To understand how encryption/decryption of properties work with Spring Cloud, I would suggest reading my previous blog post HERE.

You can use client side decryption of properties on Azure Spring Cloud.

STEPS

  • Add the encrypted property in your .properties file in your git repository.
    It would look like:
message={cipher}f43e3df3862ab196a4b367624a7d9b581e1c543610da353fbdd2477d60fb282f
  • Update the Config Server on Azure Spring Cloud to use the git repository which has our encrypted propery. You could do it directly from Azure Portal or use Azure CLI:
az spring-cloud config-server git set -n myspringcloud --uri <git_repo_url>
  • In your Spring Boot application, add the decryption key in the bootstrap.yml file. (You would need to create it if it does not exist)
encrypt:
  key: somerandomkey

[This is the key you would have used in order to encrypt your property earlier]

  • Now, add some code to get the value of the encrypted property.
package com.example.demo;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {

    @Value("${message:default}") 
    String message;

    @GetMapping("/")
    public String hello() {
        return message;
    }

}
  • Create an App, or deploy to an existing one.
az spring-cloud app create -n <appName>
  • Deploy your app.
az spring-cloud app deploy -n appName --jar-path <location_of_jar>
  • Assign a public endpoint (or use the Test Endpoints)
az spring-cloud app update -n appName --assign-endpoint true
  • Access your application to view the value.
https://<myspringcloud>-<appName>.azuremicroservices.io/

That’s it! :v: