Spring cloud vault enables connecting to a namespace with property "spring.cloud.vault.namespace". I have an use-case to read secrets stored in different namespaces. Is this possible with sprint cloud vault? or there any other approaches?
Thanks
Asked
Active
Viewed 828 times
1 Answers
0
The namespace is configured through the client by registering a ClientHttpRequestInterceptor in RestTemplate respective ExchangeFilterFunction in WebClient.
This approach serves the purpose of allowing client authentications to authenticate against the appropriate namespace without making each authentication mechanism aware of its namespace. Later on, VaultTemplate is configured with the namespaced client to avoid downstream namespace configuration in the VaultTemplate.
If you need to use multiple namespaces, then ideally configure individual SessionManager and VaultTemplate objects per namespace.
Depending on your authentication mechanism (i.e. if you use tokens instead of login methods) there are other possible approaches. One could consist of a single SessionManager/VaultTemplate where you store the namespace and token in a ThreadLocal and provide a ClientHttpRequestInterceptor for a single VaultTemplate that communicates with the desired namespace.
mp911de
- 17,546
- 2
- 55
- 95