Azure Function automated deployment using ARM template

Question

Hi All,

We are deploying the azure function to get the Confluence Audit data into azure sentinel by following https://learn.microsoft.com/en-us/azure/sentinel/data-connectors/atlassian-confluence-audit-using-azure-functions . In this we are trying to use automated using Deploy to Azure option. Attached is the screenshot of the page where we have to provide access token, workspace key etc.

So wanted to know how these secretes i.e. token, workspace key are stored in this method. Will anybody will be able to see them in Function, if its stored securely or not?

There is other option to store it in key vault, but there are many other components involved in this manual method, so we want to avoid it because in the future something could break or expire.

Answer 1

@Balaji Shinde Thanks for reaching out to Microsoft Q&A, apologize for any inconvenience caused on this.

I have gone through the ARM template schema that is shared in the documentation, I see that the parameters Workspace ID, Workspace Key, ConfluenceAccessToken, ConfluenceUsername will be stored as an application setting to function app as shown below.

If you want to store these parameters values in Keyvault as secret and use them in your function app using the secret reference URI then you need to modify the existing/available ARM template by including the resource blocks to create Keyvault and to create a secret inside in it.

You can refer to this sample ARM template on How to create a Keyvault and a secret using ARM template.

Feel Free to reach back to me if you have any further questions on this.