0

使用以下 Spring Cloud Config 配置(S3 后端),我可以使用我的个人 AWS 帐户从个人笔记本电脑从 S3 获取配置。但是,在我们的客户端环境中,我无法使用此配置,因为我的客户端在使用公司代理和其他安全配置创建 AmazonS3 对象时具有自定义逻辑。

问题:

  1. 有没有办法可以将自定义 AmazonS3 对象注入 Spring Cloud Config 服务器?如果是,请告诉我如何注射它。
  2. 如果 #1 不可能,有没有办法可以通过 Http 代理传递自定义 AWSCredentialsProvider?
cloud:
  aws:
    region:
      static: us-east-1
    stack:
      auto: false
    credentials:
      accessKey: XXXX
      secretKey: YYYY
      instance-profile: false
      useDefaultAwsCredentialsChain: true
spring:
  profiles:
    active: awss3
  cloud:
    config:
      server:
        awss3:
          region: us-east-1
          bucket: test-bucket-name/bucket-folder
4

1 回答 1

0

我使用配置 bean 完成了它,如下所示。请检查我是否正在以编程方式创建 AmazonS3 对象。在那里,您可以完全控制如何创建此对象(如果需要,使用代理参数)

package com.mypackage.product.config.server.config;

import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.config.server.config.ConfigServerProperties;
import org.springframework.cloud.config.server.environment.AwsS3EnvironmentProperties;
import org.springframework.cloud.config.server.environment.AwsS3EnvironmentRepository;
import org.springframework.cloud.config.server.environment.AwsS3EnvironmentRepositoryFactory;
import org.springframework.cloud.config.server.support.AwsCodeCommitCredentialProvider;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ScalityEnvironmentRepository {

    @Autowired
    private ConfigServerProperties server;

    @Autowired
    AwsS3EnvironmentRepositoryFactory awsS3EnvironmentRepositoryFactory;

    @Autowired
    AwsS3EnvironmentProperties awsS3EnvironmentProperties;

    // read aws/scality creds from vault
    @Value("${data.AccessKeyId}")
    String accessKeyId;

    @Value("${data.SecretAccessKey}")
    String secretAccessKey;

    @Bean
    AwsS3EnvironmentRepository getAwsS3EnvironmentRepository() {

        BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKeyId, secretAccessKey);

        AwsClientBuilder.EndpointConfiguration epc = new AwsClientBuilder.EndpointConfiguration(
                "https://corporate.scality.url.com",
                awsS3EnvironmentProperties.getRegion());

        AWSCredentialsProvider awsCredentialsProvider =
                new AWSStaticCredentialsProvider(awsCreds);

        ClientConfiguration clientConfiguration = new ClientConfiguration()
                .withConnectionTimeout(10000)
                .withMaxErrorRetry(3)
                .withSocketTimeout(50000)
                .withClientExecutionTimeout(50000);

        AmazonS3 client = AmazonS3ClientBuilder.standard()
                .withCredentials(awsCredentialsProvider)
                .withClientConfiguration(clientConfiguration)
                .withEndpointConfiguration(epc)
                .build(); 

        AwsS3EnvironmentRepository repository = new AwsS3EnvironmentRepository(client,
                awsS3EnvironmentProperties.getBucket(), server);    

        return  repository;
    }
}
于 2021-01-25T17:55:25.827 回答