How can I hide username and password in connection string in Azure App Service?

Jennifer
January 6, 2023
159 views
0 votes
2 Answers

I have an app service and in the Configuration section there is a connection string that connect to a database as follows:

Server=tcp:myserver.database.windows.net,1433;Database=myDataBase;User 
ID=mylogin@myserver;Password=myPassword;Trusted_Connection=False;Encrypt=True;

How can I hide the plain text password utilizing Azure services or anything else?

Tags: azure azure-web-app-service

Answers

- DucNguyen
- January 6, 2023 at 7:30 am
- 0 votes
0
Azure Key Vault is a good way to hide credentials in connection strings in an Azure Web App. Here’s an overview of the steps you can follow:
1. Create an Azure Key Vault instance.
2. Add the connection strings you want to store as secrets in the Key
  Vault.
3. Grant access to the Azure Web App to retrieve secrets from the Key
  Vault.
4. In the Azure Web App, retrieve the connection strings from the Key
  Vault at runtime.
Login or Signup to reply.

- silent
- January 6, 2023 at 7:55 pm
- 0 votes
0
As a general approach: Use Key Vault-referenced App Settings in Azure App Service.

Your preferred way, however, should be to use Managed Identity of the App Service and then use Azure AD-based authentication for all services which support it (Azure SQL does).

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.