From c166eab4a3baae41aac3ca15528dd47dfcd34b99 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 9 Jun 2025 12:35:30 -0700 Subject: [PATCH 1/8] auto commit --- .github/workflows/ci_examples_java.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci_examples_java.yml b/.github/workflows/ci_examples_java.yml index 2499ac6ae..a8c221dc6 100644 --- a/.github/workflows/ci_examples_java.yml +++ b/.github/workflows/ci_examples_java.yml @@ -26,7 +26,6 @@ on: jobs: testJava: strategy: - max-parallel: 1 matrix: java-version: [8, 11, 16, 17] os: [macos-13] From 849f5dac4499c59b599a3ee25749948ab1f0195a Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 9 Jun 2025 13:31:38 -0700 Subject: [PATCH 2/8] use UUID --- .../amazon/cryptography/examples/BasicPutGetExample.java | 9 +++++---- .../cryptography/examples/TestBasicPutGetExample.java | 4 +++- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java index 292fa5470..b4ae30f5d 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java @@ -2,6 +2,7 @@ import java.util.HashMap; import java.util.Map; +import java.util.UUID; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; import software.amazon.awssdk.services.dynamodb.DynamoDbClient; import software.amazon.awssdk.services.dynamodb.model.*; @@ -30,7 +31,7 @@ */ public class BasicPutGetExample { - public static void PutItemGetItem(String kmsKeyId, String ddbTableName) { + public static void PutItemGetItem(String kmsKeyId, String ddbTableName, String PartitionKeyName) { // 1. Create a Keyring. This Keyring will be responsible for protecting the data keys that protect your data. // For this example, we will create a AWS KMS Keyring with the AWS KMS Key we want to use. // We will use the `CreateMrkMultiKeyring` method to create this keyring, @@ -142,7 +143,7 @@ public static void PutItemGetItem(String kmsKeyId, String ddbTableName) { final HashMap item = new HashMap<>(); item.put( "partition_key", - AttributeValue.builder().s("BasicPutGetExample").build() + AttributeValue.builder().s(PartitionKeyName).build() ); item.put("sort_key", AttributeValue.builder().n("0").build()); item.put( @@ -169,7 +170,7 @@ public static void PutItemGetItem(String kmsKeyId, String ddbTableName) { final HashMap keyToGet = new HashMap<>(); keyToGet.put( "partition_key", - AttributeValue.builder().s("BasicPutGetExample").build() + AttributeValue.builder().s(PartitionKeyName).build() ); keyToGet.put("sort_key", AttributeValue.builder().n("0").build()); @@ -201,6 +202,6 @@ public static void main(final String[] args) { } final String kmsKeyId = args[0]; final String ddbTableName = args[1]; - PutItemGetItem(kmsKeyId, ddbTableName); + PutItemGetItem(kmsKeyId, ddbTableName, "BasicPutGetExample"); } } diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java index b11942be1..7000c3c67 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java @@ -1,5 +1,6 @@ package software.amazon.cryptography.examples; +import java.util.UUID; import org.testng.annotations.Test; public class TestBasicPutGetExample { @@ -8,7 +9,8 @@ public class TestBasicPutGetExample { public void TestPutGet() { BasicPutGetExample.PutItemGetItem( TestUtils.TEST_KMS_KEY_ID, - TestUtils.TEST_DDB_TABLE_NAME + TestUtils.TEST_DDB_TABLE_NAME, + "BasicPutGetExample" + UUID.randomUUID() ); } } From 9c3e159998425340377cbed9dba6a7aa8d60dd18 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 9 Jun 2025 17:28:40 -0700 Subject: [PATCH 3/8] auto commit --- .../examples/BasicPutGetExample.java | 6 ++- .../awsdbe/MigrationExampleStep1.java | 12 +++-- .../awsdbe/MigrationExampleStep2.java | 12 +++-- .../awsdbe/MigrationExampleStep3.java | 12 +++-- .../plaintext/MigrationExampleStep0.java | 15 ++++-- .../migration/{awsdbe => }/TestUtils.java | 7 ++- .../awsdbe/TestMigrationExampleStep1.java | 25 +++++++--- .../awsdbe/TestMigrationExampleStep2.java | 25 +++++++--- .../awsdbe/TestMigrationExampleStep3.java | 47 +++++++++++-------- .../TestEncryptExistingTable.java | 14 ++++-- .../plaintext/TestMigrationExampleStep0.java | 34 +++++++++++--- .../migration/plaintext/TestUtils.java | 12 ----- 12 files changed, 142 insertions(+), 79 deletions(-) rename Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/{awsdbe => }/TestUtils.java (70%) delete mode 100644 Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestUtils.java diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java index b4ae30f5d..a7df537c4 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java @@ -31,7 +31,11 @@ */ public class BasicPutGetExample { - public static void PutItemGetItem(String kmsKeyId, String ddbTableName, String PartitionKeyName) { + public static void PutItemGetItem( + String kmsKeyId, + String ddbTableName, + String PartitionKeyName + ) { // 1. Create a Keyring. This Keyring will be responsible for protecting the data keys that protect your data. // For this example, we will create a AWS KMS Keyring with the AWS KMS Key we want to use. // We will use the `CreateMrkMultiKeyring` method to create this keyring, diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep1.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep1.java index 9c2e7b785..5cb1bbe9f 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep1.