9. Customize which secret backends to expose as PropertySource (9. Customize which secret backends to expose as PropertySource) _ Spring Cloud Vaultversion 3.0.4中文文档(官方文档中文翻译)|Spring 教程 —

9. Customize which secret backends to expose as PropertySource

Spring Cloud Vault uses property-based configuration to create PropertySources for key-value and discovered secret backends.spring-doc.cn

Discovered backends provide VaultSecretBackendDescriptor beans to describe the configuration state to use secret backend as PropertySource. A SecretBackendMetadataFactory is required to create a SecretBackendMetadata object which contains path, name and property transformation configuration.spring-doc.cn

SecretBackendMetadata is used to back a particular PropertySource.spring-doc.cn

You can register a VaultConfigurer for customization. Default key-value and discovered backend registration is disabled if you provide a VaultConfigurer. You can however enable default registration with SecretBackendConfigurer.registerDefaultKeyValueSecretBackends() and SecretBackendConfigurer.registerDefaultDiscoveredSecretBackends().spring-doc.cn

public class CustomizationBean implements VaultConfigurer {

    @Override
    public void addSecretBackends(SecretBackendConfigurer configurer) {

        configurer.add("secret/my-application");

        configurer.registerDefaultKeyValueSecretBackends(false);
        configurer.registerDefaultDiscoveredSecretBackends(true);
    }
}

SpringApplication application = new SpringApplication(MyApplication.class);
application.addBootstrapper(VaultBootstrapper.fromConfigurer(new CustomizationBean()));