The Starter brings you the ability to use the encrypted values feature in your remote property sources. The values securely stored as secrets in Azure KeyVault.
In addition to that you could use your Azure KeyVault as backend to store your properties.
Please refer to the different sample projects
- Multiple Backends via Profile
- Single Backend via Profile
- Single Backend via Profile in combination with Spring Boot Actuator
- Multiple Backends via Composite Profile
- Multiple KeyVaults via Composite Profile
The starter is published on Maven Central. If you're using Maven add the following dependency:
<dependency>
<groupId>io.github.srempfer</groupId>
<artifactId>spring-cloud-config-azure-keyvault-starter</artifactId>
<version>0.10.0-SNAPSHOT</version>
</dependency>To get it working you have to specify your Azure KeyVault url, Azure service principal client id and client key.
spring.cloud.config.server.azure.keyvault.uri=put-your-azure-keyvault-url-here
spring.cloud.config.server.azure.keyvault.client-id=put-your-azure-client-id-here
spring.cloud.config.server.azure.keyvault.client-key=put-your-azure-client-key-here
spring.cloud.config.server.azure.keyvault.tenant-id=put-your-azure-tenant-id-here
For the interaction with Azure KeyVault the Spring Cloud Azure Starter Keyvault Secrets is used.
The starter provides an Azure KeyVault based EnvironmentEncryptor and works similar to the cipher based mechanism.
spring.datasource.username=dbuser
spring.datasource.password={keyvault}secret-name-in-key-vault
The starter provides an Azure KeyVault based EnvironmentRepository and works similar to the JDBC Backend.
The format of the secret names have to be {application}---{profile}---{label}---keyname
| Secret Name | Application | Profile | Label | Key |
|---|---|---|---|---|
| application---default---master---simplekey | application | simplekey | ||
| application---default---master---test-key | application | test-key | ||
| application---default---master---spring--datasource--password | application | spring.datasource.password | ||
| application---simpleprofile---master---simplekey | application | simpleprofile | simplekey | |
| application---profile-one---master---simplekey | application | profile-one | simplekey | |
| application---default---simplelabel---simplekey | application | simplelabel | simplekey | |
| application---default---label-one---simplekey | application | label-one | simplekey | |
| application---default---v1----prod---simplekey | application | v1/prod | simplekey | |
| my-application---default---master---simplekey | my-application | simplekey | ||
| Org1----MyApp---default---master---simplekey | Org1/MyApp | simplekey |