On behalf of the community, it's my pleasure to announce the general availability of Spring Vault 1.0 – the very first GA release of Spring Vault after almost a year of development. The artifacts are available from Maven Central and Bintray. The release ships more than 50 tickets fixed in total. Here’s a very truncated list of the most important features shipping with the release: Pluggable application authentication via AppRole, AWS-EC2, client certificates, Cubbyhole (wrapped tokens) and static tokens. Support for renewable @VaultPropertySource with credentials rotation. Lifecycle-aware…

On behalf of the community, I am pleased to announce Spring Vault 1.0 RC1. The artifacts are available in the Milestone repo. Spring Vault includes 15 fixes, improvements and dependency upgrades. Here’s a short-list of the most important features shipping with the release: Support for renewable @VaultPropertySource with credentials rotation Reshaping APIs dropping VaultClient and using RestTemplate instead Added EnvironmentVaultConfiguration for simplified configuration without the need to create a derived configuration class. Contributions Without the community, we couldn’t be the successful…

As you probably have seen, we have just announced the GA release of Spring Data release train Ingalls. As the release is packed with way too many features to cover them in a release announcement, I would like to use this post to take a deeper look at the changes and features that come with the 15 modules on the train. Housekeeping A very fundamental change in the release train’s dependencies is the upgrade to Spring Framework 4.3 (currently 4.3.6) as the baseline. Other dependency upgrades are mostly driven by major version bumps of the underlying store drivers and implementations that need to…

Last weeks' Spring Data Kay M1 is the first release ever that comes with support for reactive data access. Its initial set of supported stores — MongoDB, Apache Cassandra and Redis — all ship reactive drivers already, which made them very natural candidates for such a prototype. Let’s take a more detailed look at the new programming model and the APIs that make up that support. Reactive Repositories The repositories programming model is the most high-level abstraction Spring Data users usually deal with. They’re usually comprised of a set of CRUD methods defined in a Spring Data provided…

On behalf of the community, I am pleased to announce the first milestone releases of Spring Vault and Spring Cloud Vault 1.0.0.M1. The artifacts are available in the Milestone repo. What is Spring Vault and Spring Cloud Vault? Spring Vault is a client for HashiCorp Vault that provides familiar Spring abstractions. It comes with @VaultPropertySource that exposes encrypted properties from Vault the Environment and VaultTemplate to access secrets stored and encrypted inside Vault. Spring Cloud Vault uses Spring Vault to provide a configuration integration for Spring Boot-based applications…

In my previous post about Managing Secrets with Vault, I introduced you to Vault and how to store arbitrary secrets using the generic secret backend. Vault can manage more than just secret data like API keys, passwords, and other sensitive string-like data. Today we’re taking a look at Vault’s integration with databases, services, and certificates. Database credentials tend to be static When it comes to databases, the regular workflow of getting credentials applying for a database is asking some operator or a self-service tool to give you credentials so your application can log into the…

On behalf of the Spring Data team, I’m happy to announce the first milestone of the Ingalls release train. The release ships 230 tickets fixed! The most noteworthy new features are: Use of method handles for property access in conversion subsystem (Commons, MongoDB). Upgrade to Cassandra 3.0 for Spring Data Cassandra (see the updated examples for details). Support for declarative query methods for Cassandra repositories. Support for Redis geo commands. Any-match mode for query-by-example. Support for XML and JSON based projections for REST payloads (see the example for details) Find a curated…

Passwords, API keys and confidential data fall into the category of secrets. Storing secrets the secure way is a challenge with limiting access and a true secure storage. Let's take a look at Hashicorp Vault and how you can use it to store and access secrets. How do you store Secrets? Passwords, API keys, secure Tokens, and confidential data fall into the category of secrets. That's data which shouldn't lie around. It mustn't be available in plaintext in easy to guess locations. In fact, it must not be stored in plaintext in any location. Sensitive data can be encrypted by using the Spring…

On behalf of the Spring Data team I’d like to announce the availability of the second service release of the Spring Data Hopper release train. The release ships 103 issues fixed. We fixed a couple of bugs in the area of repository projections, especially for JPA users and introduce Hibernate 5.2 compatibility with this release (also already back-ported to the Gosling release train for inclusion in the upcoming service release). Hopper SR2 is a recommended upgrade for all Hopper users and also users of previous release trains. Here are the released modules: Spring Data Cassandra 1.4.…