Home > OS >  Is it required to register an app to use Key Vault to store secrets?
Is it required to register an app to use Key Vault to store secrets?

Time:11-20

I have a .NET application that is currently running locally which accesses a database. The database secrets are stored in the appsettings.json file. My question is it possible to use keyvault without registering an application on Azure. If I should register an application, is it free or does it have a monthly cost . NOTE that I am currently on an AZURE FREE SUBSCRIPTION but will have to use KeyVault also for the future. Will this process of storing data into KeyVault and loading them again into the program costly ?

CodePudding user response:

This can be a little confusing at first - ultimately, what you need is a service principal. You can get one in a couple of ways:

  1. Create an Enterprise Application or App Registration. This is a little more involved because you have to create it, then you have to manage secrets associated with it, and your app service would need to that registration's application/client ID and the current secret injected into its environment.
  2. Turn on system-assigned managed identity in the app service configuration. This is the easiest way to go, because Azure takes care of everything - the registration and the secret management, injecting the current credential into your app's environment - automatically.
  3. Create a managed identity in the Azure portal, and then configure your app to use it as a user-assigned managed identity. This is similar to #2, but the extra step allows you to create an identity that can be shared across multiple apps, if that's something you want.

This functionality all comes with the Azure Active Directory tenant you get as part of your free subscription. There's a limit to this - you can only integrate 10 web applications with the free tier of Azure AD, beyond which you would need to upgrade to a paid tier.

Edit: It's possible that this 10 app limitation has been lifted since the last time I encountered it, but it would be a good thing to verify if you need to implement more than 10 apps.

CodePudding user response:

You can configure your Visual Studio to work with the key vault on your local environment. There are different ways to do it, but one of the ways is given in the link here https://docs.microsoft.com/en-us/azure/key-vault/general/vs-key-vault-add-connected-service.

You will require an Azure subscription first then you can to register application to Azure.

Page link:https//www.codepudding.com/os/198209.html

Prev:Why Azure App service IP address not the in the integrated VNet IP address range?
Next:How to use parameters inside parameters.json file in Azure Logic App Workflow definition
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding