Reputation: 661
Not able to get Azure Key-Vault working in app when deployed to Azure
I have created an app using ASP.NET MVC on .NET 4.7.2 application to use Key Vault secret for connection string. For some reason it is not working when deploying to the Azure. Below are the steps. Please suggest the solution based on .net not .net core.
I have created an ASP.NET MVC application. Implemented Azure AD Authentication and tested my app, it is working fine no issue.
Then I created a Key Vault secret for the database connection string. And give permission to my app from the Key Vault->Access Policy
On the application level. Used the Connected Service to access the Key Vault-> Secret for connection string. That added the code in
web.configand added nuget packages. See the code below.Run the code locally which has no connection string and I was able to get the data. It worked perfectly without any issue. I was also able to determined that app is picking up Key Vault secret for connection string.
Deployed the app to the Azure app service.
Ran the application but I did not get the data however see the error as if the connection string is not provided.
Error
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections.
(provider: TCP Provider, error
What is it that I suppose to do or check in order for it to work. Note that locally, I am able to get the data with the code that I have in my web.config. So seem like there is no issue. And also I have Azure AD identification working.
web.config:
<configSections>
<section name="configBuilders"
type="System.Configuration.ConfigurationBuildersSection, System.Configuration, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f22d50a3a"
restartOnExternalChanges="false"
requirePermission="false" />
</configSections>
<configBuilders>
<builders>
<add name="AzureKeyVault"
vaultName="Prod-ConSt-01"type" Microsoft
.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder,
Microsoft.Configuration.ConfigurationBuilders.Azure,
Version=2.0.0.0, Culture=neutral,
PublicKeyToken=31bf9256ad364e35"
vaultUri="https://mywebsite-prod-const-01.vault.azure.net/" />
</builders>
</configBuilders>
<connectionStrings configBuilders="AzureKeyVault">
<add name="ProductionConnstr"
connectionString="from key vault"
providerName="System.Data.SqlClient" />
</connectionStrings>
Upvotes: 0
Views: 1408
Answers (1)
Reputation: 2275
This isn't a Key Vault problem - it seems that it's accessing the Key Vault just fine since it is trying to contact the database. Check your allowed IP range to allow your website to contact the database.
Upvotes: 1
Related Questions
- Key Vault reference in Azure App Service doesn't resolve
- Authentication to Azure Key Vault from an app service fails
- Azure Application Access Only Key Vault Keys
- How to access key vault from azure app service
- Azure Key Vault with App Service connection error
- “Key vault access denied” in azure web app configuration setting
- net core app fails to access azure key vault
- Unable to connect to Azure Key Vault from Azure Web App
- Unable to access Key-Vault using Azure Portal
- Not able read Azure Key Vault's secret key through windows application