Named value Logger-Credentials created automatically, which was not expected

Jesus Arnas Iñigo 20 Reputation points
2024-06-05T09:30:38.4933333+00:00

I have an Azure API Management resource that has an associated Application Insights. The infrastructure was created with Terraform.

The problem is that a security audit has found that a NamedValue has been created within API Management containing the Instrumentation Key of Application Insights. This is something that wasn't specifically created from Terraform, but rather by its internal calls.

The question is: Is there a way to configure Application Insights within API Management so that it reads the Instrumentation Key from an Azure Key Vault instead of from a Named Value?

Kind regards

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,851 questions
0 comments No comments
{count} votes

Accepted answer
  1. SwathiDhanwada-MSFT 18,121 Reputation points
    2024-06-05T11:22:51.0166667+00:00

    @Jesus Arnas Iñigo Thanks for your question.I understand that you are trying to get instrumentation key from Azure Key Vault instead of named value. But you can configure your named values to read the instrumentation key directly from key vault instead of storing it as plain value. Have you considered this approach ?

    Reference:

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful