Do you use Configuration over Key Vault?

Last updated by Andrew Harris [SSW] 10 months ago.See history

We all know that we should Store Secrets Securely using Key Vault, but did you know that rather than have developers having to deal with a combination of Key Vault and Configuration, you can abstract Key Vault out of your application code and leave developers to only have to deal with Configuration?

badkeyvault
Figure: Bad example - Having to wire up Key Vault unnecessarily

A feature of Azure AppService is the ability to use secrets from Key Vault as Configuration values. This allows you to setup a link between your AppService and a Key Vault and have Configuration values point to a Key Vault Entry.

So now rather than developers having to think about if a value is a secret or configurations, it's always configuration. It just might have its value stored securely in Key Vault.

goodkeyvault
Figure: Good Example - Developers don't need to know anything about Key Vault

We open source. Powered by GitHub