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep1.java @@ -45,7 +45,8 @@ public class MigrationExampleStep1 { public static void MigrationStep1( String kmsKeyId, String ddbTableName, - int sortReadValue + int sortReadValue, + String partitionKey ) { // 1. Create a Keyring. This Keyring will be responsible for protecting the data keys that protect your data. // We will use the `CreateMrkMultiKeyring` method to create this keyring, @@ -143,7 +144,7 @@ public static void MigrationStep1( // 7. Put an item into your table using the DynamoDb Enhanced Client. // This item will be stored in plaintext. final SimpleClass item = new SimpleClass(); - item.setPartitionKey("PlaintextMigrationExample"); + item.setPartitionKey(partitionKey); item.setSortKey(1); item.setAttribute1("this will be encrypted and signed"); item.setAttribute3("this will never be encrypted nor signed"); @@ -158,13 +159,13 @@ public static void MigrationStep1( // during Step 2 or after), then the item will be decrypted client-side // and surfaced as a plaintext item. SimpleClass itemToGet = new SimpleClass(); - itemToGet.setPartitionKey("PlaintextMigrationExample"); + itemToGet.setPartitionKey(partitionKey); itemToGet.setSortKey(sortReadValue); SimpleClass returnedItem = table.getItem(itemToGet); // Demonstrate we get the expected item back - assert returnedItem.getPartitionKey().equals("PlaintextMigrationExample"); + assert returnedItem.getPartitionKey().equals(partitionKey); assert returnedItem .getAttribute1() .equals("this will be encrypted and signed"); @@ -180,6 +181,7 @@ public static void main(final String[] args) { final String ddbTableName = args[1]; // You can manipulate this value to demonstrate reading records written in other steps final int sortReadValue = Integer.parseInt(args[2]); - MigrationStep1(kmsKeyId, ddbTableName, sortReadValue); + final String partitionKey = args[3]; + MigrationStep1(kmsKeyId, ddbTableName, sortReadValue, partitionKey); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep2.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep2.java index 180bdef92..fda66dfc1 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep2.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep2.java @@ -45,7 +45,8 @@ public class MigrationExampleStep2 { public static void MigrationStep2( String kmsKeyId, String ddbTableName, - int sortReadValue + int sortReadValue, + String partitionKey ) { // 1. Continue to configure your Keyring, Table Schema, legacy attribute actions, // and allowedUnsignedAttributes, and old DynamoDBEncryptor as you did in Step 1. @@ -121,7 +122,7 @@ public static void MigrationStep2( // 5. Put an item into your table using the DynamoDb Enhanced Client. // This item will be encrypted. final SimpleClass item = new SimpleClass(); - item.setPartitionKey("PlaintextMigrationExample"); + item.setPartitionKey(partitionKey); item.setSortKey(2); item.setAttribute1("this will be encrypted and signed"); item.setAttribute3("this will never be encrypted nor signed"); @@ -136,13 +137,13 @@ public static void MigrationStep2( // during Step 2 or after), then the DDB enhanced client will decrypt the // item client-sid and surface it in our code as a plaintext item. SimpleClass itemToGet = new SimpleClass(); - itemToGet.setPartitionKey("PlaintextMigrationExample"); + itemToGet.setPartitionKey(partitionKey); itemToGet.setSortKey(sortReadValue); SimpleClass returnedItem = table.getItem(itemToGet); // Demonstrate we get the expected item back - assert returnedItem.getPartitionKey().equals("PlaintextMigrationExample"); + assert returnedItem.getPartitionKey().equals(partitionKey); assert returnedItem .getAttribute1() .equals("this will be encrypted and signed"); @@ -158,6 +159,7 @@ public static void main(final String[] args) { final String ddbTableName = args[1]; // You can manipulate this value to demonstrate reading records written in other steps final int sortReadValue = Integer.parseInt(args[2]); - MigrationStep2(kmsKeyId, ddbTableName, sortReadValue); + final String partitionKey = args[3]; + MigrationStep2(kmsKeyId, ddbTableName, sortReadValue, partitionKey); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep3.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep3.java index c51e7b655..9b30f6aee 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep3.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/awsdbe/MigrationExampleStep3.java @@ -40,7 +40,8 @@ public class MigrationExampleStep3 { public static void MigrationStep3( String kmsKeyId, String ddbTableName, - int sortReadValue + int sortReadValue, + String partitionKey ) { // 1. Create a Keyring. This Keyring will be responsible for protecting the data keys that protect your data. // We will use the `CreateMrkMultiKeyring` method to create this keyring, @@ -115,7 +116,7 @@ public static void MigrationStep3( // 7. Put an item into your table using the DynamoDb Enhanced Client. // This item will be encrypted. final SimpleClass item = new SimpleClass(); - item.setPartitionKey("PlaintextMigrationExample"); + item.setPartitionKey(partitionKey); item.setSortKey(3); item.setAttribute1("this will be encrypted and signed"); item.setAttribute3("this will never be encrypted nor signed"); @@ -131,13 +132,13 @@ public static void MigrationStep3( // during Step 2 or after), then the item will be decrypted client-side // and surfaced as a plaintext item. SimpleClass itemToGet = new SimpleClass(); - itemToGet.setPartitionKey("PlaintextMigrationExample"); + itemToGet.setPartitionKey(partitionKey); itemToGet.setSortKey(sortReadValue); SimpleClass returnedItem = table.getItem(itemToGet); // Demonstrate we get the expected item back - assert returnedItem.getPartitionKey().equals("PlaintextMigrationExample"); + assert returnedItem.getPartitionKey().equals(partitionKey); assert returnedItem .getAttribute1() .equals("this will be encrypted and signed"); @@ -153,6 +154,7 @@ public static void main(final String[] args) { final String ddbTableName = args[1]; // You can manipulate this value to demonstrate reading records written in other steps final int sortReadValue = Integer.parseInt(args[2]); - MigrationStep3(kmsKeyId, ddbTableName, sortReadValue); + final String partitionKey = args[3]; + MigrationStep3(kmsKeyId, ddbTableName, sortReadValue, partitionKey); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/plaintext/MigrationExampleStep0.