Key-Vault storage for Authentication Secrets

Azure-Samples / azure-search-openai-demo

A sample app for the Retrieval-Augmented Generation pattern running in Azure, using Azure AI Search for retrieval and Azure OpenAI large language models to power ChatGPT-style and Q&A experiences.

https://azure.microsoft.com/products/search

MIT License

6.02k stars 4.12k forks source link

Key-Vault storage for Authentication Secrets #1052

Open mattgotteiner opened 10 months ago

mattgotteiner commented 10 months ago

Please provide us with the following information:

This issue is for a: (mark with an `x`)

- [ ] bug report -> please search issues before submitting
- [X] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Use Key Vault for storing secrets related to authentication instead of azd env vars

mattgotteiner commented 9 months ago

auth init scripts runs before bicep template. This script provisions the apps / sets up the secrets The secrets are required for the bicep template to provision the web app correctly We need to store the secrets in the key vault provisioned by the bicep How can we ensure the key vault exists before auth init runs? Do we need to setup the apps inside the bicep file? This isn't easily done

pamelafox commented 9 months ago

I think we need to create the key vault in the auth init script itself. cc @jongio in case he has better ideas as he's been looking into better key support for azd templates (though not auth specific)

Azure-Samples / azure-search-openai-demo

Key-Vault storage for Authentication Secrets #1052

Please provide us with the following information:

This issue is for a: (mark with an x)

This issue is for a: (mark with an `x`)