如何记录/查看 AWS Java SDK HTTP(S) 请求

How to Log/ View AWS Java SDK HTTP(S) Requests

我正在开发 Spring 仅使用 HTTPS 的启动应用程序。我正在使用 AWS 服务和相应的 AWS Java SDK。如何查看 java sdk 方法在我的应用程序后端调用的 HTTP(S) 请求?我想确保在上传到 S3 等时,一切都仅通过 HTTPS 完成,因为此应用程序的安全性很重要。对于如何查看应用程序后端何时与 AWS 服务进行交互有点困惑。提前致谢。

AWS 默认对所有通信使用 HTTPS,并为您提供防止流量离开 AWS VPC 的选项(例如 VPC 端点)。

不幸的是,我在 Java SDK 文档中找不到说明它遵循这种做法的参考。您可以 找到 gua运行 个人服务的 T 恤(例如,S3). And it's implied that the SDK uses TLS by the page that describes how to enforce using TLS 1.2

但是,如果你真的想确定,你需要enable logging at the wire level


更新回复评论:

我运行以下程序调试:

    public static void main(String[] argv)
    throws Exception
    {
        S3Client client = S3Client.builder().build();
        
        for (Bucket bucket : client.listBuckets().buckets())
        {
            System.out.println(bucket.name());
        }
    }

查看日志,肯定是在建立 HTTPS 连接:

2021-11-17 17:51:24,802 [main] DEBUG request - Sending Request: DefaultSdkHttpFullRequest(httpMethod=GET, protocol=https, host=s3.amazonaws.com, port=443, encodedPath=/, headers=[amz-sdk-invocation-id, User-Agent], queryParameters=[])
...
2021-11-17 17:51:24,832 [main] DEBUG PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://s3.amazonaws.com:443][total kept alive: 0; route allocated: 0 of 50; total allocated: 0 of 50]
2021-11-17 17:51:24,839 [main] DEBUG PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://s3.amazonaws.com:443][total kept alive: 0; route allocated: 1 of 50; total allocated: 1 of 50]
2021-11-17 17:51:24,840 [main] DEBUG MainClientExec - Opening connection {s}->https://s3.amazonaws.com:443
2021-11-17 17:51:24,871 [main] DEBUG DefaultHttpClientConnectionOperator - Connecting to s3.amazonaws.com/52.216.251.102:443
2021-11-17 17:51:24,871 [main] DEBUG SdkTlsSocketFactory - Connecting socket to s3.amazonaws.com/52.216.251.102:443 with timeout 2000
2021-11-17 17:51:24,902 [main] DEBUG SdkTlsSocketFactory - Enabled protocols: [TLSv1.2]

接下来是 TLS 协商,然后是实际请求。如果您不熟悉 HTTP 协议,可能 会感到困惑的一件事是:

2021-11-17 17:51:25,022 [main] DEBUG MainClientExec - Executing request GET / HTTP/1.1

那是HTTP请求行,“HTTP/1.1”表示协议版本。此信息通过安全连接发送。