Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bean of type AwsClientConfigurerSecretsManager is not registered #907

Closed
ipsi-apant opened this issue Oct 9, 2023 · 2 comments
Closed

Comments

@ipsi-apant
Copy link

ipsi-apant commented Oct 9, 2023

Type: Issue

Component:

  • Secrets Manager
  • spring-cloud-aws-starter-secrets-manager 3.0.2
  • software.amazon.awssdk:secretsmanager 2.20.153
  • Java 21
  • Gradle 8.4-rc-2
  • Springboot 3.1.3
  • Webflux
  • localstack

logging

logging:
  level:
    root: debug
    org:
      springframework: info
      apache.http: info
      hibernate: info
    jdk: info
    software.amazon.awssdk: info
    io:
      awspring.cloud: debug

Description of issue

I am using config.import for loading secrets from secrets-manager. On a dev machine, intellij is able to fetch secrets from localstack during context load. Which is great! Thanks to your efforts making it easier to integrate with AWS cloud.

  1. When deploying the same app on a docker container, I am seeing following message in logs.

Is it expected?

  1. The application will be deployed on AWS ECS and it will be using assume-role for accessing AWS services. So passing credentials in configs file or env var or docker container is not allowed in current infra. My understanding we could use this approach StsWebIdentityTokenFileCredentialsProvider

Set spring.cloud.aws.credentials.sts.role-arn value.

Is is correct?

Error

SecretsManagerConfigDataLocationResolver : Bean of type AwsClientConfigurerSecretsManager is not registered: io.awspring.cloud.autoconfigure.config.secretsmanager.AwsSecretsManagerClientCustomizer has not been registered

Sample

In java code retrieving secret using @Value() annotation.

application.yaml

spring:
  cloud:
    aws:
      credentials:
        access-key: localstack  # not working if set inside application-dev.yaml
        secret-key: localstack  # not working if set inside application-dev.yaml
      endpoint: ${AWS_ENDPOINT_OVERRIDE:http://localhost:4566}
  config:
    import:
      aws-secretsmanager:${ENV_SECRETS_MANAGER_NAME:default_name}

Let me know any more details required.

@snigdhasjg
Copy link

snigdhasjg commented Oct 9, 2023

  1. whats the value of AWS_ENDPOINT_OVERRIDE inside docker?
    It should be the hostname of docker container not localhost.

  2. Within ECS it will automatically fetch token, no need to provide any config. Just make sure to add sts runtime dependency.

@ipsi-apant
Copy link
Author

Thank you @snigdhasjg

  1. This env wasn't in docker so, it was referring from OS which was localhost:4566. Sorry, my bad. After enabling some debug logs for env vars it shown this. I have added AWS_ENDPOINT_OVERRIDE=http://localstack:4566 now, it is working for docker. Thank you for the direction. :)

  2. This is great! I will follow this approach and give it a try.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants