8.1.3 HashiCorp Vault Support

Micronaut features support for integration with HashiCorp Vault as a distributed configuration source.

To enable support for Vault Configuration simply add the following configuration to your bootstrap.yml file:

Integrating with HashiCorp Vault

  1. micronaut:
  2. application:
  3. name: hello-world
  4. config-client:
  5. enabled: true
  6. vault:
  7. client:
  8. config:
  9. enabled: true

🔗

Table 1. Configuration Properties for VaultClientConfiguration
PropertyTypeDescription

vault.client.uri

java.lang.String

Set the Vault Server Uri. Default value (“http://locahost:8200“).

vault.client.token

java.lang.String

Set the Vault authentication token.

vault.client.kv-version

VaultClientConfiguration$VaultKvVersion

Set the version of the Vault Secret engine. V1 or V2. Default value (V2).

vault.client.secret-engine-name

java.lang.String

Set the name of the Vault Secret engine name. Default value (“secret”).

vault.client.fail-fast

boolean

If set to true an exception will be thrown if configuration is not found for the application or any of its environments. Default value (false).

vault.client.ssl-configuration

SslConfiguration

vault.client.exception-on-error-status

boolean

vault.client.logger-name

java.lang.String

vault.client.follow-redirects

boolean

vault.client.default-charset

java.nio.charset.Charset

vault.client.channel-options

java.util.Map

vault.client.shutdown-timeout

java.time.Duration

vault.client.read-timeout

java.time.Duration

vault.client.read-idle-timeout

java.time.Duration

vault.client.connect-timeout

java.time.Duration

vault.client.connect-ttl

java.time.Duration

vault.client.num-of-threads

java.lang.Integer

vault.client.thread-factory

java.lang.Class

vault.client.max-content-length

int

vault.client.proxy-type

java.net.Proxy$Type

vault.client.proxy-address

java.net.SocketAddress

vault.client.proxy-username

java.lang.String

vault.client.proxy-password

java.lang.String

vault.client.proxy-selector

java.net.ProxySelector

Micronaut will use the configured micronaut.application.name to lookup property sources for the application from Vault.

Table 2. Configuration Resolution Precedence
FolderDescription

/application

Configuration shared by all applications

/[APPLICATION_NAME]

Application specific configuration

/application/[ENV_NAME]

Configuration shared by all applications for an active environment name

/[APPLICATION_NAME]/[ENV_NAME]

Application specific configuration for an active environment name

See the Documentation for HashiCorp Vault for more information on how to setup the server.