August 2017
Intermediate to advanced
468 pages
12h 5m
English
Content preview from Serverless computing in Azure with .NET
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Managing keys and secrets
Keys, certificates, and secrets used in your application should never be stored in config files in clear text, or committed to source control. Whenever possible, a secure key storage should be used to manage the keys. Azure provides a hardware security module (HSM) "as a service", called Azure Key Vault. Key vault provides a way to encrypt and manage the keys in a secure fashion, and allows developers to "bring their own keys". To learn more about Azure Key Vault, please visit https://docs.microsoft.com/en-us/azure/key-vault/key-vault-whatis.
At the time of this writing, configuring Azure Functions integration with Key Vault is a manual process. A more streamlined integration for securing function keys will be added ...