In my App Service, on the Application Settings blad, if I add the following key-value, it works just fine.
some:secret -> @Microsoft.KeyVault(VaultName=...)
However, if I move that line to my appsettings file:
{
"some": {
"secret": "@Microsoft.KeyVault(VaultName=...)"
}
}
Then the retrieved value in my code for 'some:secret' would be null. Here is how I add my appsettings to configuratoin (also added ASPNETCORE_ENVIRONMENT
to App Service's app settings):
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder => webBuilder.UseStartup<Startup>()
.ConfigureAppConfiguration((context, config) =>
{
var environment = context.HostingEnvironment.EnvironmentName;
config.SetBasePath(Directory.GetCurrentDirectory());
config.AddJsonFile("appsettings.json", optional: false);
config.AddJsonFile($"appsettings.{environment}.json", optional: false);
config.AddEnvironmentVariables();
}));
What am I missing here?
CodePudding user response:
the syntax @Microsoft.KeyVault(VaultName=...)
only works when deployed in an Azure AppService (or Function App) and the value will be injected like any other app settings from that blade: as ENV vars.
Your dotnet app will not see (or know) anything of the KeyVault. The retrieval of the secret is handled by AppService. That's why this also works in the same fashion for any other runtime like Java or node.