AWS Parameter Store Backend
Spring Cloud Config Server supports AWS Parameter Store as a backend for configuration properties. You can enable this feature by adding a dependency to the AWS Java SDK for SSM.
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>ssm</artifactId>
</dependency>
The following configuration uses the AWS SSM client to access parameters.
spring:
profiles:
active: awsparamstore
cloud:
config:
server:
awsparamstore:
region: eu-west-2
endpoint: https://ssm.eu-west-2.amazonaws.com
origin: aws:parameter:
prefix: /config/service
profile-separator: _
recursive: true
decrypt-values: true
max-results: 5
The following table describes the AWS Parameter Store configuration properties.
Property Name | Required | Default Value | Remarks |
---|---|---|---|
region |
no |
The region to be used by the AWS Parameter Store client. If it’s not explicitly set, the SDK tries to determine the region to use by using the Default Region Provider Chain. |
|
endpoint |
no |
The URL of the entry point for the AWS SSM client. This can be used to specify an alternate endpoint for the API requests. |
|
origin |
no |
|
The prefix that is added to the property source’s name to show their provenance. |
prefix |
no |
|
Prefix indicating L1 level in the parameter hierarchy for every property loaded from the AWS Parameter Store. |
profile-separator |
no |
|
String that separates an appended profile from the context name. |
recursive |
no |
|
Flag to indicate the retrieval of all AWS parameters within a hierarchy. |
decrypt-values |
no |
|
Flag to indicate the retrieval of all AWS parameters with their value decrypted. |
max-results |
no |
|
The maximum number of items to return for an AWS Parameter Store API call. |
AWS Parameter Store API credentials are determined using the Default Credential Provider Chain. Versioned parameters are already supported with the default behaviour of returning the latest version.
|