Reputation: 31
I'm trying to integrate Spring Cloud application with the AWS Secrets Manager.
While doing, I'm having issue finding example code for Spring Cloud and the AWS Secrets manager integration. I have got the spring-cloud-starter-aws-secrets-manager-config in our pom, looking at the official docs.
As per this documentation, I need to just add property sources in a certain way, but I'm unsure how it can select the correct secrets?
If my application is called com.example.test does that mean my secret should be called secret.com.example.test and anything I add in there will automatically be available as a property source?
Do I even need to add any code for this to work? or Could you provide any other sources to complete this?
Upvotes: 3
Views: 5859
Reputation: 4249
This library is not super intuitive and took me a bit to figure out. Sounds like they may be revamping this a lot soon but as of spring-cloud-aws:2.2.3.RELEASE I got it working like this:
Make sure you have your profile configuration in a <USER_HOME>/.aws/credentials file with a [default] profile
In version 2.2.3 there is a bug that defaults the region to us-west-2 unless this is specified in your bootstrap.yml
aws:
secretsmanager:
region: <whatever region you'd like>
Make a secret named /secret/application
. For now, add a key/value pair "password:secret"
These key/value pairs will be directly mapped to properties, so you should now be able to just throw this in your Spring app. Your password
variable will now have the value "secret"
@Service
public class MyService {
@Value("${password}")
public String password;
}
That's the basics. If you read the documentation they describe how to determine which secrets are checked on startup. In your example, by default it would also be checking /secret/com.example.test
in addition to /secret/application
Upvotes: 3