You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/container-apps/manage-secrets.md
+61Lines changed: 61 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,6 +34,22 @@ Secrets are defined as a set of name/value pairs. The value of each secret can b
34
34
35
35
When you define a secret, you can specify its value directly.
36
36
37
+
# [Azure portal](#tab/azure-portal)
38
+
39
+
1. Go to your container app in the [Azure portal](https://portal.azure.com).
40
+
41
+
1. Under the *Settings* section, select **Secrets**.
42
+
43
+
1. Select **Add**.
44
+
45
+
1. In the *Add secret* context pane, enter the following information:
46
+
47
+
-**Name**: The name of the secret.
48
+
-**Type**: Select **Container Apps Secret**.
49
+
-**Value**: The value of the secret.
50
+
51
+
1. Select **Add**.
52
+
37
53
# [ARM template](#tab/arm-template)
38
54
39
55
Secrets are defined at the application level in the `resources.properties.configuration.secrets` section.
@@ -109,7 +125,28 @@ To enable managed identity in your container app, see [Managed identities](manag
109
125
110
126
To grant access to Key Vault secrets, [create an access policy](../key-vault/general/assign-access-policy.md) in Key Vault for the managed identity you created. Enable the "Get" secret permission on this policy.
111
127
128
+
# [Azure portal](#tab/azure-portal)
129
+
130
+
1. Go to your container app in the [Azure portal](https://portal.azure.com).
131
+
132
+
1. Under the *Settings* section, select **Identity**.
133
+
134
+
1. In the *System assigned* tab, select **On**.
135
+
136
+
1. Select **Save** to enable system-assigned managed identity.
137
+
138
+
1. Under the *Settings* section, select **Secrets**.
139
+
140
+
1. Select **Add**.
112
141
142
+
1. In the *Add secret* context pane, enter the following information:
143
+
144
+
-**Name**: The name of the secret.
145
+
-**Type**: Select **Key Vault reference**.
146
+
-**Key Vault secret URL**: The URI of your secret in Key Vault.
147
+
-**Identity**: The identity to use to retrieve the secret from Key Vault.
148
+
149
+
1. Select **Add**.
113
150
114
151
# [ARM template](#tab/arm-template)
115
152
@@ -181,6 +218,30 @@ After declaring secrets at the application level as described in the [defining s
181
218
182
219
The following example shows an application that declares a connection string at the application level. This connection is referenced in a container environment variable and in a scale rule.
183
220
221
+
# [Azure portal](#tab/azure-portal)
222
+
223
+
After you've [defined a secret](#defining-secrets) in your container app, you can reference it in an environment variable when you create a new revision.
224
+
225
+
1. Go to your container app in the [Azure portal](https://portal.azure.com).
226
+
227
+
1. Open the *Revision management* page.
228
+
229
+
1. Select **Create new revision**.
230
+
231
+
1. In the *Create and deploy new revision* page, select a container.
232
+
233
+
1. In the *Environment variables* section, select **Add**.
234
+
235
+
1. Enter the following information:
236
+
237
+
-**Name**: The name of the environment variable.
238
+
-**Source**: Select **Reference a secret**.
239
+
-**Value**: Select the secret you want to reference.
240
+
241
+
1. Select **Save**.
242
+
243
+
1. Select **Create** to create the new revision.
244
+
184
245
# [ARM template](#tab/arm-template)
185
246
186
247
In this example, the application connection string is declared as `queue-connection-string` and becomes available elsewhere in the configuration sections.
0 commit comments