Skip to content

Spring boot app connecting to AlloyDb by JDBC using SA mitigating Short lived credentials - IAM based

Notifications You must be signed in to change notification settings

dedeco/spring-boot-app-sa-iam-based

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Spring boot app connecting to AlloyDb

Spring boot app with JDBC SA mitigating Short lived credentials - IAM based

Install Java 17

See https://sdkman.io/usage

If you connect from external for a private ip database cluster.

See https://cloud.google.com/alloydb/docs/connect-external

For this sample, I had set up an intermediary virtual machine (VM) to connect to my cluster, as follows:

  1. Create a sample-vm
  2. Using SSH install the alloydb proxy. Here more details.
  3. Run the proxy inside the VM:
./alloydb-auth-proxy \
"projects/<PROJECT-ID>/locations/us-central1/clusters/pagilacls/instances/pagila"
  1. At the local machine create a tunnel. Here more details.
gcloud compute ssh vm-sample \
    --tunnel-through-iap \
    --zone=us-central1-b \
    --ssh-flag="-L 5432:localhost:5432"
  1. Set your variables on CloudSaApplication.java:
@Bean
DataSource getDataSource() {
    
        HikariConfig config = new HikariConfig();

        config.setJdbcUrl("jdbc:postgresql://127.0.0.1:5432/pagila");
        config.setUsername("[email protected]");
        config.addDataSourceProperty("ssl", "true");
        config.addDataSourceProperty("sslmode", "disable");
        
        return new CloudSqlAutoIamAuthnDataSource(config);
}
  1. Using another terminal, run:
./mvnw spring-boot:run

Output:

(...)
023-09-12 16:30:41.798  INFO 3023838 --- [  restartedMain] o.s.b.d.a.OptionalLiveReloadServer       : LiveReload server is running on port 35729
2023-09-12 16:30:41.838  INFO 3023838 --- [  restartedMain] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2023-09-12 16:30:41.854  INFO 3023838 --- [  restartedMain] b.c.x.cloudSA.CloudSaApplication         : Started CloudSaApplication in 5.913 seconds (JVM running for 6.45)

Credits: Thanks Eno Compton for support me

About

Spring boot app connecting to AlloyDb by JDBC using SA mitigating Short lived credentials - IAM based

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages