Skip to content

Property Expression

In addition to the standard text properties, a special syntax for expressions is supported.

Expression properties are properties in the format of {{expressiontype:expressionvalue}}. Specifically the following regex pattern is used: ^\{\{(\w*)?:(.*)\}\}$.

Please note that when overriding properties (for example via Runtime Manager properties or System Properties), you can't just assign the same property name as this will bypass the connector which won't be able to process the expression. To solve this problem you should specify the property key appended with a * symbol.

So for example if you want to override in anypoint runtime manager the property my.system.password with {{azvault:secret:systempw}}, you need to use my.system.password*={{azvault:secret:systempw}}.

Expression Type: Raw

While unlikely, you might need to have a property value that matches that property syntax. For example {{foo:bar}}. In that case you can use the expression type raw to assign it: {{raw:{{foo:bar}}}}

Expression Type: Encrypted

Encrypted properties can be specified by using the encrypted expression, with the value being the encrypted data base64 encoded.

ie:

{{encrypted:beI3_cmarrhzGCdy2WwDq1FR1EIfQ99YwCxs-X6_cdw}}

see the Encrypted Properties documentation for more details.

Expression Type: Azure Vault

This expression requires Azure Vault integration to be enabled (see Setup).

The expression type azvault can be used to retrieve secrets or certificates.

Secrets

To retrieve a secret, the value should be in the format of secret:[SECRETNAME]. For example:

{{azvault:secret:mysecret}}

Certificates

To retrieve a secret, the value should be in the format of cert:[CERTNAME]. For example:

{{azvault:cert:mycert}}

The returned value will be a base64 encoded java keystore. This keystore uses secret as the store and key password, and the certificate will be under the alias cert

You will typically want to use this with Property type file which will write the keystore to the filesystem and provide you it's path

Those expressions will use the vault url specified in the configuration. However other vaults can be accessed by specified their vault id using the following syntax:

{{azvault:cert@[VAULT]:[NAME]}}
{{azvault:secret@[VAULT]:[NAME]}}

ie:

{{azvault:cert@othervault:mycert}}
{{azvault:secret@othervault:mysecret}}

or

{{azvault:cert@https://othervault.vault.azure.net/:mycert}}
{{azvault:secret@https://othervault.vault.azure.net/:mysecret}}

Expression Type: UUID

This expression will generate a random UUID.

ie: {{uuid:}}