question

JeremiahAdams-0775 avatar image
0 Votes"
JeremiahAdams-0775 asked prmanhas-MSFT commented

How to Authenticate to Azure Key Vault using Azure.Identity from Local Docker Container

I am working to containerize a .NET Core MVC application. This application currently accesses Key Vault to fetch the Client Secret for the app. This all works fine when deployed to an Azure App Service.


Now I'm working to containerize and test locally prior to pushing to my first Azure Kubernetes Service. Where I am running into problems is with debugging from inside the container. Inside the container I do not have access the ManagedIdentityCredential nor the VisualStudioCredential. The CLI doesn't exist on the the container so that Credential will fail in the chain as well. The only Credential object that looks viable is the EnvironmentCredential.

The problem with the EnvironmentCredential is that I have to pass the Client Secret as an environment variable. This makes it very likely for developers to check a secret into source control which is the entire problem I am trying to solve.

See https://github.com/Azure/azure-sdk-for-net/tree/master/sdk/identity/Azure.Identity#environment-variables


What are the best practices here for debugging Azure.Identity related code inside a local docker container?


azure-kubernetes-servicedotnet-adazure-managed-identity
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JeremiahAdams-0775 Any updates on the issue?

Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.

Thanks

0 Votes 0 ·

1 Answer

shivapatpi-MSFT avatar image
0 Votes"
shivapatpi-MSFT answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.