DEV Community

Cover image for Azure Key Vault for local development
Antonio Di Motta
Antonio Di Motta

Posted on

2

Azure Key Vault for local development

One of the most huge mistakes that a developer can do It's storing secrets (i.e. database connection string) directly into the source code repository and also forgetting one could be very dangerous.

Ideally, all secrets should be stored and accessible by a secret manager (Azure Key Vault) and stored on repository only reference to right secret. On the other hand, the developer needs to use the secret's values on their configuration files (i.e. appSettings.json), so a fast way for retrieve them from Key Vault should be nice.

To accomplish this operation I have developed a powershell script called Set-ValuesFromKeyVault, which I have included an example of using it below.

Example

We want replace the key vault references into the following json file:

{
  "parent-property1": "@Microsoft.KeyVault(SecretUri=https://<<your-keyvault-resource>>.vault.azure.net/secrets/<<your-secret1>>)",
  "Values":
  {    
    "nested-property2": "@Microsoft.KeyVault(SecretUri=https://<<your-keyvault-resource>>.vault.azure.net/secrets/<<your-secret2>>)",
    "nested-property3": "@Microsoft.KeyVault(SecretUri=https://<<your-keyvault-resource>>.vault.azure.net/secrets/<<your-secret3>>)",
    "non-keyvault-binding-property": "<<any-value>>"
  }
}
Enter fullscreen mode Exit fullscreen mode

To do that, first establish a connection to an Azure account and than execute the powershell script as reported below:

# connect to azure
Connect-AzAccount

# execute the replace on data.json file
./Set-ValuesFromKeyVault.ps1 -FileName data.json
Enter fullscreen mode Exit fullscreen mode

The result will be a new json file called out.json within the secrets replaced as this:

{
  "parent-property1": "<<your-secret1-value>>",
  "Values":
  {    
    "nested-property2": "<<your-secret2-value>>",
    "nested-property3": "<<your-secret3-value>>",
    "non-keyvault-binding-property": "<<any-value>>"
  }
}
Enter fullscreen mode Exit fullscreen mode

The script is available on my repository.

Heroku

Simplify your DevOps and maximize your time.

Since 2007, Heroku has been the go-to platform for developers as it monitors uptime, performance, and infrastructure concerns, allowing you to focus on writing code.

Learn More

Top comments (1)

Collapse
 
antdimot profile image
Antonio Di Motta

??

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs