Hi @Dhanavath Vishnu Greetings! Thank you for posting this question here.
Referencing Key Vault credentials in Azure IoT Layered deployment is currently not supported. The product team has further stated that there is no way to avoid storing the clear text with the current implementation.
However, the team has mentioned a couple of measures can help improve the security posture:
- Use a repository-scoped credential with
AcrPull
role access as suggested in Manage-access-to-your-container-registry. The steps mentioned in this section to use create a service principal has to be executed from Azure CLI and cannot be incorporated into IoT Edge deployment directly. - Use IoT Hub RBAC to limit user access to module twin data so that not all users can have access to module twin data.
If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.