I know how to read AWS credentials (for one environment) through application properties.
I need to create multiple amazonSnsClient() through application properties on application startup.
I have an application properties file that has AWS properties of multiple environments in one file which looks like below example
#DEV
abc.env[0].aws.accessKeyId=xaw
abc.env[0].aws.awsSecretKeyId=yrt
#TEST
abc.env[1].aws.accessKeyId=abc
abc.env[1].aws.awsSecretKeyId=def
I will have a HashMap that will contain all the AWS credentials from a properties file.
I need to read all the AWS Credentials from a properties file and create that many amazonSnsClient
How can I achieve the same in Spring boot? Is there any annotation that I can make use of?
Note: The requirement is that the properties of Dev and Test have to be in one file
Can someone please help?
Thank you for your time.
You create the client manually like this ...
var client = SnsClient.builder()
.region(Region.of(awsProperties.getRegion()))
.withCredentials(... add your credentials here)
.build();
// use client methods to interact with AWS
Related
I am currently creating a Java Spring application that works with the spring security JWT. Everywhere I look and read about the "secret string", it says should be changed in production. Like this line in my application.properties: security.jwt.secret="this-is-a-512-bit-key-used-for-signing-jwt-tokens-that-should-be-changed-production"
As well as in stackoverflow question that are sort-of related like this one here: How to include jwt secret in application.yaml for Java Spring.
My question is, what should that string become in production? Am I supposed to generate this somewhere in a SecurityConfig class? Or should I generate a 512 bit string and just paste that in the application.properties file?
Thanks in advance.
Secrets should not be added in your regular application.properties file because that would be checked into your version control system. There are various ways to externalize configuration but the easiest is usually to define environment variables.
In your case, you would need an environment variable called SECURITY_JWT_SECRET and Spring Boot will pick this up automatically.
One way to change properties of a spring app is using Spring Cloud Config. Basically your config is in a GitHub repo and as soon as you modify, Spring cloud config server propagates it to other applications referencing it through application.properties.
https://cloud.spring.io/spring-cloud-config/reference/html/
I will share how it has been done in our application which I think one of the standard way of storing credentials.
There may be alternate ways also.
Its not ideal to store token or credentials in properties
We can externalize the token into Vault or config server
when server starts spring application can fetch the properties
Access to vault are controlled
As we have different vault servers across environments, we can store and change the token in runtime and refresh the application.
Regarding generating the jwt token, it should have some expiry time and refreshed periodically.
I am new to spring and creating a spring cloud config service. I have successfully created the configuration service where all the configurations are there. In my client service(this will fetch all the necessary configurations from the configuration service) I need to fetch the configurations depending on the SPRING_PROFILES_ACTIVE value which is defined in the manifest file. There are multiple manifest files in the client service and each has its own SPRING_PROFILES_ACTIVE value.
Currently I am using #ConfigurationProperties(prefix="profile_name") i.e manually defining the "profile_name". But, I want to make it dynamically i.e depending on the value of SPRING_PROFILES_ACTIVE the value should be fetched from configuration service.
Can anyone please suggest me how to load the value dynamically.
Thanks in advance.
Pass SPRING_PROFILES_ACTIVE as environment variable to Spring Boot app instead of declaring it in yaml and hard coding it in configuration file. The app picks the corresponding yaml based on the profile.
How to pass spring profile as parameter to spring boot app
depending on the value of SPRING_PROFILES_ACTIVE the value should be fetched from configuration service.
If I understand correctly, you are trying to get configuration from a Config Server based on the active profiles in the client app. Spring Cloud Config Client does this automatically, as described in the documentation. For example, if the client app has spring.profiles.active=profile1,profile2, then at boostrapping the config client will make requests to the Config Server with URLs like
https://my-config-server.example.com/sample-app/profile1/master
https://my-config-server.example.com/sample-app/profile2/master
and load the response from each request into a property source in the client app.
I am using Spring cloud config server with GIT which is working fine as expected.
Now, my requirement is to get the list of filenames from the spring cloud server.
Spring cloud config only provides API like http://localhost:8088/myconfig/default/master/config.properties to get the property values.
Is there any API available to get all file names? If not, what would be the alternate approach?
No, unfortunately it's not possible. The way we did in our project - added properties with needed file names in config.properties and fetched files in the code using
additional endpoint at /{name}/{profile}/{label}/{path}
https://cloud.spring.io/spring-cloud-config/reference/html/#_serving_plain_text
I have a repository containing config properties that a Java Spring Cloud Config Server accesses whenever another Java Spring App requests to pull the properties. I want to have the same concept, but with a Python app that pulls similar properties. I know there's Python Spring libraries out there, but I can't find an example of Python pulling these properties from a similar config server.
In my case I have achieved this using spring-config-client library. I am sharing the code sample.
from spring_config.client import SpringConfigClient
config = (
ClientConfigurationBuilder()
.app_name("dashboard-service-python11") #config file
.address("http://localhost:3051")
.build()
)
c = SpringConfigClient(config)
c.get_config()
print(c.get_config())
While developing a springboot-liquibase application following this I need to specify the database username + password as liquibase.user and liquibase.password in the application.properties file. I am looking for a better secure way to use these parameter (dynamically fetched from some other place and use inside my java code)
Is there a way to achieve this?
There are couple of things you can do:
You can encrypt you properties file using jasypt-spring-boot. For more details have a look at demo app
If you are developing distributed system, then spring-cloud-config provides server and client-side support for externalized configuration in a distributed system. With the Config Server you have a central place to manage external properties for applications across all environments
Spring Cloud Config
This project allows you to use an external, centralized configuration repository for one or more applications. You don't need to rebuild your application if a property changes. You can simply change the property in your configuration repository and even push the changes to all of your applications.
See this Getting Started Guide.