From 5cb5237fce18950b5ac4133091e8715deeb97fe0 Mon Sep 17 00:00:00 2001 From: lizroth <30636882+lizroth@users.noreply.github.com> Date: Fri, 5 Mar 2021 09:51:29 -0800 Subject: [PATCH 1/3] fix: Add model migration breadcrumbs. Provide a breadcrumb link for customers to find the detailed documentation on model changes. --- README.md | 12 ++++++++++++ .../dynamodbv2/datamodeling/AttributeEncryptor.java | 8 ++++++-- .../datamodeling/encryption/DoNotEncrypt.java | 6 +++++- .../datamodeling/encryption/DoNotTouch.java | 4 ++++ .../datamodeling/encryption/DynamoDBEncryptor.java | 6 +++++- .../datamodeling/encryption/DynamoDBSigner.java | 4 ++++ .../encryption/HandleUnknownAttributes.java | 6 +++++- .../datamodeling/encryption/TableAadOverride.java | 4 ++++ 8 files changed, 45 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index af9f85ac..22d00cde 100644 --- a/README.md +++ b/README.md @@ -111,6 +111,18 @@ Note that by default all attributes except the primary keys are both encrypted a There is a variety of existing [EncryptionMaterialsProvider][materialprovider] implementations that you can use to provide the encryption material, including [KeyStoreMaterialsProvider][keystoreprovider] which makes use of a Java keystore. Alternatively, you can also plug in your own custom implementation. +### Changing Your Data Model + +Every time you encrypt or decrypt an item, you need to provide attribute actions that tell the DynamoDB Encryption +Client which attributes to encrypt and sign, which attributes to sign (but not encrypt), and which to ignore. Attribute +actions are not saved in the encrypted item and the DynamoDB Encryption Client does not update your attribute actions +automatically. + +Whenever you change your data model, that is, when you add or remove attributes from your table items, you need to take +additional steps to safely migrate the client-side encryption configuration. + +For guidance on this process, please see the developer guide on [Changing Your Data Model](https://docs.aws.amazon.com/dynamodb-encryption-client/latest/devguide/data-model.html). + ### Downloads You can download the [latest snapshot release][download] or pick it up from Maven: diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java index 146e77d2..d7111d5d 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java @@ -39,8 +39,12 @@ /** * Encrypts all non-key fields prior to storing them in DynamoDB. * This must be used with @{link SaveBehavior#PUT} or @{link SaveBehavior#CLOBBER}. - * - * @author Greg Rubin + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

+ * + * @author Greg Rubin */ public class AttributeEncryptor implements AttributeTransformer { private static final Log LOG = LogFactory.getLog(AttributeEncryptor.class); diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotEncrypt.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotEncrypt.java index 501bc642..fcf067a8 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotEncrypt.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotEncrypt.java @@ -23,7 +23,11 @@ /** * Prevents the associated item (class or attribute) from being encrypted. - * + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

+ * * @author Greg Rubin */ @DynamoDB diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotTouch.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotTouch.java index d2a817fd..ee2be7ec 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotTouch.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DoNotTouch.java @@ -23,6 +23,10 @@ /** * Prevents the associated item from being encrypted or signed. + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

* * @author Greg Rubin */ diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java index 7a70291c..678b0e40 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java @@ -50,7 +50,11 @@ /** * The low-level API used by {@link AttributeEncryptor} to perform crypto * operations on the record attributes. - * + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

+ * * @author Greg Rubin */ public class DynamoDBEncryptor { diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBSigner.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBSigner.java index cdded8fd..f4a13905 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBSigner.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBSigner.java @@ -43,6 +43,10 @@ import com.amazonaws.services.dynamodbv2.model.AttributeValue; /** + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

+ * * @author Greg Rubin */ // NOTE: This class must remain thread-safe. diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/HandleUnknownAttributes.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/HandleUnknownAttributes.java index b067ac55..fafa85b5 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/HandleUnknownAttributes.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/HandleUnknownAttributes.java @@ -30,8 +30,12 @@ * attributes will only be included in the signature calculation, and if it's * added to a class with default encryption behavior, the unknown attributes * will be signed and decrypted. + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

* - * @author Dan Cavallaro + * @author Dan Cavallaro */ @Target(value = {ElementType.TYPE}) @Retention(value = RetentionPolicy.RUNTIME) diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/TableAadOverride.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/TableAadOverride.java index 9bd58a0c..eb9c15db 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/TableAadOverride.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/TableAadOverride.java @@ -24,6 +24,10 @@ * {@code tableName} instead. This can be useful when multiple tables are * used interchangably and data should be able to be copied or moved * between them without needing to be reencrypted. + * + *

For guidance on performing a safe data model change procedure, please see + * + * DynamoDB Encryption Client Developer Guide: Changing your data model

* * @author Greg Rubin */ From a950e30d4e4fdec16a620e474c525b1ce8ca00f0 Mon Sep 17 00:00:00 2001 From: lizroth <30636882+lizroth@users.noreply.github.com> Date: Fri, 5 Mar 2021 09:51:48 -0800 Subject: [PATCH 2/3] fix: Add MacOS metadata to gitignore. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 97c18da1..c2525ee2 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ release.sh target .idea/ *.iml +.DS_Store From c779829edae8d5d49105f7a7153971f86b366967 Mon Sep 17 00:00:00 2001 From: lizroth <30636882+lizroth@users.noreply.github.com> Date: Fri, 5 Mar 2021 10:38:19 -0800 Subject: [PATCH 3/3] fix: Javadoc tag fixes. --- .../services/dynamodbv2/datamodeling/AttributeEncryptor.java | 2 +- .../services/dynamodbv2/datamodeling/TransformerHolisticIT.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java index d7111d5d..1727a140 100644 --- a/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java +++ b/sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/AttributeEncryptor.java @@ -38,7 +38,7 @@ /** * Encrypts all non-key fields prior to storing them in DynamoDB. - * This must be used with @{link SaveBehavior#PUT} or @{link SaveBehavior#CLOBBER}. + * This must be used with {@link SaveBehavior#PUT} or {@link SaveBehavior#CLOBBER}. * *

For guidance on performing a safe data model change procedure, please see * diff --git a/sdk1/src/test/java/com/amazonaws/services/dynamodbv2/datamodeling/TransformerHolisticIT.java b/sdk1/src/test/java/com/amazonaws/services/dynamodbv2/datamodeling/TransformerHolisticIT.java index e982121f..521d908a 100644 --- a/sdk1/src/test/java/com/amazonaws/services/dynamodbv2/datamodeling/TransformerHolisticIT.java +++ b/sdk1/src/test/java/com/amazonaws/services/dynamodbv2/datamodeling/TransformerHolisticIT.java @@ -397,7 +397,7 @@ public void simpleSaveLoad() { /** * This test ensures that optimistic locking can be successfully done through the {@link DynamoDBMapper} when - * combined with the @{link AttributeEncryptor}. Specifically it checks that {@link SaveBehavior#PUT} properly + * combined with the {@link AttributeEncryptor}. Specifically it checks that {@link SaveBehavior#PUT} properly * enforces versioning and will result in a {@link ConditionalCheckFailedException} when optimistic locking should * prevent a write. Finally, it checks that {@link SaveBehavior#CLOBBER} properly ignores optimistic locking and * overwrites the old value.