[英]Spring Cloud config server security
I implemented Spring Cloud config server.我实现了 Spring 云配置服务器。 How can I prevent the config server
bootstrap.yml
file from storing the GIT user name and password as clear text?如何防止配置服务器
bootstrap.yml
文件将 GIT 用户名和密码存储为明文?
Vault: https://github.com/hashicorp/vault保险库: https://github.com/hashicorp/vault
Use Vault: https://cloud.spring.io/spring-cloud-config/reference/html/#_vault使用保险柜: https://cloud.spring.io/spring-cloud-config/reference/html/#_vault
Set up Spring Vault:设置 Spring 保险库:
https://docs.spring.io/spring-vault/docs/2.2.2.RELEASE/reference/html/ https://docs.spring.io/spring-vault/docs/2.2.2.RELEASE/reference/html/
https://spring.io/projects/spring-vault https://spring.io/projects/spring-vault
In your Spring Cloud config server, file bootstrap.yml
在您的 Spring 云配置服务器中,文件
bootstrap.yml
spring:
cloud:
config:
token: YourVaultToken
ok So this is working fine for me, the issue was my config server's bootstrap.yml need to connect to GIT repository as backend and GIT repo is secured with username and password but I can not pass the username and password in bootstrap.yml file.好的所以这对我来说很好,问题是我的配置服务器的 bootstrap.yml 需要连接到 GIT 存储库作为后端,并且 GIT 存储库使用用户名和密码进行保护,但我无法在 bootstrap.yml 文件中传递用户名和密码。
To solve this:要解决这个问题:
Pass the credential as environmental variable and store these environment variable in terraform or any other secure location.将凭证作为环境变量传递,并将这些环境变量存储在 terraform 或任何其他安全位置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.