Just writing a quick article on how to use keyvault flex volume to mount keyvault secrets onto a .NET Core 3.0 worker service.
There is a few things to remember to get it working. First, I had created an ARM template using double dashes (–) as the “nesting” operator like so ServiceBus–ReadPolicyConnectionString. That is perfectly fine in Azure environments but since I wanted to use the AddKeyPerFile configuration source extension it was required to have the secrets written onto the flex volume with double underscore (__) instead like so ServiceBus__ReadPolicyConnectionString.
Luckily, this could be achieved by naming the secrets as previous with the objectaliases property.
After that it’s just a matter of pointing the AddKeyPerFile extension method to where the secrets are mounted like so: