Put all database connection strings in keyvault

dotnet / aspire

An opinionated, cloud ready stack for building observable, production ready, distributed applications in .NET

https://learn.microsoft.com/dotnet/aspire

MIT License

3.61k stars 401 forks source link

Put all database connection strings in keyvault #3299

Open davidfowl opened 5 months ago

davidfowl commented 5 months ago

Today database connection string always grab the parent connection string (the database server) and they append the database portion of the connection string. This is fine for resources that don't put their connection strings in key vault, but we can optimize the experience so that the deployment tool never needs to grab keyvault secrets to create container apps.

davidfowl commented 5 months ago

Huge benefit as the secrets are auto pulled from key vault every 30 mins https://learn.microsoft.com/en-us/azure/container-apps/manage-secrets?tabs=azure-portal#key-vault-secret-uri-and-secret-rotation

mitchdenny commented 1 month ago

Need to have some more discussion about this.