Questions tagged [spring-vault]

Spring Vault provides familiar Spring abstractions and client-side support for accessing, storing and revoking secrets from HashiCorp Vault.

Spring Vault provides familiar Spring abstractions and client-side support for accessing, storing and revoking secrets. It offers both low-level and high-level abstractions for interacting with Vault, freeing the user from infrastructural concerns.

With HashiCorp’s Vault you have a central place to manage external secret data for applications across all environments. Vault can manage static and dynamic secrets such as application data, username/password for remote applications/resources and provide credentials for external services such as MySQL, PostgreSQL, Apache Cassandra, Consul, AWS and more.

Features

  • Spring configuration support using Java based @Configuration classes.
  • VaultTemplate and ReactiveVaultTemplate helper classes that increase productivity performing common Vault operations.
  • Exporting Vault secrets as PropertySource through @VaultPropertySource.
  • Support multiple authentication methods.
  • Rotation of secrets for databases and messaging services.
  • Feature Rich Object Mapping integrated with Spring Data Repositories.
  • Annotation based mapping metadata but extensible to support other metadata formats.

Online Resources:

125 questions
2
votes
1 answer

Using multiple types of Vault secrets in one Spring boot application

Consider the following application.properties file of a Spring Boot application. # Spring configuration parameters spring.application.name=MyApplication server.port=${SERVICE_PORT:8080} # SSL…
KDW
  • 485
  • 3
  • 17
2
votes
0 answers

How to decrypt a ciphertext locally using Java / Kotlin from an exported key that supported convergent encryption in hashicorp vault?

I have a usecase where I would want to keep a backup of the encryption keys in case the vault server goes down and decrypt it locally. I am using Hashicorp Transit Secrets Engine, and to test it out I am using Vault Test Container with Spring Vault.…
Wasae Shoaib
  • 189
  • 3
  • 19
2
votes
0 answers

How to implement Spring Cloud Vault with multiple paths using different roles?

I already have Spring Cloud Vault set up to read from multiple paths that have a common role but now I have a requirement to read from multiple paths that may have differing roles. My existing boostrap.yml file looks like spring: cloud: …
2
votes
0 answers

How to disable SSL Verification in Spring Vault (Spring Vault Core - version: 2.3.1)

I am getting below exception: Cannot login using org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://:443/v1/auth/aws/login": PKIX path building failed:…
dishansh
  • 21
  • 2
2
votes
1 answer

How to group membership search in Hashicorp Vault

I'm trying to set up a demonstration of the Vault as a solution to my company's security concerns about very sensitive user data. I've added the ldap authentication and I'm able to login with any ldap user credentials and the entities are created…
Bonana
  • 65
  • 1
  • 10
2
votes
1 answer

Spring Vault Integration - read secrets from multiple paths

Is it possible to read secrets stored under multiple paths/contexts in Vault from Spring Boot application? I assume, profiles should be used, but not sure and still didn't manage to configure profiles. Approle authentication is used to connect Vault…
Ivan
  • 193
  • 3
  • 14
2
votes
2 answers

Spring Boot 2.4.4 failed to start after upgrading

I am upgrading Spring boot application, which is currently working on 2.1.13 to 2.4.4. After upgrade, spring boot application is not starting. Few of the modules used in application are as…
2
votes
2 answers

Correct the classpath of your application so that it contains a single, compatible version of org.springframework.vault.support.SslConfiguration

I am developing code Spring Boot Microservices Project - Part 1 - Spring Boot Config Server & Eureka Service Discovery from - https://www.youtube.com/watch?v=Fq85GschdLw and getting the below error. *************************** APPLICATION FAILED TO…
PAA
  • 1
  • 46
  • 174
  • 282
2
votes
0 answers

Spring vault configs are not being applied

I am new to Spring vault and somewhat new to Springboot, I am trying to learn this so I need help. Apologies for the very long post though. Here is my source of the Spring vault project that I have set up looking at various tutorials…
2
votes
1 answer

Vault .NET - Invalid path for a versioned K/V secrets engine

I've added all my configuration details in the Vault. The detail you can see in the attached image below. This follows a specific path i.e kv/unistad/dev/workflow/camunda/1.0 However, when I try to read this information using Vault.NET with the…
2
votes
1 answer

Spring Vault Integration with Spring Boot App

I am trying to integrate Spring Vault with my application but as soon as I run the application it is throwing exception. I am following Spring IO Documents since I am new to the vault integration but couldn't figure out the exception because I am…
Niko2510
  • 25
  • 1
  • 5
2
votes
1 answer

storage migration check error: error="pq: permission denied for table vault_kv_store"

Here is my vault.config file. ui = true backend "postgresql" { connection_url = "postgres://user:pwd@192.168.1.1:5432/vault?sslmode=disable" } listener "tcp" { address = "0.0.0.0:8200" tls_disable = 1 } disable_mlock = true I have also…
2
votes
1 answer

Spring vault cannot access k/v pair

I'm trying to setup a simple springboot app, with spring vault to store DB and API credentials. But I'm struggling with accessing my key value pair. When I try to access it in my controller (just for testing purpose), it throws a…
dev.tom
  • 489
  • 2
  • 5
  • 16
2
votes
2 answers

How to make versioned KV store work with VaultPropertySource

I am trying to make versioned KV store of vault work with VaultPropertySource so that property can be accessed using @Value. However it is not working as expected. I am using 2.1.2.RELEASE version of spring-vault-core. The intention is to make it…
2
votes
1 answer

Externalize Vault token/backend configuration for SpringBoot application on Pivotal Cloud Foundry

I need to externalize the Vault token and backend to use in my SpringBoot/Cloud application so that the same binary can be deployed to different Pivotal Cloud Foundry spaces. For example I have a single .jar I want to push to Dev, Test, QA, PROD…
user10677470
1
2
3
8 9