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/plaintext/MigrationExampleStep0.java index 940bff552..cb8be3a70 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/plaintext/MigrationExampleStep0.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/main/java/software/amazon/cryptography/examples/plaintext/MigrationExampleStep0.java @@ -28,7 +28,11 @@ write a plaintext record to a table and read that record. */ public class MigrationExampleStep0 { - public static void MigrationStep0(String ddbTableName, int sortReadValue) { + public static void MigrationStep0( + String ddbTableName, + int sortReadValue, + String partitionKey + ) { // 1. Create a Table Schema over your annotated class. // See SimpleClass.java in this directory for a sample annotated class // for a plaintext item. @@ -56,7 +60,7 @@ public static void MigrationStep0(String ddbTableName, int sortReadValue) { // 3. Put an example item into our DynamoDb table. // This item will be stored in plaintext. SimpleClass itemToPut = new SimpleClass(); - itemToPut.setPartitionKey("PlaintextMigrationExample"); + itemToPut.setPartitionKey(partitionKey); itemToPut.setSortKey(0); itemToPut.setAttribute1("this will be encrypted and signed"); itemToPut.setAttribute3("this will never be encrypted nor signed"); @@ -76,13 +80,13 @@ public static void MigrationStep0(String ddbTableName, int sortReadValue) { // client-side encrypted items, you will need to configure encrypted reads on // your enhanced client (this is configured from Step 1 onwards). SimpleClass itemToGet = new SimpleClass(); - itemToGet.setPartitionKey("PlaintextMigrationExample"); + itemToGet.setPartitionKey(partitionKey); itemToGet.setSortKey(sortReadValue); SimpleClass returnedItem = table.getItem(itemToGet); // Demonstrate we get the expected item back - assert returnedItem.getPartitionKey().equals("PlaintextMigrationExample"); + assert returnedItem.getPartitionKey().equals(partitionKey); assert returnedItem .getAttribute1() .equals("this will be encrypted and signed"); @@ -97,6 +101,7 @@ public static void main(final String[] args) { final String ddbTableName = args[0]; // You can manipulate this value to demonstrate reading records written in other steps final int sortReadValue = Integer.parseInt(args[1]); - MigrationStep0(ddbTableName, sortReadValue); + final String partitionKey = args[2]; + MigrationStep0(ddbTableName, sortReadValue, partitionKey); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestUtils.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java similarity index 70% rename from Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestUtils.java rename to Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java index 53c987bfc..e3d9712ca 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestUtils.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java @@ -1,4 +1,6 @@ -package software.amazon.cryptography.examples.migration.awsdbe; +package software.amazon.cryptography.examples.migration; + +import java.util.UUID; public class TestUtils { @@ -9,4 +11,7 @@ public class TestUtils { // Our tests require access to DDB Table with this name public static final String TEST_DDB_TABLE_NAME = "DynamoDbEncryptionInterceptorTestTable"; + + public static final String PARTITION_KEY = + "PlaintextMigrationExample" + UUID.randomUUID(); } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java index 1d1983874..8b59bce41 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java @@ -4,6 +4,7 @@ import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep3; +import software.amazon.cryptography.examples.migration.TestUtils; import software.amazon.cryptography.examples.plaintext.MigrationExampleStep0; public class TestMigrationExampleStep1 { @@ -14,42 +15,52 @@ public void TestMigrationStep1() { MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 1 + 1, + TestUtils.PARTITION_KEY ); // Given: Step 0 has succeeded - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 0); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY + ); // When: Execute Step 1 with sortReadValue=0, Then: Success (i.e. can read plaintext values) MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 0 + 0, + TestUtils.PARTITION_KEY ); // Given: Step 2 has succeeded MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); // When: Execute Step 1 with sortReadValue=2, Then: Success (i.e. can read encrypted values) MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); // Given: Step 3 has succeeded MigrationExampleStep3.MigrationStep3( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 3 + 3, + TestUtils.PARTITION_KEY ); // When: Execute Step 1 with sortReadValue=3, Then: Success (i.e. can read encrypted values) MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 3 + 3, + TestUtils.PARTITION_KEY ); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java index 4f96af6db..81f496e71 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java @@ -4,6 +4,7 @@ import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep3; +import software.amazon.cryptography.examples.migration.TestUtils; import software.amazon.cryptography.examples.plaintext.MigrationExampleStep0; public class TestMigrationExampleStep2 { @@ -14,42 +15,52 @@ public void TestMigrationStep2() { MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); // Given: Step 0 has succeeded - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 0); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY + ); // When: Execute Step 2 with sortReadValue=0, Then: Success (i.e. can read plaintext values) MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 0 + 0, + TestUtils.PARTITION_KEY ); // Given: Step 1 has succeeded MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 1 + 1, + TestUtils.PARTITION_KEY ); // When: Execute Step 2 with sortReadValue=1, Then: Success (i.e. can read encrypted values) MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 1 + 1, + TestUtils.PARTITION_KEY ); // Given: Step 3 has succeeded MigrationExampleStep3.MigrationStep3( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 3 + 3, + TestUtils.PARTITION_KEY ); // When: Execute Step 2 with sortReadValue=3, Then: Success (i.e. can read encrypted values) MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 3 + 3, + TestUtils.PARTITION_KEY ); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java index 051cce5bd..c9220764a 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java @@ -7,7 +7,7 @@ import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep3; -import software.amazon.cryptography.examples.migration.plaintext.TestUtils; +import software.amazon.cryptography.examples.migration.TestUtils; import software.amazon.cryptography.examples.plaintext.MigrationExampleStep0; public class TestMigrationExampleStep3 { @@ -16,57 +16,64 @@ public class TestMigrationExampleStep3 { public void TestMigrationStep0() { // Successfully executes step 3 MigrationExampleStep3.MigrationStep3( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 3 + TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_DDB_TABLE_NAME, + 3, + TestUtils.PARTITION_KEY ); // Given: Step 0 has succeeded MigrationExampleStep0.MigrationStep0( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 0 + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY ); // When: Execute Step 3 with sortReadValue=0, Then: throws SdkClientException (i.e. cannot read plaintext values) assertThrows( SdkClientException.class, () -> { MigrationExampleStep3.MigrationStep3( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 0 + TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY ); } ); // Given: Step 1 has succeeded MigrationExampleStep1.MigrationStep1( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 1 + TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_DDB_TABLE_NAME, + 1, + TestUtils.PARTITION_KEY ); // When: Execute Step 3 with sortReadValue=1, Then: throws SdkClientException (i.e. cannot read plaintext values) assertThrows( SdkClientException.class, () -> { MigrationExampleStep3.MigrationStep3( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 1 + TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_DDB_TABLE_NAME, + 1, + TestUtils.PARTITION_KEY ); } ); // Given: Step 2 has succeeded MigrationExampleStep2.MigrationStep2( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_DDB_TABLE_NAME, - 2 + TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_DDB_TABLE_NAME, + 2, + TestUtils.PARTITION_KEY ); // When: Execute Step 3 with sortReadValue=2, Then: Success (i.e. can read encrypted values) MigrationExampleStep3.MigrationStep3( - software.amazon.cryptography.examples.migration.plaintext.TestUtils.TEST_KMS_KEY_ID, + TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java index 39bc62e08..f17a0e4a3 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java @@ -23,7 +23,7 @@ import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; import software.amazon.cryptography.examples.awsdbe.SimpleClass; -import software.amazon.cryptography.examples.migration.awsdbe.TestUtils; +import software.amazon.cryptography.examples.migration.TestUtils; import software.amazon.cryptography.examples.plaintext.MigrationExampleStep0; import software.amazon.cryptography.materialproviders.IKeyring; import software.amazon.cryptography.materialproviders.MaterialProviders; @@ -182,16 +182,22 @@ public static void EncryptExistingTable( @Test public void TestEncryptExistingTable() { // Given: All the previous migration steps have been run. - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 0); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY + ); MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 1 + 1, + TestUtils.PARTITION_KEY ); MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); // When: Execute migration, Then: Success (i.e. encrypts 2 plaintext values) EncryptExistingTable( diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java index 24db7f096..27df6bd71 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java @@ -6,6 +6,7 @@ import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep3; +import software.amazon.cryptography.examples.migration.TestUtils; import software.amazon.cryptography.examples.plaintext.MigrationExampleStep0; public class TestMigrationExampleStep0 { @@ -13,28 +14,42 @@ public class TestMigrationExampleStep0 { @Test public void TestMigrationStep0() { // Successfully executes step 0 - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 0); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 0, + TestUtils.PARTITION_KEY + ); // Given: Step 1 has succeeded MigrationExampleStep1.MigrationStep1( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 1 + 1, + TestUtils.PARTITION_KEY ); // When: Execute Step 0 with sortReadValue=1, Then: Success (i.e. can read plaintext values) - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 1); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 1, + TestUtils.PARTITION_KEY + ); // Given: Step 2 has succeeded MigrationExampleStep2.MigrationStep2( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 2 + 2, + TestUtils.PARTITION_KEY ); // When: Execute Step 0 with sortReadValue=2, Then: throws AssertionError (i.e. cannot read encrypted values) assertThrows( AssertionError.class, () -> { - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 2); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 2, + TestUtils.PARTITION_KEY + ); } ); @@ -42,13 +57,18 @@ public void TestMigrationStep0() { MigrationExampleStep3.MigrationStep3( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - 3 + 3, + TestUtils.PARTITION_KEY ); // When: Execute Step 0 with sortReadValue=3, Then: throws AssertionError (i.e. cannot read encrypted values) assertThrows( AssertionError.class, () -> { - MigrationExampleStep0.MigrationStep0(TestUtils.TEST_DDB_TABLE_NAME, 3); + MigrationExampleStep0.MigrationStep0( + TestUtils.TEST_DDB_TABLE_NAME, + 3, + TestUtils.PARTITION_KEY + ); } ); } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestUtils.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestUtils.java deleted file mode 100644 index 1ba655da7..000000000 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestUtils.java +++ /dev/null @@ -1,12 +0,0 @@ -package software.amazon.cryptography.examples.migration.plaintext; - -public class TestUtils { - - // This is a public KMS Key that MUST only be used for testing, and MUST NOT be used for any production data - public static String TEST_KMS_KEY_ID = - "arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f"; - - // Our tests require access to DDB Table with this name - public static final String TEST_DDB_TABLE_NAME = - "DynamoDbEncryptionInterceptorTestTable"; -} From f839556fb7ed494a9dd0b65e634d8b9f4f7d90d4 Mon Sep 17 00:00:00 2001 From: Rishav karanjit Date: Mon, 9 Jun 2025 18:51:19 -0700 Subject: [PATCH 4/8] Update TestEncryptExistingTable.java --- .../awsdbe/encrypttable/TestEncryptExistingTable.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java index f17a0e4a3..b208007b5 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java @@ -55,7 +55,8 @@ public class TestEncryptExistingTable { public static void EncryptExistingTable( String kmsKeyId, - String ddbTableName + String ddbTableName, + String partitionKey ) { // 1. Continue to configure your Keyring, Table Schema, // and allowedUnsignedAttributes as you did in Step 1. @@ -139,7 +140,7 @@ public static void EncryptExistingTable( Map expressionAttributesValues = new HashMap<>(); expressionAttributesValues.put( ":plaintexttest", - AttributeValue.builder().s("PlaintextMigrationExample").build() + AttributeValue.builder().s(partitionKey).build() ); ScanEnhancedRequest scanEnhancedRequest = ScanEnhancedRequest @@ -202,7 +203,8 @@ public void TestEncryptExistingTable() { // When: Execute migration, Then: Success (i.e. encrypts 2 plaintext values) EncryptExistingTable( TestUtils.TEST_KMS_KEY_ID, - TestUtils.TEST_DDB_TABLE_NAME + TestUtils.TEST_DDB_TABLE_NAME, + TestUtils.PARTITION_KEY ); } } From 8fa17b0011a806cb26029ec6080e5795843bde18 Mon Sep 17 00:00:00 2001 From: Rishav karanjit Date: Mon, 9 Jun 2025 19:39:05 -0700 Subject: [PATCH 5/8] Update BasicPutGetExample.java --- .../amazon/cryptography/examples/BasicPutGetExample.java | 1 - 1 file changed, 1 deletion(-) diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java index a7df537c4..2fd231f6a 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java @@ -2,7 +2,6 @@ import java.util.HashMap; import java.util.Map; -import java.util.UUID; import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration; import software.amazon.awssdk.services.dynamodb.DynamoDbClient; import software.amazon.awssdk.services.dynamodb.model.*; From 42b503e0bf3524c9a93285e924c4113c8f2bca54 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Tue, 10 Jun 2025 16:39:12 -0700 Subject: [PATCH 6/8] auto commit --- .../examples/BasicPutGetExample.java | 45 +++++++++++-------- .../examples/TestBasicPutGetExample.java | 13 +++++- .../cryptography/examples/TestUtils.java | 41 +++++++++++++++++ 3 files changed, 80 insertions(+), 19 deletions(-) diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java index a7df537c4..d5ad541a8 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java @@ -26,15 +26,18 @@ is provided in CLI arguments. This table must be configured with the following primary key configuration: - - Partition key is named "partition_key" with type (S) - - Sort key is named "sort_key" with type (N) + - Partition key is named `partitionKeyName` with type (S) + - Sort key is named `sortKeyName` with type (N) */ public class BasicPutGetExample { public static void PutItemGetItem( - String kmsKeyId, - String ddbTableName, - String PartitionKeyName + final String kmsKeyId, + final String ddbTableName, + final String partitionKeyName, + final String sortKeyName, + final String partitionKeyValue, + final String sortKeyValue ) { // 1. Create a