I am in new in Azure. I created a small application where I have mentioned one secret JWT-SET-URI
in application.properties file. The secret, I have created in azure key vaults
.
Spring boot version: 3.1.5
Azure account: Personal Account with free (12 months)
application.propeties
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=${JWT-SET-URI}
spring.cloud.azure.keyvault.secret.property-sources[0].enabled=true
spring.cloud.azure.keyvault.secret.property-sources[0].endpoint=https://demo-vault.vault.azure.net/
Also I have installed Azure CLI
. Once I ran command az login
after that if I start the application it is working fine. But when the Azure CLI
is not present or ran az logout
command. The application is not starting.
My question is that is there any way that I can run the application without the Azure CLI
?
For reference, I have followed this document: https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-key-vault
2
Answers
I tried the below code without the Azure CLI login method and retrieved the secret from the key vault with the service principal, Client Credentials method.
Code :
SecretController.java :
KeyVaultService.java :
application.properties :
Below is the secret value I have in my key vault.
I gave access to the app to retrieve the secrets from the key vault as below:
The code runs successfully as below:
I retrieved the secret from the key vault in the browser as below.
If you don’t need the exact secret values when running the app locally (because for example you have a local database which has different URL and credentials), then you can simply use a local test double to replace Azure Key Vault as well.
This example project can tell you how the Spring integration should be done as well as how you can replace the real Azure Key Vault with the test double: https://github.com/nagyesta/lowkey-vault-example/tree/main#spring-cloud-azure-starter