I am trying to get metrics with the Azure Application Insights Service for my Static Page built by Angular.
To add the code snippet for javascript of Application Insights to the application I need to set the Instrumentation Key (Connection String) in the "plan code", like:
<script type="text/javascript">
// ... rest of code
cfg: { // Application Insights Configuration
connectionString: "CONNECTION_STRING"
}});
</script>
I have come across the option to use the Application Insights plugin for Angular during development, but I believe the issue of exposing the Connection String would still persist.
Considering that the Connection String contains sensitive information, it seems problematic to have it accessible to the client. I would like to ensure the security of my key. How can I address this concern?
The connection string (to be more precise: the instrumentation key therein) is not considered sensitive information. It is intended to be embedded in (public) website code. Worst case somebody could do is to flood your AppInsights instance with nonsense data. (But you anyway should have limits in place to protect you from unexpected high bills).