I already have Spring Cloud Vault set up to read from multiple paths that have a common role but now I have a requirement to read from multiple paths that may have differing roles. My existing boostrap.yml
file looks like
spring:
cloud:
vault:
config:
lifecycle:
enabled: true
generic:
enabled: false
uri: https://blahblahblah.com:8200
kv:
enabled: true
backend-version: 1
authentication: KUBERNETES
kubernetes:
role: foo_role
kubernetes-path: ocp/kubernetes/dev/cluster
service-account-token-file: /var/run/secrets/kubernetes.io/serviceaccount/token
vault:
paths: 'path1,path2'
I want to read from path1 using foo_role but then path2 using foo_role2. My app has already overridden the VaultConfigurer
class like so:
@Value("#{'${vault.paths}'.split(',')}")
private ArrayList<String> vaultPaths;
@Override
public void addSecretBackends(SecretBackendConfigurer configurer) {
vaultPaths.forEach(configurer::add);
}
but I'm struggling to find which class I need to override in order to configure each path to use its respective role. Is this even possible using this library? Thank you for your help.