I have following queries for better clarity and understanding to design integration with the recommended best practices considering security vulnerabilities. Appreciate your thoughts and views on the queries below.
Is there any documentation availabe to check details about connector's (action) services made available for general public from preview? Or how to check those details? Wanted to check when the service “Get secret” for LogiApp available for general public from Preview (and how long was under preview).
Is there any downfall accessing the secret value from key vault using HTTP connector (GET) with Managed Identity authentication enabled along with Secure Input and Secure Output options also enabled? What are all the security vulnerabilities of this approach? Appreciate if anyone could share MS documentation on the same, if any exists.
What is the advantage of using “Get Secret” service over the method explained in #2 above, to access secret from key vault? Any best practice recommendations from MS (prefer documentation link) on which connector to be used to access key vault secret?
Appreciate your help in advance.