Комментарии:
Thanks for the video...Good one with perfect explanation 👌👌
ОтветитьDoes this also work for nested secret paths in Vault? For example, in Secret Engine secret/ , I will have secret key as application and inside application another subfolder, let's call it dev and inside dev, we could have properties. So secret/application/dev/properties. In this path, we can store a key value pair of secret. Somehow I can't pull secrets from this path. Can you please help me?
ОтветитьSaudações de um dev brasileiro! Obrigado pelo tutorial, estava configurando certo e dava erro, a propriedade que estava faltando era a do spring.cloud.config.server.vault.order=1 isso faz com que os dois funcionem perfeitamente. Thank you very much for this, it helped alot.
ОтветитьIs boostrap not legacy?
ОтветитьHi,Thanks for the video. please can you Suggest me how to add dbpassword as & Symbol in vault. when i add dbpassword like sh&6%4*fhwT in vault , am getting '6%4*fhwT' is not recognized as an internal or external command. please suggest me how to read the above password
ОтветитьThanks for this, Sergio. Very helpful in its conciseness. A couple of security observations:
1. You seem to suggest that the Git repo's username and password might be embedded in the "cloud.config.server.git.uri'. All secrets should reside in Vault, no? If so, how would you tell the config server to get the Git credentials from Vault? And,
2. Along the same lines, it looks like the Config Server's microservice clients have unprotected access to the server? Shouldn't each microservice have its own Config Server username and password, again, residing in Vault?
Just a couple of thoughts as I'm currently upgrading a 2 year old system and intend to make sure all assets are secured and all secrets are stored in Vault.
Questions are rhetorical... Please don't feel obligated to respond <grin>.
How do i check if vault properties can be fetched?
ОтветитьNice tutorial. Quite easy to follow :)
Question though:
I see you're storing he vault configs in the root directory "secret/service-users".
Is there a way to store them in sub directories? e.g. "secret/dev/service-users", "secret/test/service-users", "secret/prod/service-users", etc...
If so, how is this configured on both the server and client apps?