awsdocs
diff --git a/‎javav2/example_code/acm/pom.xml
+8-4 b/‎javav2/example_code/acm/pom.xml
+8-4
diff --git a/‎javav2/example_code/acm/src/main/java/com/example/acm/ImportCert.java
+58-32 b/‎javav2/example_code/acm/src/main/java/com/example/acm/ImportCert.java
+58-32
diff --git a/‎javav2/example_code/acm/src/main/resources/log4j2.xml
+17 b/‎javav2/example_code/acm/src/main/resources/log4j2.xml
+17
diff --git a/‎javav2/example_code/acm/src/test/java/ACMTests.java
+67-25 b/‎javav2/example_code/acm/src/test/java/ACMTests.java
+67-25
diff --git a/‎javav2/example_code/apigateway/pom.xml
+28-4 b/‎javav2/example_code/apigateway/pom.xml
+28-4
@@ -9,9 +9,9 @@
     <version>1.0-SNAPSHOT</version>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <java.version>17</java.version>
-        <maven.compiler.target>17</maven.compiler.target>
-        <maven.compiler.source>17</maven.compiler.source>
+        <java.version>21</java.version>
+        <maven.compiler.target>21</maven.compiler.target>
+        <maven.compiler.source>21</maven.compiler.source>
     </properties>
     <build>
         <plugins>
@@ -36,7 +36,7 @@
             <dependency>
                 <groupId>software.amazon.awssdk</groupId>
                 <artifactId>bom</artifactId>
-                <version>2.29.45</version>
+                <version>2.31.8</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -64,6 +64,10 @@
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>secretsmanager</artifactId>
         </dependency>
+        <dependency>
+            <groupId>software.amazon.awssdk</groupId>
+            <artifactId>s3</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
 
@@ -3,14 +3,19 @@
 
 package com.example.acm;
 
+import software.amazon.awssdk.core.ResponseInputStream;
 import software.amazon.awssdk.core.SdkBytes;
 import software.amazon.awssdk.services.acm.AcmClient;
 import software.amazon.awssdk.services.acm.model.ImportCertificateRequest;
 import software.amazon.awssdk.services.acm.model.ImportCertificateResponse;
+import software.amazon.awssdk.services.s3.S3Client;
+import software.amazon.awssdk.services.s3.model.GetObjectRequest;
+import software.amazon.awssdk.services.s3.model.GetObjectResponse;
+import software.amazon.awssdk.services.s3.model.S3Exception;
 import software.amazon.awssdk.utils.IoUtils;
-import java.io.FileInputStream;
+
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.InputStream;
 import java.nio.ByteBuffer;
 
 // snippet-start:[acm.java2.import_cert.main]
@@ -25,58 +30,79 @@
 public class ImportCert {
 
     public static void main(String[] args) {
-
         final String usage = """
-
-            Usage:    <certificatePath> <privateKeyPath>
-
+            Usage: <bucketName> <certificateKey> <privateKeyKey>
+            
             Where:
-                certificatePath - the path to the SSL/TLS certificate file.
-                privateKeyPath - the path to the private key file associated with the SSL/TLS certificate.
+                bucketName - The name of the S3 bucket containing the certificate and private key.
+                certificateKey - The object key for the SSL/TLS certificate file in S3.
+                privateKeyKey - The object key for the private key file in S3.
             """;
 
-        if (args.length != 2) {
-            System.out.println(usage);
-            return;
-        }
+        //if (args.length != 3) {
+        //    System.out.println(usage);
+        //    return;
+       // }
+
+        String bucketName = "certbucket100" ; //args[0];
+        String certificateKey = "certificate.pem" ; // args[1];
+        String privateKeyKey = "private_key.pem" ; //args[2];
 
-        String certificatePath = args[0];
-        String privateKeyPath = args[1];
-        String certificateArn = importCertificate(certificatePath, privateKeyPath);
+        String certificateArn = importCertificate(bucketName, certificateKey, privateKeyKey);
         System.out.println("Certificate imported with ARN: " + certificateArn);
     }
 
