Skip to main content
Glimpse - Key Vault Vs App Configuration for App service

In this post, we are jsut going to see glimpse of comparison between Keyvaukt and App Configuration for App services references.

Why we are comparing these two?

Recently App Configuration references on App Service become Generally Available and it can complements Keyvault.

Let us consider a scenario that we need to have client-id and secret which will be used in an API call for authentication from Azure function app/ App service / Logic App standard, in a secure place.
So, Here we come to know 2 azure native services are as follows

  1. Azure Keyvault
  2. Azure App Configuration

Azure people(we) typically use keyvault to handle secrets in secure way whereas App Configuration also complements Azure Keyvault then which is better or in which scenario we can pick either of the one.

According to me,
We can go for keyvault

  • when we need to handle secrets environment specific. Here, environment refers to, Dev, QA and Prod.
  • when need of hardware-level encryption
  • when granular level access required
  • when need to perform certificate rotation

  • When a data or secret which is common across all the environments, we can go for App Configuration which is central place to have secrets/configuration details.

You can use below references in Environment Variables section of App Service as below.
@Microsoft.KeyVault - @Microsoft.KeyVault(VaultName=myvault;SecretName=mysecret) - App service retrieves "mysecret" value from "myvault" @Microsoft.AppConfiguration - @Microsoft.AppConfiguration(Endpoint=https://myAppConfigStore.azconfig.io; Key=myAppConfigKey)​ - App service retrieves the value of key called myAppConfigKey from App Configuration. Your thoughts are Welcome!

Comments

Post a Comment

Popular posts from this blog

Glimpse - Azure function migration from .net6 in-process to .net8 isolated Microsoft/Azure periodically announces the end of support for some services and ask us to migrate to a new version/release when they come up with a robust solution than the deprecated. In this post we are going to see a glimpse/UI configuration change of azure function 𝗺𝗶𝗴𝗿𝗮𝘁𝗶𝗼𝗻 𝗳𝗿𝗼𝗺 .𝗻𝗲𝘁𝟲 𝗶𝗻-𝗽𝗿𝗼𝗰𝗲𝘀𝘀 𝗺𝗼𝗱𝗲𝗹 𝘁𝗼 .𝗻𝗲𝘁𝟴 𝗶𝘀𝗼𝗹𝗮𝘁𝗲𝗱. Here, I'm not going to deep dive about the migration whereas going to see the illustration of changing .net version from UI. For learning, GUI is the best place to start. So, as a dev guy we would prefer azure portal mostly. Consider a scenario that, you're requested to migrate your existing .net6 function app to be migrated .net8 isolated, you would go to settings panel and try to change the version in configuration, but the option would be disabled, it was disabled for me initially. Shocking and Afraid! After some point of ...
Post a Comment
Read more
𝗚𝗹𝗶𝗺𝗽𝘀𝗲 - 𝗔𝘇𝘂𝗿𝗲 𝗱𝗶𝘀𝗸 𝘂𝘀𝗲 𝗰𝗮𝘀𝗲𝘀 Hi Present days, Container based services/applications are growing than applications running from virtual machines. Even though container services evolving IT apps landscape, we could not boycott VM usage. Azure VM also requires and plays vital role for some scenarios. In this post, we are going to see just glimpse of azure disks of VM. This post is not about standard vs premium disk use case FYI. Azure VM can run with OS disk but it is not good practice. There are three types of disks. OS disk Data disk Ephemeral disk We need to know when to use what then only we can avoid performance bottleneck. 𝗗𝗮𝘁𝗮 𝗗𝗶𝘀𝗸 - If we install applications as well in OS disk, we could face performance issue. It is best to use OS disk to have OS infos and booting. The benefilt of Data disk is Easy maintanence Backup and disaster recovery Performance isolation (as it is far from OS acti...
Post a Comment
Read more