Library versions
Spring Boot 2.7.12
Spring Cloud 2021.0.6
Spring Cloud AWS 2.4.1
I have a Spring Cloud Config setup with a Git backend. Generally, property files fetching function well. My aim is store secrets in AWS and reference them from property files, so I added additional spring.config.import: "aws-secretsmanager:/test/springconfig" directive within the properties file for the Spring Cloud Config Server.
This option only works when I add such a configuration to an application property itself as follows:
spring:
application:
name: my-java-client
config:
import:
- "configserver:"
- "aws-secretsmanager:/test/springconfig"My intention is to house both configurations and sensitive data (in the form of AWS references like "aws-secretsmanager:/test/springconfig") in the Git backend. So, the properties file in Git backend would look like
server.datasource.url: jdbc:postgresql://dev:5432/example
spring.config.import: "aws-secretsmanager:/test/springconfig"
some.dummy: value
This is what I get now:
{
"name": "configserver:[email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml",
"properties": {
"server.datasource.url": {
"value": "jdbc:postgresql://dev:5432/example",
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:1:24"
},
"some.dummy": {
"value": "value",
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:2:13"
},
"aws.secretsmanager.region": {
"value": "us-east-1",
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:5:13"
},
"management.endpoints.web.exposure.include": {
"value": "env",
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:7:44"
},
"management.endpoint.env.enabled": {
"value": true,
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:8:34"
},
"spring.config.import": {
"value": "aws-secretsmanager:/test/springconfig",
"origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:10:23"
}
}
},The problem is that I don't get retrieved values from aws secret while storing spring.config.import: "aws-secretsmanager:/test/springconfig" in Git backend for Cloud Config server.
I would appreciate any guidance on potential options to achieve this result. I have read that this can be done using Spring Cloud Vault, but it seems excessive for our needs as we would like to use AWS facilities for this purpose.
Thanks,
Oleksandr
Library versions
Spring Boot 2.7.12
Spring Cloud 2021.0.6
Spring Cloud AWS 2.4.1
I have a Spring Cloud Config setup with a Git backend. Generally, property files fetching function well. My aim is store secrets in AWS and reference them from property files, so I added additional
spring.config.import: "aws-secretsmanager:/test/springconfig"directive within the properties file for the Spring Cloud Config Server.This option only works when I add such a configuration to an application property itself as follows:
My intention is to house both configurations and sensitive data (in the form of AWS references like
"aws-secretsmanager:/test/springconfig") in the Git backend. So, the properties file in Git backend would look likeThis is what I get now:
{ "name": "configserver:[email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml", "properties": { "server.datasource.url": { "value": "jdbc:postgresql://dev:5432/example", "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:1:24" }, "some.dummy": { "value": "value", "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:2:13" }, "aws.secretsmanager.region": { "value": "us-east-1", "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:5:13" }, "management.endpoints.web.exposure.include": { "value": "env", "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:7:44" }, "management.endpoint.env.enabled": { "value": true, "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:8:34" }, "spring.config.import": { "value": "aws-secretsmanager:/test/springconfig", "origin": "Config Server [email protected]:xxx/spring-configs.git/configs-location/java-client/java-client-dev.yaml:10:23" } } },The problem is that I don't get retrieved values from aws secret while storing
spring.config.import: "aws-secretsmanager:/test/springconfig"in Git backend for Cloud Config server.I would appreciate any guidance on potential options to achieve this result. I have read that this can be done using Spring Cloud Vault, but it seems excessive for our needs as we would like to use AWS facilities for this purpose.
Thanks,
Oleksandr