Key Vault Settings in Azure App Settings with no c

2019-06-06 04:14发布

问题:

I created a simple Azure function with a HTTPTrigger that returns the secret value for a key set through the portal in Azure. The value is stored as

@Microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/ec96f02080254f109c51a1f14cdb1931)

The Function has system assigned managed identity enabled in Platform Features>Identity. The Key Vault has the secret added with the value. The Key Vault also has an Access Policy defined with full access for keys, secrets and certificates for the Application principal. The function app still returns the value as-is and not the secret value which may be a sign of access issues with Key Vault. What is missing to retrieve the values correctly?

https://medium.com/statuscode/getting-key-vault-secrets-in-azure-functions-37620fd20a0b

public static class FunctionCoreAnonymous
{
    static string superSecret = Environment.GetEnvironmentVariable("SuperSecret");
    [FunctionName("FunctionCoreAnonymous")]
    public static async Task<IActionResult> Run(
        [HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)] HttpRequest req,
        ILogger log)
    {
        return (ActionResult)new OkObjectResult($"Hello, {superSecret}");
    }
}

回答1:

Followed the link and it works successfully in my site. According to this is a new feature, it may be not stable.

BTW, in the first time I get the value as-is like you. But wait a little time, it works well. So I think it may have some delay to read the key vault secret.