How can I configure a Spring Cloud Config Server with Vault backend to authenticate using the Vault Sidecar Agent

387 Views Asked by kevin Lema At 29 March 2023 at 15:21

I have an spring boot project config server which uses a vault backend. application.yml:

spring:
  profiles:
    active: vault
    config:
      server:
        vault:
          kvVersion: 2
          order: 1

If I start with this config, all the petitions must contain X-Config-Token. The config server it´s deployed on Kubernetes, with the vault sidecar agent attached to the pod. On the documentation: https://docs.spring.io/spring-cloud-config/docs/current/reference/html/#vault-backend

Shows how can I change the authentication type, but doesn't support: https://cloud.spring.io/spring-cloud-vault/reference/html/#vault.config.authentication.vault-agent

spring.cloud.vault:
    authentication: NONE

To delegate all the auto auth to the agent.

Original Q&A

There are 1 best solutions below

kevin Lema On 04 August 2023 at 07:50 BEST ANSWER

The solution was a composite config with a dummy token, on application.yml:

spring:

  profiles:
      active: composite
  cloud:
    config:
      server:
        vault:
          token: "dummy"
        failOnCompositeError: false
        composite:
        -
          type: vault
          kvVersion: 2
        -
          type: git
          uri: https://-----

How can I configure a Spring Cloud Config Server with Vault backend to authenticate using the Vault Sidecar Agent

There are 1 best solutions below

Related Questions in HASHICORP-VAULT

Related Questions in SPRING-CLOUD-CONFIG-SERVER

Related Questions in SPRING-CLOUD-VAULT-CONFIG

Trending Questions

Popular # Hahtags

Popular Questions