Keeping production credentials / secrets safe on Microsoft Azure and Team Foundation Server
Question
We are using TFS for our Microsoft Azure application. In that application, we have Production, Staging and Local environments. Until now I was the only developer in the project, so we didn't have any problem with the security of credentials in development environment.
Our target is to keep production credentials safe and out of the reach of other developers. What is the best practice to do this on Microsoft Azure and Team Foundation Server Online?
Thanks.
Edit:
I'm keeping that secrets in "ServiceConfiguration" files of Azure:
Is it possible to keep ServiceConfiguration.Cloud.cscfg file exclusively available to a few person or a group in TFS? Maybe that can fix the issue. Because all secrets of Production env. are in it.
1 answers
solution1
0 2014-07-04 13:53:01
You can keep production passwords in Azure portal:
These override your web.config settings, similar to web.config transformations. You can override app.settings and connection strings.
This way you don't have to keep production credentials in your version control system, and only people with access to azure portal will be able to see these credentials.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.