Why Spring Vault try to load secret/application by default?

See original GitHub issue

Hi, my name is Luram Archanjo and I am studying and doing some proof of concepts (POC) related to Spring Vault and Hashicorp Vault to maybe in the future to use in Production and I have noticed that Spring Vault try to load the properties from secret/application as shown below in the log:

2020-09-02 16:43:29.489  INFO 9547 --- [           main] o.s.v.c.e.LeaseAwareVaultPropertySource  : Vault location [secret/application] not resolvable: Not found

My point is why this?

I was thinking if a have multiples application with multiples contexts using Spring Vault and someone creates and populates the secret/application this properties goes to all my application and by luck replace some properties!

There is a way to disable this behavior? I know that I can prevent it, using vault policy, but the behavior seems to be strange!

My POC

https://github.com/luramarchanjo/poc-spring-vault

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:7 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
luramarchanjocommented, Sep 2, 2020

I have found a workaround following the documentation

spring.cloud.vault.generic.default-context=${spring.cloud.vault.application-name}

or

spring.cloud.vault.generic.default-context=
0reactions
luramarchanjocommented, Sep 11, 2020

Specifying spring.cloud.vault.kv.default-context= is sufficient to leave the context name empty. We should not introduce yet another mechanism to partially disable the default mechanism to compute context paths.

Ok, so I am closing this issue and the PR, thank you so much!

Read more comments on GitHub >

github_iconTop Results From Across the Web

An Intro to Spring Cloud Vault - Baeldung
A brief introduction to Spring Cloud Vault, showing how to retrieve and manage credentials in Spring applications.
Read more >
spring Vault location [secret/my-application] not resolvable
Spring is requesting access to k/v stores at secret/app-name , secret/application and secret/app-name/spring-active-profile .
Read more >
4. Secret Backends - Spring Cloud
Spring Cloud Vault supports at the basic level the generic secret backend. The generic secret backend allows storage of arbitrary values as key-value...
Read more >
Solving the Configuration Management Challenge using ...
Introducing external centralised configuration management into a micro services architecture using Spring Cloud Config Server & Vault.
Read more >
spring cloud vault config github
spencergibb Feb 6, 2017 at 23:35 The easiest, which also sets a default configuration ... Spring Boot users can benefit from Spring Cloud...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found