I'm creating a Java script that does an API Gateway endpoint call. However, I must supply the AWS access keys and session token to my script for it to function. My code is currently functional, but the AWS keys are hard-coded. How can I transfer the keys without having them hardcoded? My current code is as follows:
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import auth.AWS4SignerBase;
import auth.AWS4SignerForAuthorizationHeader;
import util.HttpUtils;
class Main {
public static void main(String[] args) throws Exception {
URL endpointUrl = new URL("https://lmno456.execute-api.us-east-1.amazonaws.com/prod/controlplane/model/a1");
var regionName = "us-east-1";
var awsAccessKey = "abc123";
var awsSecretKey = "def234";
var awsSessionToken = "xyz789==";
// for a simple GET, we have no body so supply the precomputed 'empty' hash
Map<String, String> headers = new HashMap<String, String>();
headers.put("x-amz-content-sha256", AWS4SignerBase.EMPTY_BODY_SHA256);
headers.put("X-Amz-Security-Token", awsSessionToken);
AWS4SignerForAuthorizationHeader signer = new AWS4SignerForAuthorizationHeader(endpointUrl, "GET", "execute-api", regionName);
String authorization = signer.computeSignature(headers,
null, // no query parameters
AWS4SignerBase.EMPTY_BODY_SHA256,
awsAccessKey,
awsSecretKey);
headers.put("Authorization", authorization);
String response = HttpUtils.invokeHttpRequest(endpointUrl, "GET", headers, null);
System.out.println("--------- Response content ---------");
System.out.println(response);
System.out.println("------------------------------------");
}
}
To retrieve the access and session keys, I'm ideally searching for a function comparable to boto3 credentials = session.get credentials() in Python. For an AWS lambda function, this is what I'm doing.
