AWS Parameter Store Backend

Spring Cloud Config Server 支持 AWS Parameter Store 作为配置属性的后端。您可以通过将依赖项添加到 AWS Java SDK for SSM来启用此功能。

Spring Cloud Config Server supports AWS Parameter Store as a backend for configuration properties. You can enable this feature by adding a dependency to the AWS Java SDK for SSM.

pom.xml

<dependency>
    <groupId>software.amazon.awssdk</groupId>
    <artifactId>ssm</artifactId>
</dependency>

以下配置使用 AWS SSM 客户端来访问参数。

The following configuration uses the AWS SSM client to access parameters.

spring:
  profiles:
    active: awsparamstore
  cloud:
    config:
      server:
        awsparamstore:
          region: eu-west-2
          endpoint: https://ssm.eu-west-2.amazonaws.com
          origin: aws:parameter:
          prefix: /config/service
          profile-separator: _
          recursive: true
          decrypt-values: true
          max-results: 5

下表描述了 AWS Parameter Store 配置属性。

The following table describes the AWS Parameter Store configuration properties.

Table 1. AWS Parameter Store Configuration Properties
Property Name	Required	Default Value	Remarks
region	no		The region to be used by the AWS Parameter Store client. If it’s not explicitly set, the SDK tries to determine the region to use by using the Default Region Provider Chain.
endpoint	no		The URL of the entry point for the AWS SSM client. This can be used to specify an alternate endpoint for the API requests.
origin	no	`aws:ssm:parameter:`	The prefix that is added to the property source’s name to show their provenance.
prefix	no	`/config`	Prefix indicating L1 level in the parameter hierarchy for every property loaded from the AWS Parameter Store.
profile-separator	no	`-`	String that separates an appended profile from the context name.
recursive	no	`true`	Flag to indicate the retrieval of all AWS parameters within a hierarchy.
decrypt-values	no	`true`	Flag to indicate the retrieval of all AWS parameters with their value decrypted.
max-results	no	`10`	The maximum number of items to return for an AWS Parameter Store API call.

AWS Parameter Store API 凭据使用 Default Credential Provider Chain来确定。版本化参数已经受默认返回最新版本的行为支持。

AWS Parameter Store API credentials are determined using the Default Credential Provider Chain. Versioned parameters are already supported with the default behaviour of returning the latest version.

When no application is specified application is the default, and when no profile is specified default is used.
Valid values for awsparamstore.prefix must start with a forward slash followed by one or more valid path segments or be empty.
Valid values for awsparamstore.profile-separator can only contain dots, dashes and underscores.
Valid values for awsparamstore.max-results must be within the [1, 10] range.