Spring Boot + Vault Integration(2023) Example
In this tutorial we will be implementing a Spring Boot with Vault Integration. While dealing with the microservices architecture. it is essential to have a management of the configuration. There is a need to have a centralised configuration where the sensitive data can be kept safe. Here comes the need of integration of Vault.Spring cloud Vault helps to access the secrets that are stored in it.
Some of the advantages of using Vault includes- Secure and Secret Storage, Dynamic Secrets, Encryption of Data, Revocating the tree of secrets and many more.
In this example, we will store the username and password of the person inside the vault server and retrieve them in our spring boot application.
-
Installation of Vault Server
Firstly we need to download the vault from the website https://www.vaultproject.io/downloads depending on your operating system.
Now after downloading the zip file, we need to extract the zip file, an exe file would be present in the folder.
Now we need to add system variable and set the path of the vault configuration file.
Now open cmd and run the following command-
Here we have assigned the token id.
Now again open cmd and run the following command-
Now Go to the vault server on the url- http://localhost:8200
Use the token that you have used in a previous command to login.
After successful lgin, you would see the following screen-
Now click on Enable new Secret Engine
Select KV and do next
Give the path that you want to give.
Now click on create secret and enter the following details-
Click on save and now you will see the screen as follows-
We have stored our credentials inside the vault server.
Now let us integrate the spring boot application with the Vault Server and run the program.Project Structure
This will be the standard directory layout for maven project structure-
We need to start by creating a Maven pom.xml(Project Object Model) file. The pom.xml file contains the project configuration details.<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.2.6.RELEASE</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.codeusingjava</groupId> <artifactId>vault-with-spring</artifactId> <version>0.0.1-SNAPSHOT</version> <name>vault-with-spring</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> <spring-cloud.version>Hoxton.SR3</spring-cloud.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-config</artifactId> </dependency> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-vault-config</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> <exclusions> <exclusion> <groupId>org.junit.vintage</groupId> <artifactId>junit-vintage-engine</artifactId> </exclusion> </exclusions> </dependency> </dependencies> <dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>0</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> </plugin> </plugins> </build> </project>
Create the model class for the configurationpackage com.codeusingjava.vault.configuration; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; @Configuration public class VaultConfig { @Value("") private String username; @Value("") public String password; public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } }
spring.application.name=vault-with-spring-boot spring.cloud.vault.uri=http://localhost:8200 spring.cloud.vault.token=00000000-0000-0000-0000-000000000000 spring.cloud.vault.generic.enabled=true spring.cloud.vault.generic.backend=codeusingjava spring.cloud.vault.generic.default-context=credentials
The main class defined for the VaultWithSpringApplication is as follows-package com.codeusingjava.vault; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.ConfigurableApplicationContext; import com.codeusingjava.vault.configuration.VaultConfig; @SpringBootApplication public class VaultWithSpringApplication { public static void main(String[] args) { ConfigurableApplicationContext context = SpringApplication.run(VaultWithSpringApplication.class, args); VaultConfig vaultConfiguration = context.getBean(VaultConfig.class); System.out.println("Username: " + vaultConfiguration.getUsername()); System.out.println("Password: " + vaultConfiguration.getPassword()); } }