Skip to content

Commit f282e6d

Browse files
Merge pull request #98877 from lisaguthrie/5230357-javaupdates
Java quickstart tweaks and Key Vault references tutorial
2 parents 1d34ace + 1891b9f commit f282e6d

File tree

3 files changed

+204
-6
lines changed

3 files changed

+204
-6
lines changed

articles/azure-app-configuration/TOC.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,8 @@
4747
href: manage-feature-flags.md
4848
- name: Use Key Vault references in ASP.NET Core
4949
href: use-key-vault-references-dotnet-core.md
50+
- name: Use Key Vault references in Spring Boot
51+
href: use-key-vault-references-spring-boot.md
5052
- name: Integrate with a CI/CD pipeline
5153
href: integrate-ci-cd-pipeline.md
5254
- name: Samples

articles/azure-app-configuration/quickstart-java-spring-app.md

Lines changed: 23 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,15 @@
11
---
22
title: Quickstart to learn how to use Azure App Configuration
33
description: A quickstart for using Azure App Configuration with Java Spring apps.
4-
author: yidon
5-
ms.author: yidon
4+
services: azure-app-configuration
5+
documentationcenter: ''
6+
author: lisaguthrie
7+
manager: maiye
8+
editor: ''
69
ms.service: azure-app-configuration
710
ms.topic: quickstart
811
ms.date: 12/17/2019
12+
ms.author: lcozzens
913

1014
#Customer intent: As a Java Spring developer, I want to manage all my app settings in one place.
1115
---
@@ -42,7 +46,7 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
4246
* Generate a **Maven** project with **Java**.
4347
* Specify a **Spring Boot** version that's equal to or greater than 2.0.
4448
* Specify the **Group** and **Artifact** names for your application.
45-
* Add the **Web** dependency.
49+
* Add the **Spring Web** dependency.
4650

4751
3. After you specify the previous options, select **Generate Project**. When prompted, download the project to a path on your local computer.
4852

@@ -56,13 +60,17 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
5660
<dependency>
5761
<groupId>com.microsoft.azure</groupId>
5862
<artifactId>spring-cloud-starter-azure-appconfiguration-config</artifactId>
59-
<version>1.1.0.M5</version>
63+
<version>1.1.0</version>
6064
</dependency>
6165
```
6266

6367
3. Create a new Java file named *MessageProperties.java* in the package directory of your app. Add the following lines:
6468

6569
```java
70+
package com.example.demo;
71+
72+
import org.springframework.boot.context.properties.ConfigurationProperties;
73+
6674
@ConfigurationProperties(prefix = "config")
6775
public class MessageProperties {
6876
private String message;
@@ -80,6 +88,11 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
8088
4. Create a new Java file named *HelloController.java* in the package directory of your app. Add the following lines:
8189

8290
```java
91+
package com.example.demo;
92+
93+
import org.springframework.web.bind.annotation.GetMapping;
94+
import org.springframework.web.bind.annotation.RestController;
95+
8396
@RestController
8497
public class HelloController {
8598
private final MessageProperties properties;
@@ -98,11 +111,13 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
98111
5. Open the main application Java file, and add `@EnableConfigurationProperties` to enable this feature.
99112

100113
```java
114+
import org.springframework.boot.context.properties.EnableConfigurationProperties;
115+
101116
@SpringBootApplication
102117
@EnableConfigurationProperties(MessageProperties.class)
103-
public class AzureConfigApplication {
118+
public class DemoApplication {
104119
public static void main(String[] args) {
105-
SpringApplication.run(AzureConfigApplication.class, args);
120+
SpringApplication.run(DemoApplication.class, args);
106121
}
107122
}
108123
```
@@ -121,11 +136,13 @@ Use the [Spring Initializr](https://start.spring.io/) to create a new Spring Boo
121136
mvn clean package
122137
mvn spring-boot:run
123138
```
139+
124140
2. After your application is running, use *curl* to test your application, for example:
125141

126142
```CLI
127143
curl -X GET http://localhost:8080/
128144
```
145+
129146
You see the message that you entered in the App Configuration store.
130147

