question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Secrets manager issues in Spring boot 2.4

See original GitHub issue

From spring-cloud-aws created by jojijohn: spring-cloud/spring-cloud-aws#781

Type: Bug

Component: Secrets Manager

Describe the bug Spring boot 2.4.3 Spring Cloud AWS: 2.3.1

I am facing a couple of issues with Spring Cloud AWS integration for Secrets Manager and Parameter Store. I am planning to store my config in Parameter Store and the secrets in Secrets Manager

  1. Even though I have a bootstrap.yml under src/main/resources; it is not being read on startup. I had to move the configs to application.yml to make it work.
  2. I put the secrets as plain text in /secret/epdcs/my-app , but that didn’t work. Does only key/value pairs work?
  3. When I import "aws-secretsmanager:", the app wouldn’t even start, so I now have to specify the secret keys - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
  4. To connect from my local machine, my understanding is that the cloud.aws.credentials.profile-name and cloud.aws.region.static will be used - but that didn’t work and I had to set the environment variables AWS_PROFILE and AWS_REGION

Sample

This is what I have in my application.yml:

spring:
  application:
    name: my-app
  config:
    import:
      - "aws-parameterstore:"
      - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
cloud:
  aws:
    stack:
      auto: false
    credentials:
      profile-name: dev
    region:
      static: us-east-1
aws:
  paramstore:
    prefix: /config/epdcs
    region: us-east-1
  secretsmanager:
    prefix: /secret/epdcs
    region: us-east-1

These are the spring-cloud dependencies I have in pom.xml

        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-secrets-manager-config</artifactId>
        </dependency>
        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-parameter-store-config</artifactId>
        </dependency>

and the BOM:

            <dependency>
                <groupId>io.awspring.cloud</groupId>
                <artifactId>spring-cloud-aws-dependencies</artifactId>
                <version>2.3.1</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
Blockostcommented, May 26, 2022

I found that defining a property aws.secretsmanager.region in your application.yml lets you define a region without having to add custom code.

All configurable properties can be found in io.awspring.cloud.secretsmanager.AwsSecretsManagerProperties (tested with spring-cloud-aws-secrets-manager-config v2.4.1)

0reactions
maciejwalkowiakcommented, May 6, 2022

@noshua You need to register custom client for secrets manager. Check this entry in docs https://docs.awspring.io/spring-cloud-aws/docs/3.0.0-SNAPSHOT/reference/html/index.html#customizing-secretsmanagerclient (it’s for 3.0 but same principles apply to 2.4.x)

Read more comments on GitHub >

github_iconTop Results From Across the Web

spring boot with aws secrets manager is not download the ...
I have updated the Spring boot from 2.0.9.RELEASE to 2.4.3, and I am using the package to get the AWS Secrets version 2.2.5.RELEASE....
Read more >
Spring Boot Secret Properties: How to store secrets in your ...
In this tutorial, you will learn how to use Spring Boot secret properties in your next application. When you define your own configuration ......
Read more >
Spring Cloud Config Server
AWS Secrets Manager Backend. Spring Cloud Config Server supports AWS Secrets Manager as a backend for configuration properties. You can enable this feature...
Read more >
Spring Cloud AWS
1. Spring Boot Configuration Import Support. From Spring Cloud AWS 2.3.0 onwards, the Secrets Manager Configuration module additionally supports using Spring ...
Read more >
spring-cloud/spring-cloud-aws - Gitter
I have just noticed that spring-cloud-aws repository has been moved ... using spring-cloud-starter-aws-secrets-manager-config 2.4.1 with spring-boot 2.6.8 .
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found