     /**
-     * Imports an SSL/TLS certificate and private key into AWS Certificate Manager (ACM) for use with
-     * AWS services.
+     * Imports an SSL/TLS certificate and private key from S3 into AWS Certificate Manager (ACM).
      *
-     * @param certificatePath the file path to the SSL/TLS certificate
-     * @param privateKeyPath  the file path to the private key associated with the certificate
-     * @throws IOException if there is an error reading the certificate or private key files
+     * @param bucketName     The name of the S3 bucket.
+     * @param certificateKey The key for the SSL/TLS certificate file in S3.
+     * @param privateKeyKey  The key for the private key file in S3.
+     * @return The ARN of the imported certificate.
      */
-    public static String importCertificate(String certificatePath, String privateKeyPath) {
+    public static String importCertificate(String bucketName, String certificateKey, String privateKeyKey) {
         AcmClient acmClient = AcmClient.create();
+        S3Client s3Client = S3Client.create();
+
         try {
-            byte[] certificateBytes = readFileBytes(certificatePath);
-            byte[] privateKeyBytes = readFileBytes(privateKeyPath);
+            byte[] certificateBytes = downloadFileFromS3(s3Client, bucketName, certificateKey);
+            byte[] privateKeyBytes = downloadFileFromS3(s3Client, bucketName, privateKeyKey);
 
             ImportCertificateRequest request = ImportCertificateRequest.builder()
-                .certificate(SdkBytes.fromByteBuffer(ByteBuffer.wrap(certificateBytes)))
-                .privateKey(SdkBytes.fromByteBuffer(ByteBuffer.wrap(privateKeyBytes)))
-                .build();
+                    .certificate(SdkBytes.fromByteBuffer(ByteBuffer.wrap(certificateBytes)))
+                    .privateKey(SdkBytes.fromByteBuffer(ByteBuffer.wrap(privateKeyBytes)))
+                    .build();
 
             ImportCertificateResponse response = acmClient.importCertificate(request);
-            String certificateArn = response.certificateArn();
-            return certificateArn;
+            return response.certificateArn();
+
         } catch (IOException e) {
-            System.err.println("Error reading certificate or private key file: " + e.getMessage());
+            System.err.println("Error downloading certificate or private key from S3: " + e.getMessage());
+        } catch (S3Exception e) {
+            System.err.println("S3 error: " + e.awsErrorDetails().errorMessage());
         }
         return "";
     }
 
-    private static byte[] readFileBytes(String filePath) throws IOException {
-        try (InputStream inputStream = new FileInputStream(filePath)) {
-            return IoUtils.toByteArray(inputStream);
+    /**
+     * Downloads a file from Amazon S3 and returns its contents as a byte array.
+     *
+     * @param s3Client   The S3 client.
+     * @param bucketName The name of the S3 bucket.
+     * @param objectKey  The key of the object in S3.
+     * @return The file contents as a byte array.
+     * @throws IOException If an I/O error occurs.
+     */
+    private static byte[] downloadFileFromS3(S3Client s3Client, String bucketName, String objectKey) throws IOException {
+        GetObjectRequest getObjectRequest = GetObjectRequest.builder()
+                .bucket(bucketName)
+                .key(objectKey)
+                .build();
+
+        try (ResponseInputStream<GetObjectResponse> s3Object = s3Client.getObject(getObjectRequest);
+             ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream()) {
+            IoUtils.copy(s3Object, byteArrayOutputStream);
+            return byteArrayOutputStream.toByteArray();
         }
     }
 }
 
@@ -0,0 +1,17 @@
+<Configuration status="WARN">
+    <Appenders>
+        <Console name="ConsoleAppender" target="SYSTEM_OUT">
+            <PatternLayout pattern="%msg%n"/>
+        </Console>
+        <Console name="AlignedConsoleAppender" target="SYSTEM_OUT">
+            <PatternLayout pattern="%m%n"/>
+        </Console>
+    </Appenders>
+    <Loggers>
+        <!-- Root logger configuration -->
+        <Root level="info">
+            <!-- Specify which appenders to use -->
+            <AppenderRef ref="ConsoleAppender" />
+        </Root>
+    </Loggers>
+</Configuration>
@@ -9,40 +9,48 @@
 import com.example.acm.ListCertTags;
 import com.example.acm.RemoveTagsFromCert;
 import com.example.acm.RequestCert;
-import org.junit.jupiter.api.BeforeAll;
-import org.junit.jupiter.api.MethodOrderer;
-import org.junit.jupiter.api.Order;
-import org.junit.jupiter.api.Tag;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.TestInstance;
-import org.junit.jupiter.api.TestMethodOrder;
+import com.google.gson.Gson;
+import org.junit.jupiter.api.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient;
+import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueRequest;
+import software.amazon.awssdk.services.secretsmanager.model.GetSecretValueResponse;
+
+import java.io.IOException;
+
 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 @TestInstance(TestInstance.Lifecycle.PER_METHOD)
 @TestMethodOrder(MethodOrderer.OrderAnnotation.class)
 public class ACMTests {
-
+    private static final Logger logger = LoggerFactory.getLogger(ACMTests.class);
     private static String certificatePath = "";
     private static String privateKeyPath = "";
-
+    private static String bucketName = "";
     private static String certificateArn;
 
     @BeforeAll
-    public static void setUp() {
-
-        certificatePath = "C:\\Users\\scmacdon\\cert_example\\certificate.pem";
-        privateKeyPath = "C:\\Users\\scmacdon\\cert_example\\private_key.pem";
+    public static void setUp() throws IOException {
+        Gson gson = new Gson();
+        String json = getSecretValues();
+        SecretValues values = gson.fromJson(json, SecretValues.class);
+        certificatePath = values.getCertificatePath();
+        privateKeyPath = values.getPrivateKeyPath();
+        bucketName = values.getBucketName();
     }
 
     @Test
     @Tag("IntegrationTest")
     @Order(1)
     public void testImportCert() {
         assertDoesNotThrow(() -> {
-            certificateArn = ImportCert.importCertificate(certificatePath, privateKeyPath);
+            certificateArn = ImportCert.importCertificate(bucketName, certificatePath, privateKeyPath);
             assertNotNull(certificateArn);
         });
+        logger.info("Test 1 passed");
     }
 
     @Test
@@ -52,6 +60,7 @@ public void testAddTags() {
         assertDoesNotThrow(() -> {
             AddTagsToCertificate.addTags(certificateArn);
         });
+        logger.info("Test 2 passed");
     }
 
     @Test
@@ -61,42 +70,75 @@ public void testDescribeCert() {
         assertDoesNotThrow(() -> {
             DescribeCert.describeCertificate(certificateArn);
         });
+        logger.info("Test 3 passed");
     }
 
     @Test
     @Tag("IntegrationTest")
     @Order(4)
-    public void testListCertTags() {
-        assertDoesNotThrow(() -> {
-            ListCertTags.listCertTags(certificateArn);
-        });
-    }
-
-    @Test
-    @Tag("IntegrationTest")
-    @Order(5)
     public void testRemoveTagsFromCert() {
         assertDoesNotThrow(() -> {
             RemoveTagsFromCert.removeTags(certificateArn);
         });
+        logger.info("Test 4 passed");
     }
 
 
     @Test
     @Tag("IntegrationTest")
-    @Order(6)
+    @Order(5)
     public void testRequestCert() {
         assertDoesNotThrow(() -> {
             RequestCert.requestCertificate();
         });
+        logger.info("Test 5 passed");
     }
 
     @Test
     @Tag("IntegrationTest")
-    @Order(7)
+    @Order(6)
     public void testDeleteCert() {
         assertDoesNotThrow(() -> {
             DeleteCert.deleteCertificate(certificateArn);
         });
+        logger.info("Test 6 passed");
+    }
+
+
+    private static String getSecretValues() {
+        SecretsManagerClient secretClient = SecretsManagerClient.builder()
+                .region(Region.US_EAST_1)
+                .build();
+        String secretName = "test/acm";
+
+        GetSecretValueRequest valueRequest = GetSecretValueRequest.builder()
+                .secretId(secretName)
+                .build();
+
+        GetSecretValueResponse valueResponse = secretClient.getSecretValue(valueRequest);
+        return valueResponse.secretString();
+    }
+
+    @Nested
+    @DisplayName("A class used to get test values from test/cognito (an AWS Secrets Manager secret)")
+    class SecretValues {
+        private String certificatePath;
+        private String privateKeyPath;
+        private String bucketName;
+
+        // Getter for certificatePath
+        public String getCertificatePath() {
+            return certificatePath;
+        }
+
+        // Getter for privateKeyPath
+        public String getPrivateKeyPath() {
+            return privateKeyPath;
+        }
+
+        // Getter for bucketName
+        public String getBucketName() {
+            return bucketName;
+        }
     }
 }
@@ -8,9 +8,9 @@
     <version>1.0-SNAPSHOT</version>
  <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <java.version>17</java.version>
-        <maven.compiler.target>17</maven.compiler.target>
-        <maven.compiler.source>17</maven.compiler.source>
+        <java.version>21</java.version>
+        <maven.compiler.target>21</maven.compiler.target>
+        <maven.compiler.source>21</maven.compiler.source>
     </properties>
     <build>
         <plugins>
@@ -26,7 +26,14 @@
             <dependency>
                 <groupId>software.amazon.awssdk</groupId>
                 <artifactId>bom</artifactId>
-                <version>2.29.45</version>
+                <version>2.31.8</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.logging.log4j</groupId>
+                <artifactId>log4j-bom</artifactId>
+                <version>2.23.1</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -60,5 +67,22 @@
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>ssooidc</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>2.0.13</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-slf4j2-impl</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-1.2-api</artifactId>
+        </dependency>
     </dependencies>
 </project>