Time
1 hour
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:01
every application needs to have some configuration.
00:05
Quite often these configuration includes secrets like passwords or keys for access to data basis or other systems.
00:13
Actual functions have integration with casuals Secure Vote which makes readings configuration secrets very easy.
00:22
Let's see how we can do that
00:26
now. The first thing we'll do is we'll go and create a secret in Azure key vote
00:32
I already have created a key vote resource that is completely empty. Let's go in and create a new secret.
00:40
So you play conduct Li Ke vote and on the left side you select secrets
00:47
I will generate
00:48
a completely new secret I will name it Sai Buri
00:53
Example Secret
00:57
and I will put the value us This is my secret
01:03
The secret will be enabled Oh click on create And now we have a secret which is stored under the name Sai Buri Example Secret in azure key vote
01:17
Now let's go back to our function app
01:22
and inside the function app
01:26
we'll need to do some configuration.
01:32
What we will do will create the so called managed service service identity
01:38
again This is done on the level off the function up, which means all the functions inside this function up will use the same identity.
01:49
You click on platform features and you click on identity
01:55
right now the identities off.
01:57
If I click on
01:59
and the safe button
02:01
a new identity will be created for my function.
02:07
Let's say okay and after a few minutes, this identity will be created and it will be added Toe azure Active directory.
02:15
This is the idea that I can use
02:20
toe grant access toe this identity toe different resource is let's copy this idea
02:27
and we will go back to Azure
02:30
key vote
02:32
in the key vote. We need to change the access policies in order to allow our to our azure function. To read the secret,
02:42
let's click on azure access policies and well, at a new policy
02:49
for our particular case. The only thing we need to do is we need to be ableto get a secret, so we will select the minimum
02:58
Onley requirements for our application to function.
03:02
Then we need to select the principle in our case, the principal will be our function or we can use the I d that we copied.
03:13
So this is our cyber very function for azure function course
03:16
will select this one
03:20
click select,
03:22
then we'll add it.
03:23
And of course, we should not forget to click the save button
03:28
to save this configuration.
03:30
Now our application, the cyber re function, will be able to get secrets from this key vote.
03:40
Now let's go and test that will need to write a little bit a court in our function.
03:46
I will keep the key vote open because we'll need some information from it.
03:51
And I opened our function in a different tap.
03:58
One of the things that we need to do is we need to create some environment configuration for our function.
04:05
The way the integration with azure key vote works is that
04:10
you can set the secret, its environment very able for the function.
04:17
So let's say we go and click on configuration
04:25
and in the configuration will at the new application setting,
04:30
and we'll go these applications setting like secret
04:36
configuration
04:40
the value for the sequel. It configuration has a specific for month that we will use.
04:47
The former is the following
04:49
at Microsoft Key vote secret. You are I equal and the secret you are I is the your eye of the key vote slash secrets slash the name of the secret. Let's go get that from the key vote.
05:08
So if you go to the overview,
05:10
you will see the U. N II for the key vote. We can copy this one.
05:15
Go back basted here. Well, right, secrets.
05:19
And then we need to get the secret name which waas
05:26
cyber example secret.
05:29
So we'll have cyber very
05:30
example
05:32
secret.
05:34
And we need to close.
05:38
The parent is is
05:40
let's save this configuration
05:44
and you will see
05:46
that
05:46
now the secret configuration
05:50
is marked as a key vote value.
05:55
Let me refresh this.
06:01
Yep, I'm sure that I want very fresh.
06:06
You see that this value is a key vote reference.
06:11
Let's go put a few lines of court and test our configuration.
06:15
And now, out of function,
06:18
we will go and just
06:20
read the configuration of PSA plane environment Very able.
06:26
In order to do that, we just need to Ryan
06:30
two lines of court.
06:31
All right, drink secret
06:35
sequel
06:38
system, environmental, get environment very able. And the name of our environment very able. Once secret configuration,
06:47
I'll just close it
06:49
and
06:50
instead printing the agent, as we used to do in the past. Let's just print the secret.
07:00
Let's save and run.
07:08
And as you can see, we were able to pull
07:11
the secret our of the key vote. So this is the text that we wrote in the secret.
07:19
Now you know how you can eat secrets for your configuration in natural functions.
07:27
Let's wrap up our model in the whole course.

Up Next

Azure Functions

This Azure Functions course explains the core concepts of serverless services in Azure, how to develop functions that use different triggers and how to secure access of Azure Functions and manage configuration secrets.

Instructed By

Instructor Profile Image
Toddy Mladenov
Instructor