Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save BenMakesGames/a05ed33ba67ef57c45f0212eab73db7e to your computer and use it in GitHub Desktop.
Save BenMakesGames/a05ed33ba67ef57c45f0212eab73db7e to your computer and use it in GitHub Desktop.
A walkthrough for how to create a basic .NET Core 8 app for App Service w/ Key Vault & Application Insights

Creating an App Service w/ Key Vault & Application Insights

  1. Create your App Service, Key Vault, and Application Insights

    1. Copy the Key Vault's "Vault URI" for later
    2. Copy the Application Insights' "Connection String" for later
  2. In the App Service's "Identity", turn the "System assigned" "Status" to "On"

  3. In the App Service's "Configuration", create a "New application setting" with value "KeyVaultURI", and value of the "Vault URI" you copied in step 1

  4. In the Key Vault's "Access control (IAM)", "Add > Add role assignment", add two things:

    1. Under "Job function roles", find "Key Vault Administrator"; under "Members", find yourself
    2. Under "Job function roles", find "Key Vault Secrets User" ; under "Members" find the "Managed identity" that is your App Service
  5. In the Key Vault's "Secrets", add a secret with name "ApplicationInsights--ConnectionString" and value of the Application Insights' "Connection String" you copied in step 1

  6. In your .NET Core application, add the following to Program.cs:

    // for prod, expected to be set in App Service's environment variables:
    if (builder.Configuration["KeyVaultURI"] is { } keyVaultURI)
    {
        builder.Configuration.AddAzureKeyVault(
            new Uri(keyVaultURI),
            new DefaultAzureCredential(),
            new DoubleDashSecretManager()
        );
    }
    
    builder.Services.AddApplicationInsightsTelemetry();
  7. Create the DoubleDashSecretManager class as follows:

    public class DoubleDashSecretManager: KeyVaultSecretManager
    {
        public override string GetKey(KeyVaultSecret secret)
            => secret.Name.Replace("--", ConfigurationPath.KeyDelimiter);
    }
  8. Ya done!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment