tessl/maven-com-amazonaws--aws-java-sdk-secretsmanager
Java client library for AWS Secrets Manager enabling secure storage, management, and retrieval of secrets.
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
'%3e%3cpath%20d='m7.15%205.779.281.877c-.001.502.003.991.124%201.48l.116-.082.229-1.265c.723%201.422%202.78%203.325%202.53%205.008-.022.154-.082.3-.158.435.349-.014.375-.38.578-.56.187%201.005.17%201.975-.22%202.932l1.428%203.159c-.007.07-.626.285-.744.226-.087-.044-.629-1.506-.742-1.754-.103-.224-.457-1.044-.592-1.165-.592-.534-2.033-.183-2.773-.256l.488-.115.148-.109c-.68-.08-1.363-.34-1.85-.815.531.046%201.052.121%201.592.087.1-.006.378-.02.432-.114-1.338-.016-2.398-.569-3.16-1.62-1.03-1.422-1.646-3.215-2.658-4.662-.203-.289-.474-.68-.776-.847-.015-.092.076-.054.137-.049.375.034.778.157%201.148.234l1.26.462c-.404-.737-1.332-.637-1.984-.994-.759-.416-1.2-1.386-1.487-2.149-.258-.68-.536-1.495-.492-2.217.282.262.529.573.896.73.087-.102-.838-1.102-.867-1.323C-.051.673.656-.051%201.328.003c1.128.09%202.44%201.953%202.87%202.886.074.069.145-.23.149-.25.029-.154.01-.306.054-.452.67.932%201.64%201.722%202.122%202.768l.626%201.778V5.78Z'/%3e%3cpath%20d='m10.851%206.733.626-1.778c.483-1.047%201.451-1.836%202.122-2.769.045.147.025.299.054.452.005.021.075.32.149.25.43-.932%201.742-2.796%202.87-2.885.672-.054%201.38.67%201.294%201.31-.03.22-.954%201.221-.867%201.322.367-.156.614-.467.896-.729.044.722-.234%201.536-.49%202.218-.288.763-.73%201.733-1.488%202.149-.652.356-1.58.256-1.984.993l1.26-.461c.37-.077.772-.2%201.148-.234.06-.006.152-.044.136.049-.301.166-.573.557-.775.847-.794%201.135-1.347%202.488-2.049%203.68-.635%201.081-1.285%202.087-2.613%202.432.148-.768.005-1.562-.173-2.316l-.32-.092c-.219-1.088-.84-2.001-1.466-2.908l.919-1.475.229%201.265.116.082c.12-.489.125-.979.123-1.48l.283-.877v.955ZM8.017%2014.984c-.238.57-.531%201.119-.78%201.686-.089.204-.446%201.24-.518%201.295-.145.114-.622-.087-.777-.2l1.207-2.78h.868ZM12.008%2013.75c-.059.174-.949.7-1.04.617l.12-.5.92-.117Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h18v18H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/maven-com-amazonaws--aws-java-sdk-secretsmanager@1.12.0index.mddocs/
AWS Secrets Manager Java SDK
A comprehensive Java SDK for AWS Secrets Manager service providing secure storage and management of sensitive information like database credentials, API keys, and other secrets.
Package Information
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-secretsmanager</artifactId>
<version>1.12.789</version>
</dependency>- API Version: 2017-10-17
- Service Endpoint: secretsmanager (regional)
Core Imports
// Core service interfaces
import com.amazonaws.services.secretsmanager.AWSSecretsManager;
import com.amazonaws.services.secretsmanager.AWSSecretsManagerAsync;
// Client implementations
import com.amazonaws.services.secretsmanager.AWSSecretsManagerClient;
import com.amazonaws.services.secretsmanager.AWSSecretsManagerAsyncClient;
// Client builders
import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
import com.amazonaws.services.secretsmanager.AWSSecretsManagerAsyncClientBuilder;
// Common model classes
import com.amazonaws.services.secretsmanager.model.*;
// Exception handling
import com.amazonaws.services.secretsmanager.model.AWSSecretsManagerException;
import com.amazonaws.services.secretsmanager.model.ResourceNotFoundException;
import com.amazonaws.services.secretsmanager.model.InvalidParameterException;Basic Usage
Creating a Client
// Synchronous client with default configuration
AWSSecretsManager client = AWSSecretsManagerClientBuilder.defaultClient();
// Synchronous client with custom region
AWSSecretsManager client = AWSSecretsManagerClientBuilder.standard()
.withRegion("us-west-2")
.build();
// Asynchronous client
AWSSecretsManagerAsync asyncClient = AWSSecretsManagerAsyncClientBuilder.standard()
.withRegion("us-west-2")
.build();Simple Secret Operations
// Create a secret
CreateSecretRequest createRequest = new CreateSecretRequest()
.withName("MySecret")
.withSecretString("my-secret-value")
.withDescription("Database password for production");
CreateSecretResult createResult = client.createSecret(createRequest);
// Retrieve a secret value
