skip to Main Content

The flask documentation recommends to use an instance folder to hide sensitive configuration variables (e.g. api keys, secret keys) from version control. Is it acceptable to keep sensitive configuration variables in an instance folder when deploying to an Azure App Service for production or should the variables be stored using a different method (e.g. enviromental variables, Azure key vaults)?

2

Answers


  1. I’d say depends on your definition of acceptable 🙂 it would be more secure to use Environment variable or Azure Key Vault, but its certainly possible to just store those in git

    Login or Signup to reply.
    1. keeping sensiitive data in GIT is not a good practice.

    2. Azure keyvalut is not free, but its safer than anything else.

    3. you can just use the azure app configuration

    enter image description here

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search