search

spring-attic / spring-cloud-aws

All development has moved to https://github.com/awspring/spring-cloud-aws Integration for Amazon Web Services APIs with Spring
https://awspring.io/
Apache License 2.0
589 stars 376 forks source link

Secrets manager issues in Spring boot 2.4 #781

Closed jojijohn closed 2 years ago

jojijohn commented 2 years ago

Type: Bug

Component: Secrets Manager

Describe the bug Spring boot 2.4.3 Spring Cloud AWS: 2.3.1

I am facing a couple of issues with Spring Cloud AWS integration for Secrets Manager and Parameter Store. I am planning to store my config in Parameter Store and the secrets in Secrets Manager

  1. Even though I have a bootstrap.yml under src/main/resources; it is not being read on startup. I had to move the configs to application.yml to make it work.
  2. I put the secrets as plain text in /secret/epdcs/my-app , but that didn't work. Does only key/value pairs work?
  3. When I import "aws-secretsmanager:", the app wouldn't even start, so I now have to specify the secret keys - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
  4. To connect from my local machine, my understanding is that the cloud.aws.credentials.profile-name and cloud.aws.region.static will be used - but that didn't work and I had to set the environment variables AWS_PROFILE and AWS_REGION

Sample

This is what I have in my application.yml:

spring:
  application:
    name: my-app
  config:
    import:
      - "aws-parameterstore:"
      - "aws-secretsmanager:/secret/epdcs/application;/secret/epdcs/my-app"
cloud:
  aws:
    stack:
      auto: false
    credentials:
      profile-name: dev
    region:
      static: us-east-1
aws:
  paramstore:
    prefix: /config/epdcs
    region: us-east-1
  secretsmanager:
    prefix: /secret/epdcs
    region: us-east-1

These are the spring-cloud dependencies I have in pom.xml

        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-secrets-manager-config</artifactId>
        </dependency>
        <dependency>
            <groupId>io.awspring.cloud</groupId>
            <artifactId>spring-cloud-starter-aws-parameter-store-config</artifactId>
        </dependency>

and the BOM:

            <dependency>
                <groupId>io.awspring.cloud</groupId>
                <artifactId>spring-cloud-aws-dependencies</artifactId>
                <version>2.3.1</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
maciejwalkowiak commented 2 years ago

Moved to https://github.com/awspring/spring-cloud-aws/issues/168