GetSecretValueRequest getRequest = new GetSecretValueRequest()
.withSecretId("MySecret");
GetSecretValueResult getResult = client.getSecretValue(getRequest);
String secretValue = getResult.getSecretString();
// Update secret value
UpdateSecretRequest updateRequest = new UpdateSecretRequest()
.withSecretId("MySecret")
.withSecretString("new-secret-value");
UpdateSecretResult updateResult = client.updateSecret(updateRequest);
// Delete a secret (with recovery window)
DeleteSecretRequest deleteRequest = new DeleteSecretRequest()
.withSecretId("MySecret")
.withRecoveryWindowInDays(30L);
DeleteSecretResult deleteResult = client.deleteSecret(deleteRequest);Core Service Interfaces
AWSSecretsManager (Synchronous Interface)
public interface AWSSecretsManager {
// Service endpoint prefix
String ENDPOINT_PREFIX = "secretsmanager";
// Core secret operations
CreateSecretResult createSecret(CreateSecretRequest request);
GetSecretValueResult getSecretValue(GetSecretValueRequest request);
UpdateSecretResult updateSecret(UpdateSecretRequest request);
DeleteSecretResult deleteSecret(DeleteSecretRequest request);
DescribeSecretResult describeSecret(DescribeSecretRequest request);
ListSecretsResult listSecrets(ListSecretsRequest request);
// Batch operations
BatchGetSecretValueResult batchGetSecretValue(BatchGetSecretValueRequest request);
// Secret value management
PutSecretValueResult putSecretValue(PutSecretValueRequest request);
// Version management
ListSecretVersionIdsResult listSecretVersionIds(ListSecretVersionIdsRequest request);
UpdateSecretVersionStageResult updateSecretVersionStage(UpdateSecretVersionStageRequest request);
// Rotation operations
RotateSecretResult rotateSecret(RotateSecretRequest request);
CancelRotateSecretResult cancelRotateSecret(CancelRotateSecretRequest request);
// Replication operations
ReplicateSecretToRegionsResult replicateSecretToRegions(ReplicateSecretToRegionsRequest request);
RemoveRegionsFromReplicationResult removeRegionsFromReplication(RemoveRegionsFromReplicationRequest request);
StopReplicationToReplicaResult stopReplicationToReplica(StopReplicationToReplicaRequest request);
RestoreSecretResult restoreSecret(RestoreSecretRequest request);
// Resource policy operations
GetResourcePolicyResult getResourcePolicy(GetResourcePolicyRequest request);
PutResourcePolicyResult putResourcePolicy(PutResourcePolicyRequest request);
DeleteResourcePolicyResult deleteResourcePolicy(DeleteResourcePolicyRequest request);
ValidateResourcePolicyResult validateResourcePolicy(ValidateResourcePolicyRequest request);
// Tagging operations
TagResourceResult tagResource(TagResourceRequest request);
UntagResourceResult untagResource(UntagResourceRequest request);
// Utility operations
GetRandomPasswordResult getRandomPassword(GetRandomPasswordRequest request);
// Client lifecycle
void shutdown();
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}AWSSecretsManagerAsync (Asynchronous Interface)
public interface AWSSecretsManagerAsync extends AWSSecretsManager {
// All synchronous methods plus async variants
// Batch operations
Future<BatchGetSecretValueResult> batchGetSecretValueAsync(BatchGetSecretValueRequest request);
Future<BatchGetSecretValueResult> batchGetSecretValueAsync(BatchGetSecretValueRequest request,
AsyncHandler<BatchGetSecretValueRequest, BatchGetSecretValueResult> asyncHandler);
// Rotation operations
Future<CancelRotateSecretResult> cancelRotateSecretAsync(CancelRotateSecretRequest request);
Future<CancelRotateSecretResult> cancelRotateSecretAsync(CancelRotateSecretRequest request,
AsyncHandler<CancelRotateSecretRequest, CancelRotateSecretResult> asyncHandler);
Future<RotateSecretResult> rotateSecretAsync(RotateSecretRequest request);
Future<RotateSecretResult> rotateSecretAsync(RotateSecretRequest request,
AsyncHandler<RotateSecretRequest, RotateSecretResult> asyncHandler);
// Core secret operations
Future<CreateSecretResult> createSecretAsync(CreateSecretRequest request);
Future<CreateSecretResult> createSecretAsync(CreateSecretRequest request,
AsyncHandler<CreateSecretRequest, CreateSecretResult> asyncHandler);
Future<DeleteSecretResult> deleteSecretAsync(DeleteSecretRequest request);
