- Print
- DarkLight
- PDF
Azure Key Vault for Sensitive Configuration Settings
- Print
- DarkLight
- PDF
Settings for your function app can be set in the function application settings. Here you set the runtime, quota (Gb-Sec), manage slots, and keys. Furthermore, you can also manage the application settings for your function through manage the application setting. In this settings tab you can, for instance, manage a few general settings, application (function) settings, and connection strings.
For instance, a Google profile containing authentication and authorization data necessary to get access to Google Cloud resources. You can store this profile in Azure KeyVault and get them through using a few lines of code in your function.
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new KeyVaultClient(
new KeyVaultClient.AuthenticationCallback(
azureServiceTokenProvider.KeyVaultTokenCallback));
var googleProfile = (await keyVaultClient.GetSecretAsync(config["GOOGLE_PROFILE"])).Value;
A benefit of using Azure KeyVault, in general, is that you have a central and highly available service storing settings (secrets) for one or more applications, and services.
This benefit also applies to your functions, in case your multiple functions requiring the same secret regardless if the functions reside in the same or other Function Apps.