Secure application secrets using Key Vault

Module
8 Units

Advanced

Administrator

Developer

Azure

GitHub

Azure Spring Apps

You're now running a version of the spring-petclinic microservice application in Azure. You want a better way to protect application secrets like your database connection string. In this module, you'll better protect your application secrets.

Learning objectives

In this module, you will:

Create an Azure Key Vault service.
Store your connection string elements as Azure Key Vault secrets.
Create a Managed Identity for your microservices.
Grant the Managed Identity permissions to access the Azure Key Vault secrets.
Update application config.
Update, rebuild, and redeploy each app.

Prerequisites

An Azure subscription.
Local installations of Java JDK (1.8 or later), Visual Studio Code, and the Azure CLI (2.12 or later).
Intermediate-level familiarity with and local installations of the following tools: Git, Java JDK 8 or later, and a Java IDE or text editor.
Basic Git commands, including cloning, committing files, and pushing changes to GitHub.
Pull requests in GitHub, including creating, reviewing, and merging pull requests.
Basic GitHub Actions workflows, including triggers and secrets for connecting to your Azure environment.

Introduction min
Create an Azure Key Vault service min
Configure a connection string secret in Key Vault min
Create a Managed Identity for microservices min
Configure Managed Identity access to Key Vault min
Update application config min
Knowledge check min
Summary min