Azure Key Vault secret used in Web Activity body

Robert Matear 6 Reputation points
2021-02-08T10:25:37.01+00:00

Hi,

I am trying to figure out what the best approach is for injecting secrets from Azure Key Vault into a Web Activity found in the Azure Data Factory. Specifically in this case I want to inject a secret into the body of a request.

65386-webactivitybody.jpg

The only solution that I have found so far involves using another web request to fetch a key from Azure Key Vault using it's REST API - this works fine with a few keys and a few pipelines but this will get difficult to manage at scale. I noticed there is a linked service to Azure Key Vault but there doesn't seem to be a way of referencing the service and retrieving keys.

Any other solution ideas would be appreciated, and please let me know if there is a way of using the linked service to inject secrets.

Thanks,
Rob

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,150 questions
Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
9,776 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Nandan Hegde 29,906 Reputation points MVP
    2021-02-08T12:37:32.863+00:00

    Hey @Robert Matear ,
    Currently the Key vault integration in ADF v2 is only for Linked service credential connectivity purpose and there is no integration of the key vault with any activities within pipeline.
    The only easy was as of now is using a web activity to connect to key vault REST API via MSI and fetch the secret value and pass it to another activity.

    The other way is having the entire logic within Azure function/ custom activity thereby having 1 code .

    1 person found this answer helpful.