Does Spring Cloud for Azure support AKV (keys)

Mat CHAN 85 Reputation points
2024-08-02T09:22:58.22+00:00

In this microsoft learn article, I can only see the support to 'certificate' and 'secret'. For example, we can easily auto configured the SecretClient with the properties defined in application.yaml but not the KeyClient where we use in Azure SDK for Java for key encryption / wrapping key purposes.

The only way I can achieve key encryption with KeyClient is below but not robust at all


package com.hub4.springboot.config;

import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.keys.KeyClient;
import com.azure.security.keyvault.keys.KeyClientBuilder;
import com.azure.spring.cloud.service.implementation.keyvault.KeyVaultProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class AzureKeyVaultConf {

	// I have defined necessary parameters in application.yaml
    @Autowired
    private KeyVaultProperties keyVaultProperties;

    @Bean
    public KeyClient keyClient() {
        return new KeyClientBuilder()
                .vaultUrl(keyVaultProperties.getEndpoint())
                .credential(new DefaultAzureCredentialBuilder().build())
                .buildClient();
    }
}

Any better approach / alternative?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,309 questions
Azure Spring Apps
Azure Spring Apps
An Azure platform as a service for running Spring Boot applications at cloud scale. Previously known as Azure Spring Cloud.
126 questions

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.