Unable to fetch elasticsearch password from AWS Parameter Store

[pnijem]

Hi,

I have recently integrated my Spring Boot based service to work with AWS Parameter Store. All passwords that were migrated from application.yaml file (I know, it is bad I had them in this file) were migrated to AWS Parameter store. No other change was required. I am able to retrieve all values using @value annotation of Spring. But, fetch the Elasticsearch password value is not working. It used to work with the password has been located in the application.yaml file.
Do you know how to resolve this issue?

Thanks

[jonahbenton]

Our team faced some issues like this and identified them as an artifact of the way the Spring initialization lifecycle works. The appender can pull values from bootstrap.yml or application.yml but not from the Spring context, because logging is already initialized and doesn't get re-initialized after the context is fully populated.

Our solution was to enable this appender in a bean, using logback's programmatic interface. The key code looks like

public class AppenderInitializer {
            @Value("${elastic-password-paramstore}")
            private String elasticPassword; 
            
            // other values from param store

            @PostConstruct
            public void configureBean() { 
                    LoggerContext context = (LoggerContext) LoggerFactory.getILoggerFactory();
                    JoranConfigurator configurator = new JoranConfigurator();
                    context.putProperty("elastic.password", elasticPassword);
                    // other properties from paramstore to provide to the appender
                    configurator.setContext(context);
                    // use a dedicated .xml for this appender, loaded from classpath
                    configurator.doConfigure(this.getClass().getResourceAsStream("/elastic-appender-config.xml"));
            }
}

Hope that helps.