Future<DeleteSecretResult> deleteSecretAsync(DeleteSecretRequest request,
AsyncHandler<DeleteSecretRequest, DeleteSecretResult> asyncHandler);
Future<DescribeSecretResult> describeSecretAsync(DescribeSecretRequest request);
Future<DescribeSecretResult> describeSecretAsync(DescribeSecretRequest request,
AsyncHandler<DescribeSecretRequest, DescribeSecretResult> asyncHandler);
Future<GetSecretValueResult> getSecretValueAsync(GetSecretValueRequest request);
Future<GetSecretValueResult> getSecretValueAsync(GetSecretValueRequest request,
AsyncHandler<GetSecretValueRequest, GetSecretValueResult> asyncHandler);
Future<ListSecretsResult> listSecretsAsync(ListSecretsRequest request);
Future<ListSecretsResult> listSecretsAsync(ListSecretsRequest request,
AsyncHandler<ListSecretsRequest, ListSecretsResult> asyncHandler);
Future<UpdateSecretResult> updateSecretAsync(UpdateSecretRequest request);
Future<UpdateSecretResult> updateSecretAsync(UpdateSecretRequest request,
AsyncHandler<UpdateSecretRequest, UpdateSecretResult> asyncHandler);
// Secret value management
Future<PutSecretValueResult> putSecretValueAsync(PutSecretValueRequest request);
Future<PutSecretValueResult> putSecretValueAsync(PutSecretValueRequest request,
AsyncHandler<PutSecretValueRequest, PutSecretValueResult> asyncHandler);
// Version management
Future<ListSecretVersionIdsResult> listSecretVersionIdsAsync(ListSecretVersionIdsRequest request);
Future<ListSecretVersionIdsResult> listSecretVersionIdsAsync(ListSecretVersionIdsRequest request,
AsyncHandler<ListSecretVersionIdsRequest, ListSecretVersionIdsResult> asyncHandler);
Future<UpdateSecretVersionStageResult> updateSecretVersionStageAsync(UpdateSecretVersionStageRequest request);
Future<UpdateSecretVersionStageResult> updateSecretVersionStageAsync(UpdateSecretVersionStageRequest request,
AsyncHandler<UpdateSecretVersionStageRequest, UpdateSecretVersionStageResult> asyncHandler);
// Replication operations
Future<ReplicateSecretToRegionsResult> replicateSecretToRegionsAsync(ReplicateSecretToRegionsRequest request);
Future<ReplicateSecretToRegionsResult> replicateSecretToRegionsAsync(ReplicateSecretToRegionsRequest request,
AsyncHandler<ReplicateSecretToRegionsRequest, ReplicateSecretToRegionsResult> asyncHandler);
Future<RemoveRegionsFromReplicationResult> removeRegionsFromReplicationAsync(RemoveRegionsFromReplicationRequest request);
Future<RemoveRegionsFromReplicationResult> removeRegionsFromReplicationAsync(RemoveRegionsFromReplicationRequest request,
AsyncHandler<RemoveRegionsFromReplicationRequest, RemoveRegionsFromReplicationResult> asyncHandler);
Future<StopReplicationToReplicaResult> stopReplicationToReplicaAsync(StopReplicationToReplicaRequest request);
Future<StopReplicationToReplicaResult> stopReplicationToReplicaAsync(StopReplicationToReplicaRequest request,
AsyncHandler<StopReplicationToReplicaRequest, StopReplicationToReplicaResult> asyncHandler);
Future<RestoreSecretResult> restoreSecretAsync(RestoreSecretRequest request);
Future<RestoreSecretResult> restoreSecretAsync(RestoreSecretRequest request,
AsyncHandler<RestoreSecretRequest, RestoreSecretResult> asyncHandler);
// Resource policy operations
Future<GetResourcePolicyResult> getResourcePolicyAsync(GetResourcePolicyRequest request);
Future<GetResourcePolicyResult> getResourcePolicyAsync(GetResourcePolicyRequest request,
AsyncHandler<GetResourcePolicyRequest, GetResourcePolicyResult> asyncHandler);
Future<PutResourcePolicyResult> putResourcePolicyAsync(PutResourcePolicyRequest request);
Future<PutResourcePolicyResult> putResourcePolicyAsync(PutResourcePolicyRequest request,
AsyncHandler<PutResourcePolicyRequest, PutResourcePolicyResult> asyncHandler);
Future<DeleteResourcePolicyResult> deleteResourcePolicyAsync(DeleteResourcePolicyRequest request);
Future<DeleteResourcePolicyResult> deleteResourcePolicyAsync(DeleteResourcePolicyRequest request,
AsyncHandler<DeleteResourcePolicyRequest, DeleteResourcePolicyResult> asyncHandler);
Future<ValidateResourcePolicyResult> validateResourcePolicyAsync(ValidateResourcePolicyRequest request);
Future<ValidateResourcePolicyResult> validateResourcePolicyAsync(ValidateResourcePolicyRequest request,
