[英]What are available and meaningful solutions for storing secrets suitable for Azure Container Instance?
What are available, meaningful ( secure, easy to store/use ) solutions for storing secrets that can be used by the instances of Docker containers hosted in Azure Container Instance?有哪些可用的、有意义的(安全、易于存储/使用)解决方案用于存储 Azure 容器实例中托管的 Docker 容器实例可以使用的机密?
Easy to store/use definition:易于存储/使用定义:
I'm building an app - the .NET Core 3.x background service hosted in Azure Container Instance.我正在构建一个应用程序 - 托管在 Azure 容器实例中的 .NET Core 3.x 后台服务。 It is a pilot project for a new line of development in my company.
这是我公司新开发线的试点项目。 We have a 3rd party solution for storing secrets outside code repository.
我们有一个 3rd 方解决方案,用于在代码存储库之外存储秘密。 It's used by all members of Dev team.
开发团队的所有成员都在使用它。 This solution produce per-user and per-machine dependency which are unnecessarily complicated for use in Docker images.
该解决方案产生了每用户和每台机器的依赖关系,这对于在 Docker 镜像中使用来说是不必要的复杂。
I spent half day with reading about Azure Key Vault.我花了半天时间阅读有关 Azure Key Vault 的信息。 I've read some tutorials about using it and how to setup the vault and authorize the app.
我已经阅读了一些关于使用它以及如何设置保险库和授权应用程序的教程。 Honestly, I was quite lost.
老实说,我很失落。 I wasn't able to make a decision if this is a suitable solution for our needs.
我无法决定这是否是满足我们需求的合适解决方案。
Sorry for the delay in responding.抱歉延迟回复。
I would suggest using the Key Vault task to get the secrets as build environment variables then in the CLI script when you create the container pass the secrets in as environment variables then your .Net Core app can simply get them from the environment.我建议使用Key Vault 任务获取机密作为构建环境变量,然后在创建容器时在 CLI 脚本中将机密作为环境变量传入,然后您的 .Net Core 应用程序可以简单地从环境中获取它们。
There is also a labs on this too if that helps如果有帮助,也有一个 实验室
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.