Keyring. This Keyring will be responsible for protecting the data keys that protect your data. // For this example, we will create a AWS KMS Keyring with the AWS KMS Key we want to use. @@ -57,8 +60,8 @@ public static void PutItemGetItem( // - SIGN_ONLY: The attribute not encrypted, but is still included in the signature // - DO_NOTHING: The attribute is not encrypted and not included in the signature final Map attributeActionsOnEncrypt = new HashMap<>(); - attributeActionsOnEncrypt.put("partition_key", CryptoAction.SIGN_ONLY); // Our partition attribute must be SIGN_ONLY - attributeActionsOnEncrypt.put("sort_key", CryptoAction.SIGN_ONLY); // Our sort attribute must be SIGN_ONLY + attributeActionsOnEncrypt.put(partitionKeyName, CryptoAction.SIGN_ONLY); // Our partition attribute must be SIGN_ONLY + attributeActionsOnEncrypt.put(sortKeyName, CryptoAction.SIGN_ONLY); // Our sort attribute must be SIGN_ONLY attributeActionsOnEncrypt.put("attribute1", CryptoAction.ENCRYPT_AND_SIGN); attributeActionsOnEncrypt.put("attribute2", CryptoAction.SIGN_ONLY); attributeActionsOnEncrypt.put(":attribute3", CryptoAction.DO_NOTHING); @@ -99,8 +102,8 @@ public static void PutItemGetItem( final DynamoDbTableEncryptionConfig config = DynamoDbTableEncryptionConfig .builder() .logicalTableName(ddbTableName) - .partitionKeyName("partition_key") - .sortKeyName("sort_key") + .partitionKeyName(partitionKeyName) + .sortKeyName(sortKeyName) .attributeActionsOnEncrypt(attributeActionsOnEncrypt) .keyring(kmsKeyring) .allowedUnsignedAttributePrefix(unsignAttrPrefix) @@ -146,10 +149,10 @@ public static void PutItemGetItem( // client-side, according to our configuration. final HashMap item = new HashMap<>(); item.put( - "partition_key", - AttributeValue.builder().s(PartitionKeyName).build() + partitionKeyName, + AttributeValue.builder().s(partitionKeyValue).build() ); - item.put("sort_key", AttributeValue.builder().n("0").build()); + item.put(sortKeyName, AttributeValue.builder().n(sortKeyValue).build()); item.put( "attribute1", AttributeValue.builder().s("encrypt and sign me!").build() @@ -173,10 +176,10 @@ public static void PutItemGetItem( // back the original item. final HashMap keyToGet = new HashMap<>(); keyToGet.put( - "partition_key", - AttributeValue.builder().s(PartitionKeyName).build() + partitionKeyName, + AttributeValue.builder().s(partitionKeyValue).build() ); - keyToGet.put("sort_key", AttributeValue.builder().n("0").build()); + keyToGet.put(sortKeyName, AttributeValue.builder().n(sortKeyValue).build()); final GetItemRequest getRequest = GetItemRequest .builder() @@ -199,13 +202,19 @@ public static void PutItemGetItem( } public static void main(final String[] args) { - if (args.length < 2) { + if (args.length < 6) { throw new IllegalArgumentException( - "To run this example, include the kmsKeyId as args[0] and ddbTableName as args[1]" + "To run this example, include the kmsKeyId as args[0], ddbTableName as args[1]," + + " partitionKeyName as args[2], sortKeyName as args[3], partitionKeyValue as args[4]" + + " sortKeyValue as args[5]" ); } final String kmsKeyId = args[0]; final String ddbTableName = args[1]; - PutItemGetItem(kmsKeyId, ddbTableName, "BasicPutGetExample"); + final String partitionKeyName = args[2]; + final String sortKeyName = args[3]; + final String partitionKeyValue = args[4]; + final String sortKeyValue = args[5]; + PutItemGetItem(kmsKeyId, ddbTableName, partitionKeyName, sortKeyName, partitionKeyValue, sortKeyValue); } } diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java index 7000c3c67..deb0212e0 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestBasicPutGetExample.java @@ -7,10 +7,21 @@ public class TestBasicPutGetExample { @Test public void TestPutGet() { + final String partitionKeyValue = "BasicPutGetExample" + UUID.randomUUID(); BasicPutGetExample.PutItemGetItem( TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME, - "BasicPutGetExample" + UUID.randomUUID() + "partition_key", + "sort_key", + partitionKeyValue, + "0" + ); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + partitionKeyValue, + "0" ); } } diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestUtils.java b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestUtils.java index 0e1c4f2b0..37bc5f3db 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestUtils.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/test/java/software/amazon/cryptography/examples/TestUtils.java @@ -1,5 +1,10 @@ package software.amazon.cryptography.examples; +import java.util.HashMap; +import software.amazon.awssdk.services.dynamodb.DynamoDbClient; +import software.amazon.awssdk.services.dynamodb.model.AttributeValue; +import software.amazon.awssdk.services.dynamodb.model.DeleteItemRequest; + public class TestUtils { public static final String TEST_KEYSTORE_NAME = "KeyStoreDdbTable"; @@ -30,4 +35,40 @@ public class TestUtils { // Our tests require access to DDB Table with this name public static final String TEST_DDB_TABLE_NAME = "DynamoDbEncryptionInterceptorTestTable"; + + /** + * Deletes an item from a DynamoDB table. + * + * @param tableName The name of the DynamoDB table + * @param partitionKeyName The name of partition key + * @param sortKeyName The name of sort key + * @param partitionKeyValue The value of the partition key + * @param sortKeyValue The value of the sort key (can be null if table doesn't have a sort key) + */ + public static void cleanUpDDBItem( + final String tableName, + final String partitionKeyName, + final