Configuration
Keep settings flexible, secure, and versioned
Enforceable guidelines from our catalog
Sensitive Configuration Must Use Secure Storage
All sensitive configuration data including API keys, passwords, and certificates must be loaded from secure sources like AWS Parameter Store, Azure Key Vault, HashiCorp Vault, or Spring Cloud Vault rather than plain text files or environment variables.
Configuration Schema Must Be Validated at Startup
All configuration must be validated using @ConfigurationProperties with @Validated, Bean Validation annotations (@NotNull, @Min, @Max), or custom @PostConstruct validation methods at application startup with clear error messages for invalid, missing, or incorrectly formatted values.
Invalid Configuration Must Prevent Application Startup
Applications must fail to start with clear error messages and non-zero exit codes when required configuration is missing or invalid, using Spring Boot’s fail-fast approach to prevent deployment of misconfigured instances to production environments.
and get unlimited access to our guidelines catalog