConnectionPoolDataSource.getPooledConnection(WrapperConnectionPoolDataSource.java:206)
at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool$1PooledConnectionResourcePoolManager.acquireResource(C3P0PooledConnectionPool.java:203)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquire(BasicResourcePool.java:1138)
at com.mchange.v2.resourcepool.BasicResourcePool.doAcquireAndDecrementPendingAcquiresWithinLockOnSuccess(BasicResourcePool.java:1125)
at com.mchange.v2.resourcepool.BasicResourcePool.access$700(BasicResourcePool.java:44)
at com.mchange.v2.resourcepool.BasicResourcePool$ScatteredAcquireTask.run(BasicResourcePool.java:1870)
at com.mchange.v2.async.ThreadPoolAsynchronousRunner$PoolThread.run(ThreadPoolAsynchronousRunner.java:696)
[INFO] | +- software.amazon.awssdk:secretsmanager:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:aws-json-protocol:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:protocol-core:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:sdk-core:jar:2.10.30:compile
[INFO] | | | \- software.amazon.awssdk:profiles:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:auth:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:http-client-spi:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:regions:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:annotations:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:utils:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:aws-core:jar:2.10.30:compile
[INFO] | | +- software.amazon.awssdk:apache-client:jar:2.10.30:runtime
[INFO] | | \- software.amazon.awssdk:netty-nio-client:jar:2.10.30:runtime
[INFO] +- com.amazonaws.secretsmanager:aws-secretsmanager-jdbc:jar:1.0.3:compile
[INFO] | +- com.amazonaws.secretsmanager:aws-secretsmanager-caching-java:jar:1.0.0:compile
[INFO] | +- com.amazonaws:aws-java-sdk-secretsmanager:jar:1.11.418:compile
[INFO] | | +- com.amazonaws:aws-java-sdk-core:jar:1.11.281:compile
[INFO] | | \- com.amazonaws:jmespath-java:jar:1.11.281:compile
[INFO] +- software.amazon.awssdk:secretsmanager:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:aws-json-protocol:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:protocol-core:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:sdk-core:jar:2.10.30:compile
[INFO] | | \- software.amazon.awssdk:profiles:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:auth:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:http-client-spi:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:regions:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:annotations:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:utils:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:aws-core:jar:2.10.30:compile
[INFO] | +- software.amazon.awssdk:apache-client:jar:2.10.30:runtime
[INFO] | \- software.amazon.awssdk:netty-nio-client:jar:2.10.30:runtime
[INFO] \- com.amazonaws:aws-java-sdk-s3:jar:1.11.281:compile
[INFO] \- com.amazonaws:aws-java-sdk-kms:jar:1.11.281:compile
你知道如何解决这个问题吗?
共有1个答案
丌官积厚
发现了这一点,这是由于核心库的错误版本造成的问题。我试图在同一个项目中使用AWS SDK2.x和1.x,所以出现了这个版本冲突。
通过如下方式向pom添加版本来修复:
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-core</artifactId>
<version>1.11.418</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>jmespath-java</artifactId>
<version>1.11.418</version>
</dependency>
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-secretsmanager</artifactId>
<version>1.11.418</version>
</dependency>
类似资料:
-
是否有任何可能的方法,我可以更新AWS秘密管理器中的密钥/值,而不必检索当前值,然后更新它们? 我找到的当前解决方案首先从secrets Manager中检索值: 但我不想检索秘密值。首选语言是Python。
-
使用Secrets Manager提供的默认代码和必要的IAM角色,我可以在我的lambda中从Secrets Manager中读取API密钥: 这个Lambda能够成功地从Secrets Manager中检索和打印API密钥。 为了与EC2实例通信,我有一个带有助手层和一些简单测试代码的Lambda: null 我想我已经把范围缩小到VPC了。第一个Lambda只是打印出秘密工作完美,直到我把它
-
我使用CloudFormation模板创建了一个秘密,如下所示: 当我删除CloudFormation堆栈时,我希望秘密会以7天保留策略的“待定删除”状态存在,因为这是AWS的规定。
-
api文档没有说太多:https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/secretsmanager/misecretsmanageretsecretvalueasyncgetsecretvaluerequestcancellationtoken.html
-
一些秘密需要通过PODS获取,秘密存储在GCP秘密管理器中,什么是安全有效的方法来获取pod中的秘密? 谢谢你!
-
我有一个Django应用程序,可以从AWS秘密管理器中获取DB秘密。它包含所有DB参数,如用户名、密码、主机、端口等。当我在EC2上启动Django应用程序时,它会成功地从秘密管理器中检索秘密并建立一个DB连接。 现在的问题是我有一个密码循环策略设置30天。为了测试流量,目前,我已经设置为1天。每次密码旋转,我的Django应用程序就会失去DB连接。因此,我必须手动重新启动应用程序,以允许应用程序
-
我们在AWS环境中部署了完整的应用程序,我们发现AWS秘密管理器是存储数据库和其他一些组件的秘密的正确选择。
-
对此有以下查询: 是否可以知道lambda函数缓存这些秘密的位置? 如果talend作业执行时机密发生更改,如何确保talend作业将更新后的值用于机密? 如何确保正在使用机密的最新值。