How can we improve Microsoft Azure Lab Services?

Enable Artifact Parameter to reference secret from keyVault

When creating an artifact for use in DevTest labs it would be really useful if we could add a parameter that could reference a secret in keyVault as you can do with ARM Template Parameter files.

This would help us with managing license keys etc as part of the automated software deployment.

39 votes
Sign in
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

bleecky shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: oidc
Signed in as (Sign out)
  • codekaizen commented  ·   ·  Flag as inappropriate

    Lab secrets would be a great addition. Can you update about the feature's progress?

  • David Forde commented  ·   ·  Flag as inappropriate

    What is the status of this? One main reason is to domain join the VMs without giving all users access to add objects into AD.

  • Stian commented  ·   ·  Flag as inappropriate

    Are there any updates as to when we will be able to pass a key vault secret as a parameter to an artifact?

  • satish commented  ·   ·  Flag as inappropriate

    Yes, this would be helpfull for user joining a VM during deployment using Formulas(ReusableBase). As for now when using resusable for users, the domain join credentials part is not referencing to secret. Have to create same secret for the all users who will be using the lab.

  • bleecky commented  ·   ·  Flag as inappropriate

    Thank you, this would be great and a massive help to us in how we build and manage our own artifacts/package.

    Ideally the secrets I need to store and pass to the artifacts would be available to multiple labs as they are usernames, pat tokens, sas keys etc that are used widely but I don't necessarily want people knowing.

    I could work with the "lab secrets" approach so long as I can seed it with the secrets I need as part of an arm deployment of the lab.

Feedback and Knowledge Base