Azure KeyVault
Use this provider to store your variables as a Secret in Azure Key Vault.
Dots (.) in variable-paths are automatically replaced by '-' before storing in the Key Vault due to the Key Vault not supporting dots
Configuration
| Field | Value |
|---|---|
| Uri | The Uri of the Azure KeyVault |
Sample
.confixrc
{
"project": {
"variableProviders": [
{
"name": "keyvault",
"type": "azure-keyvault",
"uri": "https://mykeyvault-dev.vault.azure.net"
}
]
}
}Authentication
The implementation uses DefaultAzureCredential (opens in a new tab) to authenticate.
During local development az login can be used to authenticate.
The Authenticated user requires the following Secret permissions:
| Action | Required Permission |
|---|---|
| confix restore | list |
| confix build | get |
| confix variable set | set |
| confix variable get | get |