3

Iā€™m trying to secure secrets into spring cloud. I have microservice reading configuration from spring cloud, but not able to resolve value from parameter store. For example secure db user and pass.

password=${/config/password} but the path is not resolved

I have added maven dependency

spring-cloud-starter-aws-parameter-store-config

Any ideas are welcome

sherybedrock
  • 111
  • 3
  • 11
  • please post stacktraces and any non-sensitive configuration settings, otherwise nobody can provide informed help. ā€“ mcfinnigan Mar 16 '20 at 19:24
  • there is not much for showing config/servicename_dev/db.username into param store. this value should be resolved into dev profile .yml file ā€“ sherybedrock Mar 16 '20 at 19:34

1 Answers1

-1

Maybe you are missing the boostrap.yaml file? It should be in your /src/main/resources/ folder and looks something like this:

aws:
  paramstore:
    name: your-application-name
    default-context: application
    profile-separator: _

Additionally, I think the default lookup path is /config/application so you might want to put your param at /config/application/password. Since it is probably specific to an application, you probably want to do it like /config/your-application-name_${environmentName}

You also need the Spring Cloud dependency set up correctly. I have mine in Gradle file. Here is my entire Gradle file for your reference.

buildscript {
    ext {
        springBootVersion = '2.0.6.RELEASE'
    }
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
    }
}

apply plugin: 'idea'
apply plugin: 'groovy'
apply plugin: 'org.springframework.boot'
apply plugin: 'io.spring.dependency-management'

springBoot {
    mainClassName 'com.myapi.Application'
}

group = 'com.myapi'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = 1.8

jar {
    baseName = 'my-api'
    version = 1.0
}

repositories {
    mavenCentral()
}

ext {
    springCloudVersion = 'Finchley.RELEASE'
}

dependencyManagement {
    imports {
        mavenBom "org.springframework.cloud:spring-cloud-dependencies:${springCloudVersion}"
    }
}

dependencies {
    implementation "org.springframework.boot:spring-boot-starter-security:${springBootVersion}"
    implementation "org.springframework.boot:spring-boot-starter-web:${springBootVersion}"

    //AWS Param store configuration
    implementation 'com.amazonaws:aws-java-sdk-core:1.11.477'
    implementation 'org.springframework.cloud:spring-cloud-starter-aws-parameter-store-config'
    implementation 'com.amazonaws:aws-java-sdk-ssm:1.11.475'
    implementation 'org.springframework.boot:spring-boot-starter-actuator'

    implementation 'org.springframework.cloud:spring-cloud-aws-messaging:2.0.1.RELEASE'        //AWS SNS configuration
    implementation 'org.springframework.boot:spring-boot-configuration-processor'              //Necessary for the @ConfigurationProperties tag
    implementation 'org.springframework.cloud:spring-cloud-aws-autoconfigure:2.0.1.RELEASE'    //Necessary for auto wiring AmazonSNS
    
    implementation 'org.springframework.boot:spring-boot-starter'
    implementation 'org.codehaus.groovy:groovy-all:2.4.15'
    implementation 'org.springframework.boot:spring-boot-starter-web'
    implementation 'org.springframework.boot:spring-boot-starter-data-rest'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    implementation 'com.github.derjust:spring-data-dynamodb:5.0.4'

    //Swagger
    implementation 'io.springfox:springfox-swagger2:2.9.2'
    implementation 'io.springfox:springfox-swagger-ui:2.9.2'

    testImplementation 'org.springframework.boot:spring-boot-starter-test'
    testImplementation 'org.springframework.security:spring-security-test'
    testImplementation 'org.spockframework:spock-core:1.1-groovy-2.4'
    testImplementation 'org.jsoup:jsoup:1.12.1'
}
Dharman
  • 30,962
  • 25
  • 85
  • 135
Tracy Xia
  • 371
  • 9
  • 22