Skip to content

Latest commit

 

History

History
186 lines (133 loc) · 5.9 KB

File metadata and controls

186 lines (133 loc) · 5.9 KB

Spring Cloud Azure Starter Key Vault Secrets Sample

This sample illustrates the usage of spring-cloud-azure-starter-keyvault-secrets. To learn all features, please refer to reference doc.

What You Will Build

You will build an application that use spring-cloud-azure-starter-keyvault-secrets to retrieve multiple secrets from multiple Azure Key Vault.

What You Need

Provision Azure Resources Required to Run This Sample

Authenticate Using the Azure CLI

Terraform must authenticate to Azure to create infrastructure.

In your terminal, use the Azure CLI tool to setup your account permissions locally.

az login

Your browser window will open and you will be prompted to enter your Azure login credentials. After successful authentication, your terminal will display your subscription information. You do not need to save this output as it is saved in your system for Terraform to use.

You have logged in. Now let us find all the subscriptions to which you have access...

[
  {
    "cloudName": "AzureCloud",
    "homeTenantId": "home-Tenant-Id",
    "id": "subscription-id",
    "isDefault": true,
    "managedByTenants": [],
    "name": "Subscription-Name",
    "state": "Enabled",
    "tenantId": "0envbwi39-TenantId",
    "user": {
      "name": "[email protected]",
      "type": "user"
    }
  }
]

If you have more than one subscription, specify the subscription-id you want to use with command below:

az account set --subscription <your-subscription-id>

Provision the Resources

After login Azure CLI with your account, now you can use the terraform script to create Azure Resources.

Run with Bash

# In the root directory of the sample
# Initialize your Terraform configuration
terraform -chdir=./terraform init

# Apply your Terraform Configuration
terraform -chdir=./terraform apply -auto-approve

Run with Powershell

# In the root directory of the sample
# Initialize your Terraform configuration
terraform -chdir=terraform init

# Apply your Terraform Configuration
terraform -chdir=terraform apply -auto-approve

It may take a few minutes to run the script. After successful running, you will see prompt information like below:

...
azurecaf_name.azurecaf_name_kv_02: Creating...
azurecaf_name.azurecaf_name_kv_01: Creating...
azurecaf_name.resource_group: Creating...
azurecaf_name.azurecaf_name_kv_01: Creation complete after 0s ...
azurecaf_name.resource_group: Creation complete after 0s ...
azurecaf_name.azurecaf_name_kv_02: Creation complete after 0s ...
azurerm_resource_group.main: Creating...
azurerm_resource_group.main: Creation complete after 3s ...
azurerm_key_vault.kv_account_02: Creating...
azurerm_key_vault.kv_account_01: Creating...
azurerm_key_vault.kv_account_02: Still creating... 
...
azurerm_key_vault_secret.kv_01: Creation complete ...
azurerm_key_vault_secret.kv_both_01: Creation complete ...
azurerm_key_vault.kv_account_02: Creation complete after ...
azurerm_key_vault_secret.kv_02_both: Creating...
azurerm_key_vault_secret.kv_02: Creating...
azurerm_key_vault_secret.kv_02_both: Creation complete ...
azurerm_key_vault_secret.kv_02: Creation complete ...

Apply complete! Resources: 10 added, 0 changed, 0 destroyed.

Outputs:

...

You can go to Azure portal in your web browser to check the resources you created.

Export Output to Your Local Environment

Running the command below to export environment values:

Run with Bash

source ./terraform/setup_env.sh

Run with Powershell

terraform\setup_env.ps1

If you want to run the sample in debug mode, you can save the output value.

ENDPOINT_1=...
ENDPOINT_2=...

Run Locally

Run the sample with Maven

In your terminal, run mvn clean spring-boot:run.

mvn clean spring-boot:run

Run the sample in IDEs

You can debug your sample by adding the saved output values to the tool's environment variables or the sample's application.yaml file.

Verify This Sample

Start the application, you will see logs like this:

sampleProperty1: key_vault_secret_01/sampleProperty1Value
sampleProperty2: key_vault_secret_02/sampleProperty2Value
samplePropertyInMultipleKeyVault: key_vault_secret_01/samplePropertyInMultipleKeyVaultValue

We can see that key_vault_secret_01 have higher priority.

Clean Up Resources

After running the sample, if you don't want to run the sample, remember to destroy the Azure resources you created to avoid unnecessary billing.

The terraform destroy command terminates resources managed by your Terraform project.
To destroy the resources you created.

Run with Bash

terraform -chdir=./terraform destroy -auto-approve

Run with Powershell

terraform -chdir=terraform destroy -auto-approve