Azure Keyvault Secrets & NodeJS : A security practice

const pool = new Pool({
user: 'john_doe',
host: 'john.secure.com',
database: 'transac_history',
password: 'J0hN_D03',
port: 1337,
ssl:true
});

The .env way

npm i dotenv
require('dotenv').config();let pass= process.env.{variable_name}console.log(pass)
# dotenv environment variables file
.env

Integrating Azure Key-vault in our code

npm i @azure/identity @azure/keyvault-secrets
const az_identity = require('@azure/identity');
const az_kv = require('@azure/keyvault-secrets');
const credential = new az_identity.DefaultAzureCredential();
const client = new az_kv.SecretClient('{keyvaulturl}',credential);
var db_pass=''const getkeyvault = async()=>{
db_pass=await client.getSecret('var1')
}
getkeyvault().then(()=>{
console.log(db_pass)
})

Azure app service

Error since our app service is not able to authenticate to keyvault

A common challenge for developers is the management of secrets, credentials, certificates, and keys used to secure communication between services. Managed identities eliminate the need for developers to manage these credentials. ReadMore

Enable System Assigned Managed Identity
Adding application to access policy of keyvault
Get permission for the application
Able to retrieve secret

Recommended Resources

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store