Implementing Azure Key Vault for secure secrets as well as local configuration file

Question

Implementing Azure Key Vault for secure secrets as well as local configuration file

Closed this issue 5 years ago · 7 comments

ConstantineK commented 6 years ago

Functionality to store/load azure secrets.
Blog post on setting up the AKV (since its probably not going to cross accounts if it requires azure ad.)
Check if local file exists and if not attempt to load azure secrets, and die if all processes fail.
Has to work with existing pester testing.

Answer 1 · 2019-01-22T17:34:51.000Z

Keep in mind that we will need to store multiple ApiKey's and Token's to do a full scope of tests.

Answer 2 · 2019-01-22T17:38:39.000Z

Can you please start with the local configuration file, so we can move towards that locally for now?

Answer 3 · 2019-01-22T18:02:29.000Z

Sounds good - I was going to start there anyway since I am not sure yet which configuration items would need to be stored (besides the most obvious ones), going to look at the relevant code and isolate the needed pieces first, test that it works, then start poking at the cloud.

Answer 4 · 2019-01-22T18:10:02.000Z

Right now, all we need are these:

$OAuthSettings = @{
  ApiKey = $env:ApiKey
  ApiSecret = $env:ApiSecret
  AccessToken = $env:AccessToken
  AccessTokenSecret =$env:AccessTokenSecret
}
Set-TwitterOAuthSettings @OAuthSettings

But multiple sets of them.

Answer 5 · 2019-01-22T18:12:25.000Z

[Suggestion] Instead of managing 4 different keys per group, we could make a single key.

ApiToken = "${env:ApiKey}:${env:ApiSecret}:${env:AccessToken}:${env:AccessTokenSecret}"

Or a JSON object, so it's the same as the config.json file?

$ApiToken = '{"ApiKey":"111","ApiSecret":"111","AccessToken":"111","AccessTokenSecret":"111"}'

Answer 6 · 2019-06-19T17:00:19.000Z

Did anyone look into this?

#34 has been submitted to use XML file for config. Can someone comment and help with review?

Answer 7 · 2020-05-10T06:36:01.000Z

Closing.. no activity.