Adding keys to Spring Boot vault
I am implementing Spring Boot vault. Whenever I try to add more than one key, only the last one is saved. For example, at this page, https://www.javainuse.com/spring/cloud-vault, they have this example
But when I then query the vault, I see
c:\vault>vault kv get secret/javainuseapp
======= Data =======
Key Value
--- -----
dbpassword root
If I set both keys at the same time, it seems to work
c:\vault>vault kv put secret/javainuseapp dbusername=root dbpassword=root
Success! Data written to: secret/javainuseapp
c:\vault>vault kv get secret/javainuseapp
======= Data =======
Key Value
--- -----
dbpassword root
dbusername root
How does one add additional keys?
This is standard usage for the Vault API, and therefore also for the CLI which is a wrapper around the Golang bindings around the REST API. If you want to overwrite a key value pair with the Vault CLI and retain the former key value pairs, then you must additionally specify them like you did in the final example:
kv put secret/javainuseapp dbusername=root dbpassword=root
All key value pairs specified during the command for a specific path will be stored at that secret version (the version corresponding to an integer equal to the number of writes at that path, unless previous versions are deleted). All key value pairs are still stored, but at the previous secret version. When you execute the command vault kv get secret/javainuseapp, you are retrieving the secret at the current version corresponding to the most recent write.
However, note that if the Vault policy or policies support patch operations on the secret path for the associated role/user/etc., then you can also execute a patch subcommand to only update one key value pair while retaining the others in the newest version of the secret:
vault kv patch secret/javainuseapp dbusername=root
and in that situation the dbpassword key will be retained in the newest secret version.
- Can apm-agent-java plugin be placed inside the application JAR file?
- Spring @Sql Annotations, possible to run once before all tests?
- Springboot mySQL Failed to determine a suitable driver class
- Java springboot Validation is not working for me
- How to validate and sanitize HTTP Get with Spring Boot?
- Unable to resolve name [org.hibernate.dialect.MYSQL5Dialect] as strategy [org.hibernate.dialect.Dialect]
- Spring Boot - no log file written (logging.file is not respected)
- Handling Internal Server Error When OAuth Issuer Is Not Available in WebFluxSecurity
- How to use @ServiceConnection with GenericContainer and custom ConnectionDetails
- With deprecation of the `SecurityContextRepository.loadContext(HttpRequestResponseHolder)` method, how do we add `Set-Cookie` to the response?
- Spring Boot + Security + Thymeleaf and CSRF token not injected automatically
- Implementing Custom Expression Handling with Spring Security 6
- Using two or more SecurityFilterChains with Spring Security 6 does not work properly, only one chain is invoked
- Spring Boot With Maven Shade Plugin - Controllers not mapped (404 Error)
- How to fix: Error creating bean with name : Unsatisfied dependency expressed through field
- "httptrace" endpoint of Spring Boot Actuator doesn't exist anymore with Spring Boot 2.2.0
- Using Postgres 16 with Spring Boot 3.3.0
- Default logging file for spring boot application
- Kafka No Acknowledgment available as an argument
- What are git-ref and git-ref-short tags in maven pom file
- Is there some license requirement for spring bom dependencies?
- How to increase the maximum length of SpEL expressions in spring boot 3.3.0?
- Need to Read a file from SFTP endpoint with Proxy enabled in apache camel
- CORS with spring-boot and angularjs not working
- Wiremock dependency not importing classes
- Intermittent Connection Timeout Issues in Java 21/Spring Boot 3.1.6 Application with Multiple API Consumption
- How to persist data in H2 database
- is using DTOs in every case always a good practice?
- How to add custom ApplicationContextInitializer to a spring boot application?
- Patch Request in Java Spring Boot nulls ManyToOne