every application needs to have some configuration.
Quite often these configuration includes secrets like passwords or keys for access to data basis or other systems.
Actual functions have integration with casuals Secure Vote which makes readings configuration secrets very easy.
Let's see how we can do that
now. The first thing we'll do is we'll go and create a secret in Azure key vote
I already have created a key vote resource that is completely empty. Let's go in and create a new secret.
So you play conduct Li Ke vote and on the left side you select secrets
I will generate
a completely new secret I will name it Sai Buri
and I will put the value us This is my secret
The secret will be enabled Oh click on create And now we have a secret which is stored under the name Sai Buri Example Secret in azure key vote
Now let's go back to our function app
and inside the function app
we'll need to do some configuration.
What we will do will create the so called managed service service identity
again This is done on the level off the function up, which means all the functions inside this function up will use the same identity.
You click on platform features and you click on identity
right now the identities off.
If I click on
and the safe button
a new identity will be created for my function.
Let's say okay and after a few minutes, this identity will be created and it will be added Toe azure Active directory.
This is the idea that I can use
toe grant access toe this identity toe different resource is let's copy this idea
and we will go back to Azure
in the key vote. We need to change the access policies in order to allow our to our azure function. To read the secret,
let's click on azure access policies and well, at a new policy
for our particular case. The only thing we need to do is we need to be ableto get a secret, so we will select the minimum
Onley requirements for our application to function.
Then we need to select the principle in our case, the principal will be our function or we can use the I d that we copied.
So this is our cyber very function for azure function course
will select this one
then we'll add it.
And of course, we should not forget to click the save button
to save this configuration.
Now our application, the cyber re function, will be able to get secrets from this key vote.
Now let's go and test that will need to write a little bit a court in our function.
I will keep the key vote open because we'll need some information from it.
And I opened our function in a different tap.
One of the things that we need to do is we need to create some environment configuration for our function.
The way the integration with azure key vote works is that
you can set the secret, its environment very able for the function.
So let's say we go and click on configuration
and in the configuration will at the new application setting,
and we'll go these applications setting like secret
the value for the sequel. It configuration has a specific for month that we will use.
The former is the following
at Microsoft Key vote secret. You are I equal and the secret you are I is the your eye of the key vote slash secrets slash the name of the secret. Let's go get that from the key vote.
So if you go to the overview,
you will see the U. N II for the key vote. We can copy this one.
Go back basted here. Well, right, secrets.
And then we need to get the secret name which waas
cyber example secret.
So we'll have cyber very
And we need to close.
The parent is is
let's save this configuration
and you will see
now the secret configuration
is marked as a key vote value.
Let me refresh this.
Yep, I'm sure that I want very fresh.
You see that this value is a key vote reference.
Let's go put a few lines of court and test our configuration.
And now, out of function,
we will go and just
read the configuration of PSA plane environment Very able.
In order to do that, we just need to Ryan
two lines of court.
All right, drink secret
system, environmental, get environment very able. And the name of our environment very able. Once secret configuration,
I'll just close it
instead printing the agent, as we used to do in the past. Let's just print the secret.
Let's save and run.
And as you can see, we were able to pull
the secret our of the key vote. So this is the text that we wrote in the secret.
Now you know how you can eat secrets for your configuration in natural functions.
Let's wrap up our model in the whole course.