I have spent the past few hours trying to work this out. Please help me understand what I'm doing wrong.
I have setup a new app with deployment slots. In the production/main deployment slot, I am able to create a service connector to my SQL Database using a connection string, and able to store the connection string in the key vault; like in the following pic.
However, when I try to do the same for a slot I created, the option to store the value in the key vault doesn't appear; like in the pic below.
As far as I can tell, everything is correctly configured, i.e., subnet, managed service identities, etc. What could I possibly doing wrong?
I have spent the past few hours trying to work this out. Please help me understand what I'm doing wrong.
I have setup a new app with deployment slots. In the production/main deployment slot, I am able to create a service connector to my SQL Database using a connection string, and able to store the connection string in the key vault; like in the following pic.
However, when I try to do the same for a slot I created, the option to store the value in the key vault doesn't appear; like in the pic below.
As far as I can tell, everything is correctly configured, i.e., subnet, managed service identities, etc. What could I possibly doing wrong?
Share Improve this question asked Mar 10 at 12:00 David PoxonDavid Poxon 2,5035 gold badges25 silver badges45 bronze badges 1- Which plan are you using @DavidPoxon? – Pravallika KV Commented Mar 14 at 11:17
1 Answer
Reset to default 0You can store the connection string in Key vault only in the Production slot.
These options are not available in deployment slots.
I have tested the same and noticed the connection string can only be stored in App Configuration.
As an alternative, try below:
Create a service connector to SQL Database using a connection string in Production slot and store it in Azure key vault.
Clone the settings from main web app while adding a new slot.
You can follow below steps to store SQL connection string in Key Vault and use it in web app:
- Add the SQL connection string as secret in Key Vault
- Enable managed identity in Web App slot.
- Navigate to
Keyvault=>Access Role(IAM)and assignKey Vault Administratorrole to Web app slot's managed identity. - Add the key vault reference as App Setting in Azure Web app slot.
@Microsoft.KeyVault(SecretUri=https://<KeyvaultName>.vault.azure/secrets/<secretName>/Secret_Version)