如何将AWS Secret Manager与Spring Boot Application集成 [英] How to integrate AWS Secret Manager with Spring Boot Application
问题描述
我需要从AWS Secret Manager检索凭证,并且发现需要为以下启动程序添加gradle依赖项
I have a requirement to retrieve credentials from AWS Secret Manager, and I found that I need to add the gradle dependency for the following starter
spring-cloud-starter-aws-secrets-manager-config
此外,我发现我需要在Bootstrap.yml中添加以下设置
Also, i found that I need to add the following settings in Bootstrap.yml
我不清楚,如果有人可以大为赞赏,那么如何在Spring Boot应用程序中访问秘密密钥.
I'm unclear how secret key could be accessed in my Spring Boot Application if someone could chime in much appreciated.
推荐答案
我想分享有关SecretManager与Spring Boot应用程序集成的发现.
I would like to share my findings on SecretManager integration with Spring Boot application.
步骤1.在Spring Boot应用程序中添加 spring-cloud-starter-aws-secrets-manager-config 依赖项(Gradle和Maven添加依赖项的方式不同).
Step 1. Add spring-cloud-starter-aws-secrets-manager-config dependency in Spring Boot Application ( Gradle and Maven ways of adding dependency is different).
第2步.在bootstrap.yml文件中添加以下配置.
Step 2. Add the following configuration in bootstrap.yml file.
aws:
secretsmanager:
prefix: /secret
defaultContext: application
profileSeparator: _
failFast: true
name: <service_name>
enabled: true
步骤3.在AWS管理控制台中为所需区域创建密钥.
Step 3. create secrets in AWS Management console for the region required.
有两个秘密上下文
- 应用程序上下文-所有服务之间的共享机密.
- 服务上下文-服务专有的秘密.
关于创建秘密的最后说明,可以为每种环境创建秘密.
Final note on creating secrets,Secrets could be created for each environments.
例如,
/secret/service_name_dev/username
/secret/service_name_prod/username
可以根据以下格式创建应用程序上下文机密.
Application context secrets could be created according to following format.
/secret/application/username
一旦Spring Boot应用程序以上述设置启动,应用程序将根据活动配置文件从AWS Secret Manager加载机密.
Once Spring Boot application started with above settings, Application will load secrets from AWS Secret Manager based on active profile.
例如,对于开发人员配置文件,它将加载秘密/secret/service_name_dev/username,并且可以在配置以及使用$ {username}映射的类中访问该值.
For example, for a dev profile, it will load the secret /secret/service_name_dev/username, and the value could be accessed in configuration as well as in classes using ${username} mapping.
这篇关于如何将AWS Secret Manager与Spring Boot Application集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
