spring cloud vault on Azure app service(UAMI) : connection time out

69 views Asked by At

I am deploying a spring boot app onto Azure app services and getting "connection time out " error for Azure MSI endpoint.

App uses Spring cloud vault config with azure UAMI to connect to vault, but fails at bootstrap time: I/O error on GET request for "http://169.254.169.254/metadata/instance": connect to http://169.254.169.254 failed: Connect timed out

I have read that for azure app services we need to use "IDENTITY_ENDPOINT" & "IDENTITY_HEADER" to connect to resources in App services, but I am not sure where to set it using spring cloud config.

Stack : JDK 17 | Spring boot 3.2.0 | spring-cloud-vault-config 4.1.0

application.yaml

spring.cloud.vault:
  scheme: https
  uri: <vault url>
  authentication: azure_msi
  connection_timeout: 5000
  azure_msi:
    role: MY_UAMI
spring:
  config:
    import: vault://secret-path

The config works fine with authentication type as "token" and when deployed to app services gives the timeout error when using auth type as "azure_msi"

0

There are 0 answers