Reputation: 1
I would like to know best way to access azure resource from on prem dotnet app
I am using DefaultAzureCredential library to authenticate against azure to use key vault and my app is deployed in on prem. So right now I am using client id/secrete stored in environment variable of server. I don't want to store any kind of secret in environment variable. Is there any other approach by which I can access key vault in my on prem app without storing client id/secret in environment variable. If some one has access to server they can see that environment variable so I want to avoid that. I know if app is deployed in azure then I can enable managed identity but in my case it is on prem app and i registered that app in azure.
I dont want to store clientid/secret in environment variable. I would like to know any other approach by which this should get clientid.secret in memory and use that. I also dont want to store encrypted version of secret in environment variable
Upvotes: 0
Views: 67
Answers (1)
Reputation: 16066
I think this section can help you to check if you can or can't do it.
I think using Powershell to Connect-AzAccount a user in your on prem server can be an option, but this means your app are trying to access the Azure key vault on behalf of the user, so you also need to add the access policy for this user in Azure key vault page.
Upvotes: 0
Related Questions
- Django MEDIA_URL and MEDIA_ROOT
- Media path not read in Django
- Django MEDIA_URL appending full MEDIA_ROOT
- Django 3.1 media prefix not showing on urls
- Django. Media url not found
- Django - {{ MEDIA_URL }} not working as expected
- Django Admin Media prefix URL issue
- MEDIA_URL is empty in Django 1.4
- Why does altering STATIC_URL in Django disrupt ADMIN_MEDIA_PREFIX
- django media path problem