Spring Cloud Vault uses property-based configuration to create PropertySources
for generic and discovered secret backends.
Discovered backends provide VaultSecretBackendDescriptor beans to describe the configuration
state to use secret backend as PropertySource. A SecretBackendMetadataFactory is required
to create a SecretBackendMetadata object which contains path, name and property transformation
configuration.
SecretBackendMetadata is used to back a particular PropertySource.
You can register an arbitrary number of beans implementing VaultConfigurer for customization.
Default generic and discovered backend registration is disabled if Spring Cloud Vault discovers
at least one VaultConfigurer bean. You can however enable default registration with
SecretBackendConfigurer.registerDefaultGenericSecretBackends() and SecretBackendConfigurer.registerDefaultDiscoveredSecretBackends().
public class CustomizationBean implements VaultConfigurer { @Override public void addSecretBackends(SecretBackendConfigurer configurer) { configurer.add("secret/my-application"); configurer.registerDefaultGenericSecretBackends(false); configurer.registerDefaultDiscoveredSecretBackends(true); } }
![[Note]](images/note.png) | Note |
|---|---|
All customization is required to happen in the bootstrap context. Add your configuration
classes to |