131148
## Clean up resources
Lines changed: 179 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,179 @@
1+
---
2+
title: Tutorial for using Azure App Configuration Key Vault references in a Java Spring Boot app | Microsoft Docs
3+
description: In this tutorial, you learn how to use Azure App Configuration's Key Vault references from a Java Spring Boot app
4+
services: azure-app-configuration
5+
documentationcenter: ''
6+
author: lisaguthrie
7+
manager: maiye
8+
editor: ''
9+
10+
ms.assetid:
11+
ms.service: azure-app-configuration
12+
ms.workload: tbd
13+
ms.devlang: csharp
14+
ms.topic: tutorial
15+
ms.date: 12/16/2019
16+
ms.author: lcozzens
17+
ms.custom: mvc
18+
19+
#Customer intent: I want to update my Spring Boot application to reference values stored in Key Vault through App Configuration.
20+
---
21+
# Tutorial: Use Key Vault references in a Java Spring app
22+
23+
In this tutorial, you learn how to use the Azure App Configuration service together with Azure Key Vault. App Configuration and Key Vault are complementary services used side by side in most application deployments.
24+
25+
App Configuration helps you use the services together by creating keys that reference values stored in Key Vault. When App Configuration creates such keys, it stores the URIs of Key Vault values rather than the values themselves.
26+
27+
Your application uses the App Configuration client provider to retrieve Key Vault references, just as it does for any other keys stored in App Configuration. In this case, the values stored in App Configuration are URIs that reference the values in the Key Vault. They are not Key Vault values or credentials. Because the client provider recognizes the keys as Key Vault references, it uses Key Vault to retrieve their values.
28+
29+
Your application is responsible for authenticating properly to both App Configuration and Key Vault. The two services don't communicate directly.
30+
31+
This tutorial shows you how to implement Key Vault references in your code. It builds on the web app introduced in the quickstarts. Before you continue, complete [Create a Java Spring app with App Configuration](./quickstart-java-spring-app.md) first.
32+
33+
You can use any code editor to do the steps in this tutorial. For example, [Visual Studio Code](https://code.visualstudio.com/) is a cross-platform code editor that's available for the Windows, macOS, and Linux operating systems.
34+
35+
In this tutorial, you learn how to:
36+
37+
> [!div class="checklist"]
38+
> * Create an App Configuration key that references a value stored in Key Vault.
39+
> * Access the value of this key from a Java Spring application.
40+
41+
## Prerequisites
42+
43+
Before you start this tutorial, install the [.NET Core SDK](https://dotnet.microsoft.com/download).
44+
45+
[!INCLUDE [quickstarts-free-trial-note](../../includes/quickstarts-free-trial-note.md)]
46+
47+
## Create a vault
48+
49+
1. Select the **Create a resource** option in the upper-left corner of the Azure portal:
50+
51+
![Output after key vault creation is complete](./media/quickstarts/search-services.png)
52+
1. In the search box, enter **Key Vault**.
53+
1. From the results list, select **Key vaults** on the left.
54+
1. In **Key vaults**, select **Add**.
55+
1. On the right in **Create key vault**, provide the following information:
56+
- Select **Subscription** to choose a subscription.
57+
- In **Resource Group**, select **Create new** and enter a resource group name.
58+
- In **Key vault name**, a unique name is required. For this tutorial, enter **Contoso-vault2**.
59+
- In the **Region** drop-down list, choose a location.
60+
1. Leave the other **Create key vault** options with their default values.
61+
1. Select **Create**.
62+
63+
At this point, your Azure account is the only one authorized to access this new vault.
64+
65+
![Output after key vault creation is complete](./media/quickstarts/vault-properties.png)
66+
67+
## Add a secret to Key Vault
68+
69+
To add a secret to the vault, you need to take just a few additional steps. In this case, add a message that you can use to test Key Vault retrieval. The message is called **Message**, and you store the value "Hello from Key Vault" in it.
70+
71+
1. From the Key Vault properties pages, select **Secrets**.
72+
1. Select **Generate/Import**.
73+
1. In the **Create a secret** pane, enter the following values:
74+
- **Upload options**: Enter **Manual**.
75+
- **Name**: Enter **Message**.
76+
- **Value**: Enter **Hello from Key Vault**.
