[英]How do I KMS decrypt the password in the application.properties first before being used in spring boot
my first time using AWS and spring boot together. 我第一次使用AWS和spring boot。
I have my db credentials set up in application.properties. 我在application.properties中设置了我的数据库凭据。
But I still need to KMS decrypt the password. 但是我仍然需要KMS解密密码。
How do I do that in spring boot framework? 我如何在spring boot框架中执行此操作?
First of all, you should include the "zalando/spring-cloud-config-aws-kms" dependancy to your project, for more details about the project check this link: " https://github.com/zalando/spring-cloud-config-aws-kms " You should be careful about the choice of versions, for example if you are using Spring Cloud Greenwich + Spring Boot 2.1 the zalando dependency version should be 4.1 首先,您应该在项目中包含“zalando / spring-cloud-config-aws-kms”依赖性,有关该项目的更多详细信息,请查看此链接: “ https://github.com/zalando/spring-cloud -config-aws-kms “你应该注意版本的选择,例如,如果你使用Spring Cloud Greenwich + Spring Boot 2.1 , zalando依赖版本应该是4.1
Now suppose your spring-boot project is a maven project, then you should have something like this: 现在假设你的spring-boot项目是一个maven项目,那么你应该有这样的东西:
<dependency>
<groupId>org.zalando</groupId>
<artifactId>spring-cloud-config-aws-kms</artifactId>
<version>4.1</version>
</dependency>
Second, your encrypted password value in the application.properties should begin with {cipher}
, example (the cipher shown below is not a valid one): 其次,application.properties中的加密密码值应以
{cipher}
开头,例如(下面显示的密码不是有效密码):
DataBase.Password = {cipher}UmjDPAmJr78ypSphQycO9DAQECAHgC4i08YQPW
Finally, because you have the spring-cloud-config-aws-kms in your project classPath you have only to inject the value of your encrypted password in your classes when needed via the @Value
annotaion, as an example: 最后,因为你的项目classPath中有spring-cloud-config-aws-kms ,你只需要通过
@Value
注释在你的类中注入加密密码的值,例如:
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
@RestController
public class Example {
//reads the encrypted password, decrypts it
// and injects it in the field DataBasePassword
@Value("${DataBase.Password}")
private String DataBasePassword;
@RequestMapping("/")
public String decryptPassword() {
return DataBasePassword;
}
public static void main(String[] args) {
SpringApplication.run(Example.class, args);
}
}
Launch this Spring-Boot application, open a browser and type the url " http://localhost:8080/ " to see the result. 启动此Spring-Boot应用程序,打开浏览器并键入URL “ http:// localhost:8080 / ”以查看结果。 This answer is inspired from this project " https://github.com/kinow/spring-boot-aws-kms-configuration " .
这个答案来自这个项目“ https://github.com/kinow/spring-boot-aws-kms-configuration ” 。 Hope that will be helpful :)
希望会有所帮助:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.