Hi @Dirk Dulfer ,
Thanks for reaching out.
You can achieve this is by using Azure Key Vault to store the secrets and then retrieve them during the installation process.
You can use the Custom Script Extension to install the VM application and retrieve the secrets from Key Vault.
You can store sensitive data in a protected configuration, which is encrypted and only decrypted inside the virtual machine. The protected configuration is useful when the execution command includes secrets such as a password or API keys.
Here's an example of how you can use the Custom Script Extension to retrieve secrets from Key Vault:
- Create a Key Vault and store the API credentials as a secret in the Key Vault.
- Create a managed identity for the VM and grant it access to the Key Vault.
- In the Custom Script Extension configuration, specify the script location and the command to be run.
- In the protected configuration, specify the Key Vault URL, the secret name, and the managed identity client ID.
Reference - https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.