Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Secrets manager issues in Spring boot 2.4

See original GitHub issue

From spring-cloud-aws created by jojijohn: spring-cloud/spring-cloud-aws#781

Type: Bug

Component: Secrets Manager

Describe the bug Spring boot 2.4.3 Spring Cloud AWS: 2.3.1

I am facing a couple of issues with Spring Cloud AWS integration for Secrets Manager and Parameter Store. I am planning to store my config in Parameter Store and the secrets in Secrets Manager

Even though I have a bootstrap.yml under src/main/resources; it is not being read on startup. I had to move the configs to application.yml to make it work.
I put the secrets as plain text in /secret/epdcs/my-app , but that didn’t work. Does only key/value pairs work?
When I import "aws-secretsmanager:", the app wouldn’t even start, so I now have to specify the secret keys - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
To connect from my local machine, my understanding is that the cloud.aws.credentials.profile-name and cloud.aws.region.static will be used - but that didn’t work and I had to set the environment variables AWS_PROFILE and AWS_REGION

Sample

This is what I have in my application.yml:

spring:
  application:
    name: my-app
  config:
    import:
      - "aws-parameterstore:"
      - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
cloud:
  aws:
    stack:
      auto: false
    credentials:
      profile-name: dev
    region:
      static: us-east-1
aws:
  paramstore:
    prefix: /config/epdcs
    region: us-east-1
  secretsmanager:
    prefix: /secret/epdcs
    region: us-east-1

These are the spring-cloud dependencies I have in pom.xml

        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-secrets-manager-config</artifactId>
        </dependency>
        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-parameter-store-config</artifactId>
        </dependency>

and the BOM:

            <dependency>
                <groupId>io.awspring.cloud</groupId>
                <artifactId>spring-cloud-aws-dependencies</artifactId>
                <version>2.3.1</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>

Issue Analytics

State:
Created 2 years ago
Comments:6 (3 by maintainers)

Top GitHub Comments

1reaction

Blockostcommented, May 26, 2022

I found that defining a property aws.secretsmanager.region in your application.yml lets you define a region without having to add custom code.

All configurable properties can be found in io.awspring.cloud.secretsmanager.AwsSecretsManagerProperties (tested with spring-cloud-aws-secrets-manager-config v2.4.1)

0reactions

maciejwalkowiakcommented, May 6, 2022

@noshua You need to register custom client for secrets manager. Check this entry in docs https://docs.awspring.io/spring-cloud-aws/docs/3.0.0-SNAPSHOT/reference/html/index.html#customizing-secretsmanagerclient (it’s for 3.0 but same principles apply to 2.4.x)

Top Results From Across the Web

spring boot with aws secrets manager is not download the ...

I have updated the Spring boot from 2.0.9.RELEASE to 2.4.3, and I am using the package to get the AWS Secrets version 2.2.5.RELEASE....

Spring Boot Secret Properties: How to store secrets in your ...

In this tutorial, you will learn how to use Spring Boot secret properties in your next application. When you define your own configuration ......

Spring Cloud Config Server

AWS Secrets Manager Backend. Spring Cloud Config Server supports AWS Secrets Manager as a backend for configuration properties. You can enable this feature...

Spring Cloud AWS

1. Spring Boot Configuration Import Support. From Spring Cloud AWS 2.3.0 onwards, the Secrets Manager Configuration module additionally supports using Spring ...

spring-cloud/spring-cloud-aws - Gitter

I have just noticed that spring-cloud-aws repository has been moved ... using spring-cloud-starter-aws-secrets-manager-config 2.4.1 with spring-boot 2.6.8 .