Skip to content

Files

Latest commit

alexbuckgitalexbuckgit
[BULK UPDATE] DocuTune - Apply event-tier1-build-2022 ms.custom tag t…
May 23, 2022
55762f7 · May 23, 2022

History

History
80 lines (59 loc) · 3.9 KB

how-to-integrate-key-vault.md

File metadata and controls

80 lines (59 loc) · 3.9 KB
title description author ms.author ms.service ms.custom ms.topic ms.date
Integrate Azure Key Vault with Service Connector
Integrate Azure Key Vault into your application with Service Connector
shizn
xshi
service-connector
event-tier1-build-2022
how-to
05/03/2022

Integrate Azure Key Vault with Service Connector

Note

When you use Service Connector to connect your key vault or manage key vault connections, Service Connector will be using your token to perform the corresponding operations.

This page shows the supported authentication types and client types of Azure Key Vault using Service Connector. You might still be able to connect to Azure Key Vault in other programming languages without using Service Connector. This page also shows default environment variable names and values (or Spring Boot configuration) you get when you create the service connection. You can learn more about Service Connector environment variable naming convention.

Supported compute service

  • Azure App Service
  • Azure Spring Cloud

Supported Authentication types and client types

Client Type System-assigned Managed Identity User-assigned Managed Identity Secret/ConnectionString Service Principal
.NET yes icon yes icon yes icon
Java yes icon yes icon yes icon
Java - Spring Boot yes icon yes icon
Node.js yes icon yes icon yes icon
Python yes icon yes icon yes icon

Default environment variable names or application properties

.NET, Java, Node.JS, Python

System-assigned Managed Identity

Default environment variable name Description Example value
AZURE_KEYVAULT_SCOPE Your Azure RBAC scope https://management.azure.com/.default
AZURE_KEYVAULT_RESOURCEENDPOINT Your Key Vault endpoint https://{yourKeyVault}.vault.azure.net/

User-assigned Managed Identity

Default environment variable name Description Example value
AZURE_KEYVAULT_SCOPE Your Azure RBAC scope https://management.azure.com/.default
AZURE_KEYVAULT_RESOURCEENDPOINT Your Key Vault endpoint https://{yourKeyVault}.vault.azure.net/
AZURE_KEYVAULT_CLIENTID Your Client ID {yourClientID}

Service Principal

Default environment variable name Description Example value
AZURE_KEYVAULT_SCOPE Your Azure RBAC scope https://management.azure.com/.default
AZURE_KEYVAULT_RESOURCEENDPOINT Your Key Vault endpoint https://{yourKeyVault}.vault.azure.net/
AZURE_KEYVAULT_CLIENTID Your Client ID {yourClientID}
AZURE_KEYVAULT_CLIENTSECRET Your Client secret {yourClientSecret}
AZURE_KEYVAULT_TENANTID Your Tenant ID {yourTenantID}

Java - Spring Boot

Service Principal

Default environment variable name Description Example value
azure.keyvault.uri Your Key Vault endpoint URL "https://{yourKeyVaultName}.vault.azure.net/"
azure.keyvault.client-id Your Client ID {yourClientID}
azure.keyvault.client-key Your Client secret {yourClientSecret}
azure.keyvault.tenant-id Your Tenant ID {yourTenantID}
azure.keyvault.scope Your Azure RBAC scope https://management.azure.com/.default

Next steps

Follow the tutorials listed below to learn more about Service Connector.

[!div class="nextstepaction"] Learn about Service Connector concepts