77+
1. Leave the other **Create a secret** properties with their default values.
78+
1. Select **Create**.
79+
80+
## Add a Key Vault reference to App Configuration
81+
82+
1. Sign in to the [Azure portal](https://portal.azure.com). Select **All resources**, and then select the App Configuration store instance that you created in the quickstart.
83+
84+
1. Select **Configuration Explorer**.
85+
86+
1. Select **+ Create** > **Key vault reference**, and then specify the following values:
87+
- **Key**: Select **/application/config.keyvaultmessage**
88+
- **Label**: Leave this value blank.
89+
- **Subscription**, **Resource group**, and **Key vault**: Enter the values corresponding to the values in the key vault you created in the previous section.
90+
- **Secret**: Select the secret named **Message** that you created in the previous section.
91+
92+
## Connect to Key Vault
93+
94+
1. In this tutorial, you use a service principal for authentication to Key Vault. To create this service principal, use the Azure CLI [az ad sp create-for-rbac](/cli/azure/ad/sp?view=azure-cli-latest#az-ad-sp-create-for-rbac) command:
95+
96+
```azurecli
97+
az ad sp create-for-rbac -n "http://mySP" --sdk-auth
98+
```
99+
100+
This operation returns a series of key/value pairs:
101+
102+
```console
103+
{
104+
"clientId": "7da18cae-779c-41fc-992e-0527854c6583",
105+
"clientSecret": "b421b443-1669-4cd7-b5b1-394d5c945002",
106+
"subscriptionId": "443e30da-feca-47c4-b68f-1636b75e16b3",
107+
"tenantId": "35ad10f1-7799-4766-9acf-f2d946161b77",
108+
"activeDirectoryEndpointUrl": "https://login.microsoftonline.com",
109+
"resourceManagerEndpointUrl": "https://management.azure.com/",
110+
"activeDirectoryGraphResourceId": "https://graph.windows.net/",
111+
"sqlManagementEndpointUrl": "https://management.core.windows.net:8443/",
112+
"galleryEndpointUrl": "https://gallery.azure.com/",
113+
"managementEndpointUrl": "https://management.core.windows.net/"
114+
}
115+
```
116+
117+
1. Run the following command to let the service principal access your key vault:
118+
119+
```
120+
az keyvault set-policy -n <your-unique-keyvault-name> --spn <clientId-of-your-service-principal> --secret-permissions delete get list set --key-permissions create decrypt delete encrypt get list unwrapKey wrapKey
121+
```
122+
123+
1. Create the following environment variables, using the values for the service principal that were displayed in the previous step:
124+
125+
* **AZURE_CLIENT_ID**: *clientId*
126+
* **AZURE_CLIENT_SECRET**: *clientSecret*
127+
* **AZURE_TENANT_ID**: *tenantId*
128+
129+
> [!NOTE]
130+
> These Key Vault credentials are used only within your application. Your application authenticates directly to Key Vault with these credentials. They are never passed to the App Configuration service.
131+
132+
## Update your code to use a Key Vault reference
133+
134+
1. Open *MessageProperties.java*. Add a new variable called *keyVaultMessage*:
135+
136+
```java
137+
private String keyVaultMessage;
138+
139+
public String getKeyVaultMessage() {
140+
return keyVaultMessage;
141+
}
142+
143+
public void setKeyVaultMessage(String keyVaultMessage) {
144+
this.keyVaultMessage = keyVaultMessage;
145+
}
146+
```
147+
148+
1. Open *HelloController.java*. Update the *getMessage* method to include the message retrieved from Key Vault.
149+
150+
```java
151+
@GetMapping
152+
public String getMessage() {
153+
return "Message: " + properties.getMessage() + "\nKey Vault message: " + properties.getKeyVaultMessage();
154+
}
155+
```
156+
157+
1. Build your Spring Boot application with Maven and run it, for example:
158+
159+
```shell
160+
mvn clean package
161+
mvn spring-boot:run
162+
```
163+
1. After your application is running, use *curl* to test your application, for example:
164+
165+
```shell
166+
curl -X GET http://localhost:8080/
167+
```
168+
You see the message that you entered in the App Configuration store. You also see the message that you entered in Key Vault.
169+
170+
## Clean up resources
171+
172+
[!INCLUDE [azure-app-configuration-cleanup](../../includes/azure-app-configuration-cleanup.md)]
173+
174+
## Next steps
175+
176+
In this tutorial, you created an App Configuration key that references a value stored in Key Vault. To learn how to use feature flags in your Java Spring application, continue to the next tutorial.
177+
178+
> [!div class="nextstepaction"]
179+
> [Managed identity integration](./quickstart-feature-flag-spring-boot.md)

0 commit comments

Comments
 (0)