chat-with-your-data-solution-accelerator icon indicating copy to clipboard operation
chat-with-your-data-solution-accelerator copied to clipboard
verified publisher icon Azure-Samples

Use Key Vault references for environment variable secrets

Open cecheta opened this issue 1 year ago • 0 comments

Motivation

Currently when Key Vault is used, the EnvHelper() makes a number of requests to Azure Key Vault. EnvHelper is currently cached, but there can be multiple calls to key vault, causing unnecessary latency.

We can rework the keyvault functionality to use the built-in Key Vault references, so the secrets are fetched from Key Vault when the application starts, and the keys are directly injected into the environment as environment variables, instead of fetching them at runtime.

https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references

How would you feel if this feature request was implemented?

image

Requirements

  • When useKeyVault is true, replace all secret env vars with a reference to Key Vault
  • Remove azure-keyvault-secrets from project
  • Update docs, particularly around the need to manually set the keys in an .env file, or with azd env set
    • Write a post-provision script to automate this (?)

Tasks

To be filled in by the engineer picking up the issue

cecheta avatar Apr 08 '24 14:04 cecheta