Keeping Secrets Safe in .NET/.NET Core Applications with Azure Key Vault
Published in
2 min readJan 22, 2019
Store and read app settings from Azure Key Vault in .NET 5.x/ASP.NET Core 3.x apps.
TL;DR
Azure Key Vault is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. It’s also a great way to keep secrets out of source control.
This article explains how to use the Microsoft Azure Key Vault configuration provider to load app configuration values from Azure Key Vault secrets.
Why Store Secrets in Azure Key Vault
- Keeping Secrets out of source control like GitHub, BitBucket, etc.
- Centralized Storage of Secrets.
- Access control and logging.
- Quick and easy to implement.
- Very cheap to use.
Store settings in Azure Key Vault
- First create a vault.
- Add a secret to your vault.
- Secure your app service using Managed Service Identity.
- Access the secret from your source code with a KeyVaultClient.
