addressing comments from nastra

Author: szlta

aws/src/integration/java/org/apache/iceberg/aws/TestKeyManagementClient.java

@@ -68,18 +68,33 @@ public static void beforeClass() {
     keyId = response.keyMetadata().keyId();
   }
 
+  @AfterAll
+  public static void afterClass() {
+    // AWS KMS doesn't allow instant deletion. Keys can be put to pendingDeletion state instead,
+    // with a minimum of 7 days until final removal.
+    ScheduleKeyDeletionRequest deletionRequest =
+        ScheduleKeyDeletionRequest.builder().keyId(keyId).pendingWindowInDays(7).build();
+
+    ScheduleKeyDeletionResponse deletionResponse = kmsClient.scheduleKeyDeletion(deletionRequest);
+    LOG.info(
+        "Deletion of test key {} will be finalized at {}", keyId, deletionResponse.deletionDate());
+
+    try {
+      kmsClient.close();
+    } catch (Exception e) {
+      LOG.error("Error closing KMS client", e);
+    }
+  }
+
   @Test
   public void testKeyWrapping() {
-    AwsKeyManagementClient keyManagementClient = new AwsKeyManagementClient();
-    try {
+    try (AwsKeyManagementClient keyManagementClient = new AwsKeyManagementClient()) {
       keyManagementClient.initialize(ImmutableMap.of());
 
       ByteBuffer key = ByteBuffer.wrap(new String("super-secret-table-master-key").getBytes());
       ByteBuffer encryptedKey = keyManagementClient.wrapKey(key, keyId);
 
       assertThat(keyManagementClient.unwrapKey(encryptedKey, keyId)).isEqualTo(key);
-    } finally {
-      keyManagementClient.close();
     }
   }
 
@@ -89,8 +104,7 @@ public void testKeyWrapping() {
       value = DataKeySpec.class,
       names = {"AES_128", "AES_256"})
   public void testKeyGeneration(DataKeySpec dataKeySpec) {
-    AwsKeyManagementClient keyManagementClient = new AwsKeyManagementClient();
-    try {
+    try (AwsKeyManagementClient keyManagementClient = new AwsKeyManagementClient()) {
       Map<String, String> properties =
           dataKeySpec == null
               ? ImmutableMap.of()
@@ -100,8 +114,6 @@ public void testKeyGeneration(DataKeySpec dataKeySpec) {
 
       assertThat(keyManagementClient.unwrapKey(result.wrappedKey(), keyId)).isEqualTo(result.key());
       assertThat(result.key().limit()).isEqualTo(expectedLength(dataKeySpec));
-    } finally {
-      keyManagementClient.close();
     }
   }
 
@@ -112,22 +124,4 @@ private static int expectedLength(DataKeySpec spec) {
       return 256 / 8;
     }
   }
-
-  @AfterAll
-  public static void afterClass() {
-    // AWS KMS doesn't allow instant deletion. Keys can be put to pendingDeletion state instead,
-    // with a minimum of 7 days until final removal.
-    ScheduleKeyDeletionRequest deletionRequest =
-        ScheduleKeyDeletionRequest.builder().keyId(keyId).pendingWindowInDays(7).build();
-
-    ScheduleKeyDeletionResponse deletionResponse = kmsClient.scheduleKeyDeletion(deletionRequest);
-    LOG.info(
-        "Deletion of test key {} will be finalized at {}", keyId, deletionResponse.deletionDate());
-
-    try {
-      kmsClient.close();
-    } catch (Exception e) {
-      LOG.error("Error closing KMS client", e);
-    }
-  }
 }

aws/src/main/java/org/apache/iceberg/aws/AwsKeyManagementClient.java

@@ -43,7 +43,15 @@ public class AwsKeyManagementClient implements KeyManagementClient {
   private EncryptionAlgorithmSpec encryptionAlgorithmSpec;
   private DataKeySpec dataKeySpec;
 
-  public AwsKeyManagementClient() {}
+  @Override
+  public void initialize(Map<String, String> properties) {
+    AwsClientFactory clientFactory = AwsClientFactories.from(properties);
+    this.kmsClient = clientFactory.kms();
+
+    AwsProperties awsProperties = new AwsProperties(properties);
+    this.encryptionAlgorithmSpec = awsProperties.kmsEncryptionAlgorithmSpec();
+    this.dataKeySpec = awsProperties.kmsDataKeySpec();
+  }
 
   @Override
   public ByteBuffer wrapKey(ByteBuffer key, String wrappingKeyId) {
@@ -88,16 +96,6 @@ public ByteBuffer unwrapKey(ByteBuffer wrappedKey, String wrappingKeyId) {
     return result.plaintext().asByteBuffer();
   }
 
-  @Override
-  public void initialize(Map<String, String> properties) {
-    AwsClientFactory clientFactory = AwsClientFactories.from(properties);
-    this.kmsClient = clientFactory.kms();
-
-    AwsProperties awsProperties = new AwsProperties(properties);
-    this.encryptionAlgorithmSpec = awsProperties.kmsEncryptionAlgorithmSpec();
-    this.dataKeySpec = awsProperties.kmsDataKeySpec();
-  }
-
   @Override
   public void close() {
     if (kmsClient != null) {