Azure Resources - Secrets

Nitric Secrets are deployed to Azure using Azure Key Vault.

Azure Resources

  • An Azure Key Vault instance per app

Unlike AWS Secrets Manager and GCP Secret Manager, which are both secrets services. Azure Key Vault requires 'Vault' resources to be created before secrets can be stored. For this reason, Nitric will create a Vault for each of your services during deployment if it doesn't already exist.

Deployment

During deployment the Nitric CLI builds your Secrets will be built as follows:

  • If secrets are referenced anywhere in your service a Key Vault instance will be deployed
  • Container Apps are configured to permit access to the Key Vault instance
Last updated on Nov 14, 2024