String sortKeyName, + final String partitionKeyValue, + final String sortKeyValue + ) { + final DynamoDbClient ddb = DynamoDbClient.builder().build(); + final HashMap keyToDelete = new HashMap<>(); + keyToDelete.put( + partitionKeyName, + AttributeValue.builder().s(partitionKeyValue).build() + ); + if (sortKeyValue != null) { + keyToDelete.put( + sortKeyName, + AttributeValue.builder().n(sortKeyValue).build() + ); + } + final DeleteItemRequest deleteRequest = DeleteItemRequest + .builder() + .tableName(tableName) + .key(keyToDelete) + .build(); + ddb.deleteItem(deleteRequest); + } } From 64424caa90d62e8195ba06e460dcab28993d6f93 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Tue, 10 Jun 2025 17:15:13 -0700 Subject: [PATCH 7/8] auto commit --- .../examples/migration/TestUtils.java | 40 +++++++++++++++++++ .../awsdbe/TestMigrationExampleStep1.java | 6 +++ .../awsdbe/TestMigrationExampleStep2.java | 6 +++ .../awsdbe/TestMigrationExampleStep3.java | 7 +++- .../TestEncryptExistingTable.java | 5 +++ .../plaintext/TestMigrationExampleStep0.java | 7 +++- 6 files changed, 69 insertions(+), 2 deletions(-) diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java index e3d9712ca..39302a719 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java @@ -1,5 +1,9 @@ package software.amazon.cryptography.examples.migration; +import java.util.HashMap; +import software.amazon.awssdk.services.dynamodb.DynamoDbClient; +import software.amazon.awssdk.services.dynamodb.model.AttributeValue; +import software.amazon.awssdk.services.dynamodb.model.DeleteItemRequest; import java.util.UUID; public class TestUtils { @@ -14,4 +18,40 @@ public class TestUtils { public static final String PARTITION_KEY = "PlaintextMigrationExample" + UUID.randomUUID(); + + /** + * Deletes an item from a DynamoDB table. + * + * @param tableName The name of the DynamoDB table + * @param partitionKeyName The name of partition key + * @param sortKeyName The name of sort key + * @param partitionKeyValue The value of the partition key + * @param sortKeyValue The value of the sort key (can be null if table doesn't have a sort key) + */ + public static void cleanUpDDBItem( + final String tableName, + final String partitionKeyName, + final String sortKeyName, + final String partitionKeyValue, + final String sortKeyValue + ) { + final DynamoDbClient ddb = DynamoDbClient.builder().build(); + final HashMap keyToDelete = new HashMap<>(); + keyToDelete.put( + partitionKeyName, + AttributeValue.builder().s(partitionKeyValue).build() + ); + if (sortKeyValue != null) { + keyToDelete.put( + sortKeyName, + AttributeValue.builder().n(sortKeyValue).build() + ); + } + final DeleteItemRequest deleteRequest = DeleteItemRequest + .builder() + .tableName(tableName) + .key(keyToDelete) + .build(); + ddb.deleteItem(deleteRequest); + } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java index 8b59bce41..fc9eeefa8 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java @@ -1,5 +1,7 @@ package software.amazon.cryptography.examples.migration.awsdbe; +import java.util.Arrays; +import java.util.List; import org.testng.annotations.Test; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; @@ -62,5 +64,9 @@ public void TestMigrationStep1() { 3, TestUtils.PARTITION_KEY ); + List sortkeys = Arrays.asList("0", "1", "2", "3"); + for (String sortkey : sortkeys) { + TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java index 81f496e71..544374a6a 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java @@ -1,5 +1,7 @@ package software.amazon.cryptography.examples.migration.awsdbe; +import java.util.Arrays; +import java.util.List; import org.testng.annotations.Test; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; @@ -62,5 +64,9 @@ public void TestMigrationStep2() { 3, TestUtils.PARTITION_KEY ); + List sortkeys = Arrays.asList("0", "1", "2", "3"); + for (String sortkey : sortkeys) { + TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java index c9220764a..efd329bc5 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java @@ -1,7 +1,8 @@ package software.amazon.cryptography.examples.migration.awsdbe; import static org.testng.Assert.assertThrows; - +import java.util.Arrays; +import java.util.List; import org.testng.annotations.Test; import software.amazon.awssdk.core.exception.SdkClientException; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; @@ -75,5 +76,9 @@ public void TestMigrationStep0() { 2, TestUtils.PARTITION_KEY ); + List sortkeys = Arrays.asList("0", "1", "2", "3"); + for (String sortkey : sortkeys) { + TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java index f17a0e4a3..6436c5237 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java @@ -204,5 +204,10 @@ public void TestEncryptExistingTable() { TestUtils.TEST_KMS_KEY_ID, TestUtils.TEST_DDB_TABLE_NAME ); + + List sortkeys = Arrays.asList("0", "1", "2"); + for (String sortkey : sortkeys) { + TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java index 27df6bd71..fe74d0a67 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java @@ -1,7 +1,8 @@ package software.amazon.cryptography.examples.migration.plaintext; import static org.testng.Assert.assertThrows; - +import java.util.Arrays; +import java.util.List; import org.testng.annotations.Test; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep1; import software.amazon.cryptography.examples.awsdbe.MigrationExampleStep2; @@ -71,5 +72,9 @@ public void TestMigrationStep0() { ); } ); + List sortkeys = Arrays.asList("0", "1", "2", "3"); + for (String sortkey : sortkeys) { + TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + } } } From 47a31e06cbb9674a02f8168379b3940fd7d9931f Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Tue, 10 Jun 2025 17:41:30 -0700 Subject: [PATCH 8/8] auto commit --- .../cryptography/examples/BasicPutGetExample.java | 15 +++++++++++---- .../examples/migration/TestUtils.java | 4 ++-- .../awsdbe/TestMigrationExampleStep1.java | 8 +++++++- .../awsdbe/TestMigrationExampleStep2.java | 8 +++++++- .../awsdbe/TestMigrationExampleStep3.java | 9 ++++++++- .../encrypttable/TestEncryptExistingTable.java | 8 +++++++- .../plaintext/TestMigrationExampleStep0.java | 9 ++++++++- 7 files changed, 50 insertions(+), 11 deletions(-) diff --git a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java index cebae1a88..20e8ba466 100644 --- a/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java +++ b/Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/BasicPutGetExample.java @@ -203,9 +203,9 @@ public static void PutItemGetItem( public static void main(final String[] args) { if (args.length < 6) { throw new IllegalArgumentException( - "To run this example, include the kmsKeyId as args[0], ddbTableName as args[1]," - + " partitionKeyName as args[2], sortKeyName as args[3], partitionKeyValue as args[4]" - + " sortKeyValue as args[5]" + "To run this example, include the kmsKeyId as args[0], ddbTableName as args[1]," + + " partitionKeyName as args[2], sortKeyName as args[3], partitionKeyValue as args[4]" + + " sortKeyValue as args[5]" ); } final String kmsKeyId = args[0]; @@ -214,6 +214,13 @@ public static void main(final String[] args) { final String sortKeyName = args[3]; final String partitionKeyValue = args[4]; final String sortKeyValue = args[5]; - PutItemGetItem(kmsKeyId, ddbTableName, partitionKeyName, sortKeyName, partitionKeyValue, sortKeyValue); + PutItemGetItem( + kmsKeyId, + ddbTableName, + partitionKeyName, + sortKeyName, + partitionKeyValue, + sortKeyValue + ); } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java index 39302a719..b45be0da7 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/TestUtils.java @@ -1,10 +1,10 @@ package software.amazon.cryptography.examples.migration; import java.util.HashMap; +import java.util.UUID; import software.amazon.awssdk.services.dynamodb.DynamoDbClient; import software.amazon.awssdk.services.dynamodb.model.AttributeValue; import software.amazon.awssdk.services.dynamodb.model.DeleteItemRequest; -import java.util.UUID; public class TestUtils { @@ -18,7 +18,7 @@ public class TestUtils { public static final String PARTITION_KEY = "PlaintextMigrationExample" + UUID.randomUUID(); - + /** * Deletes an item from a DynamoDB table. * diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java index fc9eeefa8..0fdf8337b 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep1.java @@ -66,7 +66,13 @@ public void TestMigrationStep1() { ); List sortkeys = Arrays.asList("0", "1", "2", "3"); for (String sortkey : sortkeys) { - TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + TestUtils.PARTITION_KEY, + sortkey + ); } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java index 544374a6a..f7ea5f65d 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep2.java @@ -66,7 +66,13 @@ public void TestMigrationStep2() { ); List sortkeys = Arrays.asList("0", "1", "2", "3"); for (String sortkey : sortkeys) { - TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + TestUtils.PARTITION_KEY, + sortkey + ); } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java index efd329bc5..dda4d6aa9 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/TestMigrationExampleStep3.java @@ -1,6 +1,7 @@ package software.amazon.cryptography.examples.migration.awsdbe; import static org.testng.Assert.assertThrows; + import java.util.Arrays; import java.util.List; import org.testng.annotations.Test; @@ -78,7 +79,13 @@ public void TestMigrationStep0() { ); List sortkeys = Arrays.asList("0", "1", "2", "3"); for (String sortkey : sortkeys) { - TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + TestUtils.PARTITION_KEY, + sortkey + ); } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java index 7c100f7cc..57d01028e 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/awsdbe/encrypttable/TestEncryptExistingTable.java @@ -209,7 +209,13 @@ public void TestEncryptExistingTable() { List sortkeys = Arrays.asList("0", "1", "2"); for (String sortkey : sortkeys) { - TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + TestUtils.PARTITION_KEY, + sortkey + ); } } } diff --git a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java index fe74d0a67..3c5548906 100644 --- a/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java +++ b/Examples/runtimes/java/Migration/PlaintextToAWSDBE/src/test/java/software/amazon/cryptography/examples/migration/plaintext/TestMigrationExampleStep0.java @@ -1,6 +1,7 @@ package software.amazon.cryptography.examples.migration.plaintext; import static org.testng.Assert.assertThrows; + import java.util.Arrays; import java.util.List; import org.testng.annotations.Test; @@ -74,7 +75,13 @@ public void TestMigrationStep0() { ); List sortkeys = Arrays.asList("0", "1", "2", "3"); for (String sortkey : sortkeys) { - TestUtils.cleanUpDDBItem(TestUtils.TEST_DDB_TABLE_NAME, "partition_key", "sort_key", TestUtils.PARTITION_KEY, sortkey); + TestUtils.cleanUpDDBItem( + TestUtils.TEST_DDB_TABLE_NAME, + "partition_key", + "sort_key", + TestUtils.PARTITION_KEY, + sortkey + ); } } }