0

I want my Spring Cloud Config Server to provide database credentials to all services. I'm getting confused between Vault Key-Value Secrets Engine and Vault Database Secrets Engine. With Key-Value Secrets, I'm able to retrieve configuration properties like this.

{"name":"demo","profiles":["vault"],"label":null,"version":null,"state":null,"propertySources":[{"name":"vault:application","source":{"mykey":"testkey"}}]}

However, with Vault Database Secrets Engine, I got nothing from propertySources. Should I use Key-Value Secrets and specify database properties like this instead:

// vault server key-value secrets
vault kv put secrets/application spring.data.mongodb.username=admin
xX_Xeno_Blade_Xx
  • 31
  • 4
  • It currently only supports key value – spencergibb Feb 01 '23 at 19:43
  • Just keep in mind Spring Boot applications can also communicate directly with Vault to retrieve database credentials either using static or dynamic secrets. What is your confusion about? Are you confused about when to use key-value (static secrets) or database secrets (dynamic secrets), or how to configure Spring? – KDW Feb 12 '23 at 15:34

0 Answers0