I have created a Spring boot application where I want to use AWS secrets for application.properties. I am using spring boot 2.2.6.RELEASE and as per the documentation I have added following dependencies in my pom:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-context</artifactId>
<version>2.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-aws-secrets-manager-config</artifactId>
<version>2.2.2.RELEASE</version>
</dependency>
From AWS Secrets Manager service I created a new secret of type "Other types of secrets" and gave it a name /secret/myservice. For testing I added a secret key as environment and value as aws which I want to retrieve in my controller. The part which is not clear to me is the entry I need to make in my bootstrap.yml file as I am confused with the instructions in Spring Cloud AWS documentation. Could someone please provide some proper instructions as I am not able to use this feature properly. For reference I added this in my bootstrap.yml file:
aws:
secretsmanager:
name: myservice
prefix: /secret
enabled: true
defaultContext: application
failFast: true
cloud:
aws:
region:
static: us-east-1
and trying to retrieve the environment value in the controller:
@RestController
@EnableWebMvc
public class PingController {
@Value(value = "${environment}")
private String environment;
@RequestMapping(path = "/ping", method = RequestMethod.GET)
public Map<String, String> ping() {
Map<String, String> pong = new HashMap<>();
pong.put("pong", "Hello, World!" + "This is " + environment + " environment...");
return pong;
}
}
You can use the aws-serverless-java-container library to run a Spring Boot application in AWS Lambda. You can use the library within your Lambda handler to load your Spring Boot application and proxy events to it.
In order to grant a Lambda function access to Secrets Manager, we have to attach an IAM policy to the function's execution role. The policy should grant permissions for all the Actions the function needs to perform on the secrets.
Struggled with the same problem. Solved this by defining environment variables in the lambda function itself and then populating those with AWS Secrets Manager.
This way you can use a placeholder like ${property_1} in the application.properties file and this will be replaced by the Environment variable defined in the Lambda Function.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With