As a compliance activity we remove secrets (app secrets, connection strings, etc) from code and upload them to Azure Key Vault. That provides an opportunity to roll them and have fresh secrets at the moment they are put into the vault.1 vote
The current key vault document is really messy, it's really hard to know the whole e2e workflow to setup a keyvault for a web app.
For example, where to get the client id and client password, how to connect the key vault with application, why there are so many old portal screenshots, why so many powershell scripts if we can just click some button via portal1 vote
Configuration secrets such as connection strings will change from one deployment slot to another. Adding the deployment slot concept to Key Vault would eliminate the need to hack that concept into the secret names and the code used to retrieve the secrets.1 vote
- Don't see your idea?