Is it possible to read secrets stored under multiple paths/contexts in Vault from Spring Boot application?
I assume, profiles should be used, but not sure and still didn't manage to configure profiles.
Approle authentication is used to connect Vault from Spring Boot application.
Spring Boot application configuration (bootstrap.yaml):
spring:
application:
name: poc-name
cloud:
vault:
host: {vault-host}
port: {vault-port}
scheme: http
authentication: approle
app-role:
role-id: {role-id}
secret-id: {secret-id}
kv:
enabled: true
application-name: poc-name
default-context: test-secrets-1
backend: secrets-backend
For example, if there is following structure:
secrets-backend
- test-secrets-1
- key1: value1
- key2: value2
- test-secrets-2
- key3: value3
- key4: value4
Thank you in advance.
Yes we can make use of multiple secrets, if they are under one secret engine.
We can provide multiple secrets in the kv.application-name attribute.
Here is the sample for the same:
spring.cloud.vault.kv.enabled: true
spring.cloud.vault.kv.backend: my-secret-engine
spring.cloud.vault.kv.application-name: secret1,secret2
spring.config.import: vault://my-secret-engine/secret1,vault://my-secret-engine/secret2