AsyncHandler<ValidateResourcePolicyRequest, ValidateResourcePolicyResult> asyncHandler);
// Tagging operations
Future<TagResourceResult> tagResourceAsync(TagResourceRequest request);
Future<TagResourceResult> tagResourceAsync(TagResourceRequest request,
AsyncHandler<TagResourceRequest, TagResourceResult> asyncHandler);
Future<UntagResourceResult> untagResourceAsync(UntagResourceRequest request);
Future<UntagResourceResult> untagResourceAsync(UntagResourceRequest request,
AsyncHandler<UntagResourceRequest, UntagResourceResult> asyncHandler);
// Utility operations
Future<GetRandomPasswordResult> getRandomPasswordAsync(GetRandomPasswordRequest request);
Future<GetRandomPasswordResult> getRandomPasswordAsync(GetRandomPasswordRequest request,
AsyncHandler<GetRandomPasswordRequest, GetRandomPasswordResult> asyncHandler);
}Architecture
The AWS Secrets Manager Java SDK follows standard AWS SDK patterns:
- Service Interfaces: Define the contract for operations (
AWSSecretsManager,AWSSecretsManagerAsync) - Client Implementations: Provide concrete implementations (
AWSSecretsManagerClient,AWSSecretsManagerAsyncClient) - Builders: Configure and create client instances (
AWSSecretsManagerClientBuilder) - Request/Response Models: Strongly-typed objects for all API operations
- Exception Hierarchy: Structured exception handling for different error conditions
Capabilities
The AWS Secrets Manager SDK provides comprehensive functionality organized into key areas:
Secret Management
Core CRUD operations for secrets including creation, retrieval, updates, deletion, and lifecycle management. Covers both individual and batch operations.
Rotation Management
Automated secret rotation capabilities including rotation configuration, execution, cancellation, and version stage management for seamless credential updates.
Replication Management
Multi-region secret replication for high availability and disaster recovery, including cross-region setup, management, and cleanup operations.
Policies and Tagging
Resource-based access control through IAM policies and organizational management through resource tagging for governance and cost allocation.
Utility Operations
Helper functions including secure random password generation and resource policy validation for enhanced security and compliance.
Exception Handling
All operations can throw AWS Secrets Manager specific exceptions:
// Base exception class
class AWSSecretsManagerException extends AmazonServiceException {
// Inherits standard AWS error information
}
// Resource-related exceptions
class ResourceNotFoundException extends AWSSecretsManagerException {}
class ResourceExistsException extends AWSSecretsManagerException {}
// Parameter and request validation exceptions
class InvalidParameterException extends AWSSecretsManagerException {}
class InvalidRequestException extends AWSSecretsManagerException {}
class InvalidNextTokenException extends AWSSecretsManagerException {}
// Encryption and security exceptions
class DecryptionFailureException extends AWSSecretsManagerException {}
class EncryptionFailureException extends AWSSecretsManagerException {}
// Policy-related exceptions
class MalformedPolicyDocumentException extends AWSSecretsManagerException {}
class PublicPolicyException extends AWSSecretsManagerException {}
// Quota and precondition exceptions
class LimitExceededException extends AWSSecretsManagerException {}
class PreconditionNotMetException extends AWSSecretsManagerException {}
// Service availability exception
class InternalServiceErrorException extends AWSSecretsManagerException {}Best Practices
- Client Management: Use client builders and reuse client instances across operations
- Error Handling: Implement proper exception handling for all service operations
- Security: Use IAM roles and policies to control access to secrets
- Pagination: Handle pagination for list operations using nextToken
- Resource Cleanup: Call
shutdown()on clients when done to release resources - Async Operations: Use async clients for high-throughput scenarios
Thread Safety
- Client instances are thread-safe and can be shared across multiple threads
- Request and response objects are not thread-safe
- Async handlers should be designed for concurrent execution