Skip to content

Commit 4971a62

Browse files
v-regandownerv-regandowner
authored
Merge pull request #126894 from MaxHorstmann/maxhorstmann/devbox-secrets
Update "Use Azure Key Vault secrets in customization files"
2 parents 545a64e + 6ba862e commit 4971a62

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

articles/dev-box/how-to-use-secrets-customization-files.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,9 @@ To use a secret, like a PAT, in your customization files, store your PAT as a ke
2525

2626
Both team and user customizations support fetching secrets from a key vault. Team customizations, also known as image definition files, define the base image for the dev box with the `image` parameter, and list the tasks that run when a dev box is created. User customizations list the tasks that run when a dev box is created. The following examples show how to use a key vault secret in both types of customizations.
2727

28-
To configure key vault secrets for use in your YAML customizations:
28+
To configure key vault secrets for use in your team or user customizations, ensure that your dev center project's managed identity has the Key Vault Secrets User role on your key vault.
29+
30+
To configure key vault secrets for use in user customizations, you need to additionally:
2931

3032
1. Ensure that your dev center project's managed identity has the Key Vault Reader role and the Key Vault Secrets User role on your key vault.
3133
2. Grant the Key Vault Secrets User role for the key vault secret to each user or user group that should be able to consume the secret during the customization of a dev box. The user or group granted the role must include the managed identity for the dev center, the admin's user account, and any user or group that needs the secret during dev box customization.
@@ -85,4 +87,4 @@ To learn how to let trusted Microsoft services bypass the firewall, see [Configu
8587

8688
- [Microsoft Dev Box team customizations](concept-what-are-team-customizations.md)
8789
- [Configure imaging for Dev Box team customizations](how-to-configure-customization-imaging.md)
88-
- Learn how to [add and configure a catalog from GitHub or Azure Repos](../deployment-environments/how-to-configure-catalog.md).
90+
- Learn how to [add and configure a catalog from GitHub or Azure Repos](../deployment-environments/how-to-configure-catalog.md).

0 commit comments

Comments
 (0)