Instance Profile Credentials Using Spring Cloud
Last Updated :
06 Mar, 2024
In Java, Spring Cloud tools can help developers in so many ways. They may quickly construct common patterns in distributed systems with the help of contract testing, configuration management, circuit breakers, intelligent routing, micro-proxies, control buses, and short-lived microservices. Boilerplate patterns are produced during the coordination of distributed systems, and developers can easily set up services and applications that use those patterns by utilizing Spring Cloud.
In this article, we are going to create instance profile credentials by building a Spring Cloud application.
Step-by-Step Implementation of Instance Profile Credentials using Spring Cloud
Below are the steps to implement instance profile credentials using Spring Cloud.
Step 1: Maven Dependency
Maven users can utilize Spring Cloud AWS module dependencies directly by configuring the specific module. The Spring Cloud AWS module includes all the transitive dependencies of the Spring modules along with the Amazon SDK needed to operate the modules. The entire dependant setup will look like below.
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-aws-context</artifactId>
<version>{spring-cloud-version}</version>
</dependency>
</dependencies>
Step 2: Verification of EC2 Instance Profile Credentials Retrieval
Next, we need to confirm that the instance profile credentials can be retrieved by our EC2 instance. Enter the true instance profile role name in place of <InstanceProfileRoleName>.
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/<InstanceProfileRoleName>
Step 3: Configure Spring Cloud Application
Now let’s look at our example use case. To enable instance profiles with Spring Boot, we must specify it as follows in our Spring Boot configuration file:
cloud.aws.credentials.instanceProfile=true
- When deploying this Spring Boot application in an EC2 instance, all clients will immediately try to access to AWS resources using the credentials from the instance profile.
- This is a result of Spring Cloud’s usage of the AWS SDK’s EC2ContainerCredentialsProviderWrapper.
- This will search the system for credentials in order of priority, and if it finds none, it will automatically end up looking for the credentials from the instance profile.
Step 4: Configure with an InstanceProfileCredentialsProvider
We can launch our own Amazon S3 instance if we need to declare that Spring Cloud should only use instance profiles. It can be published as a bean and configured using an InstanceProfileCredentialsProvider.
Java
@Configuration
public class AmazonS3Config {
@Bean
public AmazonS3 amazonS3()
{
InstanceProfileCredentialsProvider provider = new InstanceProfileCredentialsProvider(true);
AmazonS3 amazonS3Client = AmazonS3ClientBuilder.standard()
.withCredentials(provider)
.build();
return amazonS3Client;
}
}
|
Step 5: Connect to the S3 Bucket
Now that we have configured permanent credentials, we can connect to the S3 bucket using Spring Cloud as usual.
Java
@Component
public class SpringCloudS3Service
{
@Autowired
AmazonS3 amazonS3;
public void createBucket(String bucketName)
{
log.info("Creating S3 bucket: {}", bucketName);
amazonS3.createBucket(bucketName);
log.info("S3 bucket '{}' created successfully", bucketName);
}
}
|
This is Instance Profile Credentials using Spring Cloud. In this article, we have learnt how to connect a simple Spring Cloud application to Amazon S3 bucket.
Share your thoughts in the comments
Please Login to comment...