Symfony - Azure 数据库密码保险库
[英]Symfony - Azure Vault for DB password
问题描述
Is it possible to use Azure Vault to store MySQL DB credentials in Symfony?
是否可以使用 Azure Vault 将 MySQL 数据库凭证存储在 Symfony 中? Right now the credentials are stored in an.env file (encrypted) but there's a request to use Azure Key Vault instead.现在凭证存储在一个 .env 文件中(加密),但有一个请求使用 Azure Key Vault 代替。 I've never heard about such a setup, is it possbile at all?我从来没有听说过这样的设置,这可能吗?
1 个解决方案
解决方案1
1 已采纳 2021-04-15 06:54:06
There is no official PHP SDK for Azure keyvault, you could call the REST API - Set Secret to store the MySQL DB credentials directly as secrets in the keyvault. There is no official PHP SDK for Azure keyvault, you could call the REST API - Set Secret to store the MySQL DB credentials directly as secrets in the keyvault. If you want to retrieve them, use Get Secret to do that.如果要检索它们,请使用Get Secret来执行此操作。
There are some prerequisites to call the rest apis.调用 rest api 有一些先决条件。
1. Register an application with Azure AD and create a service principal . 1. 向 Azure AD 注册应用程序并创建服务主体。
2. Get values for signing in and create a new application secret . 2. 获取登录值并创建新的应用程序密码。
3. Add the service principal to the keyvault access policy with correct secret permissions. 3. 使用正确的秘密权限将服务主体添加到密钥库访问策略。
4.Use the AAD client credential flow to get the token , then call the rest api. 4.使用AAD客户端凭证流获取token ,然后调用rest api。
Here is a sample wrapper of calling the rest apis, you could refer to it.这是调用 rest api 的示例包装器,您可以参考它。 See Add secret and Get secret .请参阅添加机密和获取机密。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.