Skip to main content

Configuration reference

The starter has two independent property groups: jeap.config.aws.appconfig.* for AWS AppConfig and jeap.aws.secretsmanager.* for AWS Secrets Manager. Both integrations are activated by adding their location to spring.config.import (jeap-app-config-aws: and jeap-aws-secretsmanager: respectively) — without the import, the corresponding integration stays inactive.

AWS AppConfig (jeap.config.aws.appconfig.*)

NameDefaultDescription
env-idId or name of the AppConfig environment to fetch deployed configuration from (e.g. dev). Required when importing AppConfig
required-minimum-poll-interval-in-seconds60Minimum and standard interval (seconds) between polls. AWS valid range 15–86400
no-default-common-configfalseDo not load the default common application profile
no-default-common-platform-configfalseDo not load the default common-platform application profile
trust-all-certificatesfalseTrust all TLS certificates when connecting to AppConfig. Development only

spring.application.name is read separately and used as the AppConfig application name for the service's own profile when the default layout is used. See AWS AppConfig.

AWS Secrets Manager (jeap.aws.secretsmanager.*)

NameDefaultDescription
enabledtrueLoad secrets. Set to false to skip Secrets Manager loading entirely
regionAWS region override. If unset, the default AWS region resolution applies
endpoint-overrideOverride the Secrets Manager endpoint URI (e.g. a LocalStack endpoint in tests)
access-key-idStatic access key id. When set together with secret-access-key, static credentials are used
secret-access-keyStatic secret access key (see access-key-id)
http-proxy-use-externally-defined-settingstrueLet the HTTP client use system-property and environment-variable proxy settings

If access-key-id and secret-access-key are not both set, the AWS DefaultCredentialsProvider chain is used. For backwards compatibility the legacy property spring.cloud.aws.secretsmanager.enabled (default true) is also honoured — Secrets Manager loads only when both it and jeap.aws.secretsmanager.enabled are true. See AWS Secrets Manager.

Location syntax

LocationMeaning
jeap-app-config-aws:AppConfig with the default profile layout
jeap-app-config-aws:<app>/config;<app2>/configAppConfig with explicit <app-name>/<profile-name> profiles
jeap-aws-secretsmanager:<secret>Import one secret
jeap-aws-secretsmanager:<secret>?prefix=<prefix>Import a secret, prefixing every resolved key with <prefix>
jeap-aws-secretsmanager:<secret1>;<secret2>Import several secrets from one location
optional:<location>Tolerate a missing/unreachable location instead of failing startup