Managing Secrets in Azure DevOps Key Vault for SF Cloud
sitefinity | 2024-06-20
When working with Sitefinity Cloud and Azure DevOps, managing secrets securely is crucial.
Azure Key Vault offers a seamless way to store and access secrets during your CI/CD pipelines or application runtime.
Here’s a quick guide on how to create and consume secrets using Azure Key Vault!
✅ The Steps
1. Login to Azure DevOps Overview
Navigate to your Azure DevOps Overview → Summary
page.
2. Open "Secrets & Certificates"
Click on the "Secrets & Certificates" button.
3. Understand the Available Object Types
There are three types of objects you can create:
- Keys
- Secrets
- Certificates
In this case, we will focus on Secrets.
4. Generate a New Secret
- Select Secrets.
- Click Generate/Import to create a new secret.
5. Consume the Secret
There are two ways to use the secret in your applications:
Option 1: Access via Code
- Azure Key Vault provides sample code snippets directly from the dashboard (see step 3).
- You can access secrets programmatically using SDKs like Azure.Identity and Azure.Security.KeyVault.Secrets.
Option 2: Access via AppSettings (Recommended for CI/CD)
- You can map secrets into your application's
appsettings
during your CI/CD process. - The application will automatically pick up these settings when deployed.