How to properly store connection strings in Azure?
SQL azure connection strings always include a password (as Azure SQL Server doesn't support OS authentication) which makes it unsafe to keep them in web.config files. A typical recommendation you can find on the net is to move them to cloud configuration settings which means declaring a setting in ServiceDefinition/WebRole/ConfigurationSettings section of ServiceDefinition.csdef file so that you can edit them in the portal:
The problem with this approach is whenever you re-deploy your site the settings you set in the portal get overriden with what values are in ServiceConfiguration.*.cscfg. Of course, you can put your connection strings to the file but that's pointless as you still keep the secrets in a source control.
Azure Key Vault could be a good solution here but I'd like to explore other options before going this route. What would you recommend?
Create managed identities for your service and use key vault to add the access policy to key vault. No need to store client secret and all the configuration is stored in secured way.
- Hide vimeo user account logo on embedded videos
- Expo AuthSession w/ Azure not returning to app
- How to convert categorial raster to mapped RGB values in R?
- Generating offline documentation for Spring projects
- Setting OAuth scopes for Google Sheets add-on correctly
- Any way to throttle calls to a specific API in Chrome DevTools while leaving others unthrottled?
- VS Code not recognizing Jest, underlining with Intellisense
- Obtain bundle identifier programmatically in Swift?
- ASP.NET Required Field Validator and Compare Validator not working
- How to determine a terminal's background color?
- $_FILES['file']['tmp_name'] equivalents in C#
- How can I define a dependency in Make if all files reside in different folders but with similar structure (language dependent)?
- Installation appears to be corrupt [Unsupported] - Visual Studio Code
- How to output fragmented mp4 with ffmpeg?
- How to Check whether Session is Expired or not in asp.net
- Using assertRaises without self in Python 3.6
- How to Delete node_modules - Deep Nested Folder in Windows
- Set a Date Object Java
- Did C++20 change to allow conversion from array-of-known-bound `type(&)[N]` to array-of-unknown-bound `type(&)[]`?
- calculate pearson correlation of each rows in 2D numpy array (n,m)
- ASP.NET mvc auth or session expires quicker than set
- How to see file history, stashes etc. on source control panel in VS Code
- Git web development workflow, commit links to minified css and js?
- Android not respecting meta tag removal via JavaScript
- Bootstrap 5 / jQuery: is it possible to force bootstrap 5 to inject its jquery plugins immediately, not after DOMContentLoaded?
- Which Python packages offer a stand-alone event system?
- Is there a Javascript equivalent to Python's in conditional operator?
- Use of specific target_country and country meta tags
- meta in HTML run a hard refresh
- Custom CSS Scrollbar for Firefox