Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,413 questions
Will a .NET Framework ASP.NET WebForms app work with newer secrets management?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 35%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFR%3C/text%3E%3C/svg%3E)
Falanga, Rod, DOH
245
Reputation points
I'm working on a proof-of-concept project using GitHub (GH) self-hosted runners (like Azure Pipeline's self-hosted agents) for an old .NET Framework 4.5.2 ASP.NET WebForms app we have. We've learned about GH's Advanced Security and would like to adopt it. However, if we did then several of our apps will fail GH's Advanced Security since we've put secrets like database connection strings in the Web.Config file.
To fix this I looked for better ways of hiding secrets. I came across a Visual Studio Toolbox video from November 2021, which covered 5 approaches to manage an application's secrets. The 5 ways of managing secrets from that video are:
- Exclude config file from source control
- Use secrets.json file
- Use environmental variables
- Use Azure Key Vault reference
- Use Azure Service Authentication
The last one I think has been renamed. And I've heard that Azure Key Vault reference, which at the time was listed as "Azure only" could be handled if I used Key Vault SDK instead. (I've still got to research that.) But what concerns me is can an old .NET Framework 4.5.2 WebForms app work with environmental variables, Azure Key Vault, or whatever Azure Service Authentication is now known as? And I'm pretty sure that whatever version of Visual Studio came out with .NET Framework 4.5.2 knew nothing about secrets.json files. At the time I was writing .NET Framework 4.5.2 web apps, putting secrets in the Web.Config file was the only way I knew where to put secrets.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT 37,191 Reputation points Microsoft Employee2023-10-18T21:40:26.5266667+00:00 I haven't personally tried it but believe you can use the Azure.ResourceManager package and manage the Key Vault secrets.
https://www.nuget.org/packages/Azure.ResourceManager/
It's generally recommended to manage them using Azure CLI or Powershell, though.
-
Falanga, Rod, DOH 245 Reputation points
2023-10-19T14:19:25.2533333+00:00 Thank you, @Marilee Turscak I'll look into the links you supplied.
Sign in to comment
Sign in to answer