AWS Secrets Manager
Integrate AWS Secrets Manager with your Gatling scripts to securely retrieve and manage secret values after the initialization stage of your load generators.
Use Case
Integrating AWS Secrets Manager with Gatling allows secure access and retrieval of secret values directly within your Gatling scripts. This process is performed only once during the spawning of load generators in the initialization block, ensuring your secrets are handled securely before launching your simulation test.
Prerequisites
- Utilizing Gatling Enterprise’s Private Locations feature. For more information, visit: Gatling Cloud Installation Guide
- Using Gatling SDK with Java 1.x or 2.x.
Configuration
To enable secure access to AWS Secrets Manager, assign an IAM instance profile to your load generators. This profile should grant access permissions for retrieving and describing secrets as detailed below. For more information, visit: Gatling AWS Locations Configuration.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret"
],
"Resource": "arn:aws:secretsmanager:{region}:{account-id}:secret:{secret-name}"
}
]
}
Batch Retrieval Permissions
secretsmanager:GetSecretValue
permission for each secret. Additionally, the secretsmanager:BatchGetSecretValue
permission is required.Installation
Install the AWS SDK into your Java project using either Maven or Gradle:
Suggested Implementation
Utilize the AWS SDK for Java 2.x to implement the Get a Secret Value
sample from the AWS Secrets Manager examples. For more detailed examples, visit the AWS SDK for Java Code Examples.
import io.gatling.javaapi.core.*;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
public class AWSSecretsManagerSampleJava extends Simulation {
{
String secretName = "my-secret-name";
Region region = Region.of("{region-name}");
SecretsManagerClient client = SecretsManagerClient.builder().region(region).build();
GetSecretValueRequest getSecretValueRequest = GetSecretValueRequest.builder().secretId(secretName).build();
GetSecretValueResponse getSecretValueResponse;
try {
getSecretValueResponse = client.getSecretValue(getSecretValueRequest);
} catch (Exception e) {
throw new RuntimeException(e);
}
String secret = getSecretValueResponse.secretString();
}
}