Spring Boot Actuator provides production-ready features to monitor and manage your applications. This guide explores Actuator's capabilities, how to enable it, and secure its endpoints.
Spring Boot Actuator provides production-ready features to monitor and manage your applications. This guide explores Actuator's capabilities, how to enable it, and secure its endpoints.
Spring Boot Actuator allows developers to:
📋 Ensure you have the following:
To enable Actuator, add the following dependency to your Spring Boot project:
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-actuator</artifactId> </dependency>
implementation 'org.springframework.boot:spring-boot-starter-actuator'
By default, Actuator exposes several endpoints to provide application insights. You can enable these endpoints in your application.properties or application.yml file.
Use this configuration as a baseline and adjust values for your local or production environment.
management.endpoints.web.exposure.include=health,info,metrics management.endpoint.health.show-details=always
Here are some commonly used Actuator endpoints:
/actuator/health: Provides application health status./actuator/info: Displays application metadata./actuator/metrics: Offers application performance metrics.You can access these endpoints via a browser or API tools like cURL.
Example:
curl -X GET http://localhost:8080/actuator/health
You can customize Actuator endpoints to suit your needs. For example, you can define additional metadata in the application.properties file for the /actuator/info endpoint:
info.app.name=My Application info.app.version=1.0.0 info.app.description=Spring Boot Actuator Example
For production environments, it's essential to secure Actuator endpoints. Use Spring Security to restrict access.
Run the application using the following command:
./mvnw spring-boot:run
Access the Actuator endpoints at:
http://localhost:8080/actuator/health
You can test the Actuator endpoints using cURL or browser:
curl -X GET http://localhost:8080/actuator/health
curl -X GET http://localhost:8080/actuator/info
You now have a practical Spring Boot Actuator implementation with a clear, production-friendly Spring Boot structure. As a next step, adapt configuration and tests to your own domain, then validate behavior under realistic traffic and failure scenarios.
Example Security Configuration
package com.example.demo.config; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.web.SecurityFilterChain; @Configuration public class SecurityConfig { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http .authorizeHttpRequests() .requestMatchers("/actuator/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .httpBasic(); return http.build(); } }
Example Security Configuration
package com.example.demo.config import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.web.SecurityFilterChain @Configuration class SecurityConfig { @Bean fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http .authorizeHttpRequests() .requestMatchers("/actuator/**").hasRole("ADMIN") .anyRequest().authenticated() .and() .httpBasic() return http.build() } }