Using keyvault flex volume from a .NET Core 3.0 worker service

Just writing a quick article on how to use keyvault flex volume to mount keyvault secrets onto a .NET Core 3.0 worker service.

There is a few things to remember to get it working. First, I had created an ARM template using double dashes (–) as the “nesting” operator like so ServiceBus–ReadPolicyConnectionString. That is perfectly fine in Azure environments but since I wanted to use the AddKeyPerFile configuration source extension it was required to have the secrets written onto the flex volume with double underscore (__) instead like so ServiceBus__ReadPolicyConnectionString.

Luckily, this could be achieved by naming the secrets as previous with the objectaliases property.

After that it’s just a matter of pointing the AddKeyPerFile extension method to where the secrets are mounted like so:

Leave a Reply

Your email address will not be published. Required fields are marked *