Load rotated secrets

[marcuslange]

Is your feature request related to a problem? Please describe. I'm not sure if this is a missing feature or missing documentation. I do not see properties updated when a secret is rotated.

Describe the solution you'd like Either documentation explaining how to set this up, or the feature to pull updated values and refresh the context.

Describe alternatives you've considered Using my own implementation.

Additional context I have not tried with Parameter Store, but I would have the same exceptions. If a value is changed, that is reflected on the spring application.

[maciejwalkowiak]

Hi @marcuslange, you are right. Similar to ParameterStore (#421) there is currently no support for refreshing context when values change. I am not sure yet if it makes sense to add it to current implementation or we should rather provide Spring Cloud Config integration for SSM and ParameterStore.

[eddumelendez]

Maybe https://github.com/spring-cloud/spring-cloud-aws/issues/601 is kind of related.

[eddumelendez]

I currently have tested this

@RefreshScope
@RestController
public class HelloRestController {

	@Value("${hello.secretmessage}")
	private String hello;

	@GetMapping("/hello/{name}")
	public String hello(@PathVariable String name) {
		return this.hello + " " + name;
	}
}

1. Create aws secretsmanager create-secret --name "/secret/application" --secret-string '{"hello.secretmessage":"Hello"}'
2. Start application
3. See Hello
4. Update aws secretsmanager update-secret --secret-id /secret/application --secret-string '{"hello.secretmessage":"Hola"}'
5. Perform curl -X POST http://localhost:8080/actuator/refresh
6. See "Hola"

Make sure you have spring-boot-starter-actuator dependency and the following property management.endpoints.web.exposure.include=refresh.

[tinexw]

I am not sure yet if it makes sense to add it to current implementation or we should rather provide Spring Cloud Config integration for SSM and ParameterStore.

Any more thoughts on it @maciejwalkowiak?