package com.yahoo.jdisc.cloud.aws;

import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider;
import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClient;
import com.amazonaws.services.simplesystemsmanagement.model.GetParametersRequest;
import com.amazonaws.services.simplesystemsmanagement.model.GetParametersResult;
import com.amazonaws.services.simplesystemsmanagement.model.Parameter;
import com.yahoo.container.jdisc.secretstore.SecretNotFoundException;
import com.yahoo.container.jdisc.secretstore.SecretStore;

/* loaded from: input_file:com/yahoo/jdisc/cloud/aws/AwsParameterStore.class */
public class AwsParameterStore implements SecretStore {
    private final VespaAwsCredentialsProvider credentialsProvider;
    private final String roleToAssume;
    private final String externalId;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AwsParameterStore(VespaAwsCredentialsProvider vespaAwsCredentialsProvider, String str, String str2) {
        this.credentialsProvider = vespaAwsCredentialsProvider;
        this.roleToAssume = str;
        this.externalId = str2;
    }

    public String getSecret(String str) {
        GetParametersResult parameters = ((AWSSimpleSystemsManagement) AWSSimpleSystemsManagementClient.builder().withCredentials(new STSAssumeRoleSessionCredentialsProvider.Builder(this.roleToAssume, "vespa").withExternalId(this.externalId).withStsClient((AWSSecurityTokenService) AWSSecurityTokenServiceClientBuilder.standard().withRegion("us-east-1").withCredentials(this.credentialsProvider).build()).build()).withRegion("us-east-1").build()).getParameters(new GetParametersRequest().withNames(new String[]{str}).withWithDecryption(true));
        int size = parameters.getParameters().size();
        if (size < 1) {
            throw new SecretNotFoundException("Could not find secret " + str + " using role " + this.roleToAssume);
        }
        if (size > 1) {
            throw new RuntimeException("Found too many parameters, expected 1, but found " + size);
        }
        return ((Parameter) parameters.getParameters().get(0)).getValue();
    }

    public String getSecret(String str, int i) {
        return getSecret(str);
    }
}
