Storing multiple secrets in Azure key vault and access them from SQL DB linked service via Key vault

Question

I am stuck while implementing one scenario that...

I need to connect Azure SQL DB via key vault (connection string stored in key vault secret). I am able to do same when entire sql DB connection string is stored as secret. (server name, DB name, username and password)

But my requirement is.... In our customer specific key vault we have seperate secrets for Sql server name, Another secret for Sql instance , third secret for database name. (Now connection string split in different secrets)

How to combine these key vault secrets and make connection string out of it?

second requirement is that I don't want to store username password in secret as it is not allowed because of security purpose.

Limitations which i have faced.

• in linked service to Azure sql DB via key vault it ask for secret name and we can read one secret at a time. so how to call these different secrets in Azure sql db linked service via key vault

Summary: I have multiple secrets in key vault instead of entire connection string. How to combine them and connect to Azure SQL DB ( We are doing this because as per customer server name and instance name changes so we want to make it dynamic)

Please help with answer.

Answer 1

• Your point of storing the parts can be more secure.Store the parts that are sensitive with different access policy, and others with normal get, list access policy and store their parts, in Key Vault as secrets.
• Store and connect them as usual via linked service and get them into different variables in code and combine to form a connection string because if your code needs those values you have options on how to get the values to it i.e.Use Key Vault references.And dont store the user name and password and let users enter in the process and let the code store only after authentication process.

References: S01, SO2