Session

I've Got a Configuration Secret (and I don't even know what it is)

Keeping secrets safe and out of source code has always been challenging. De-coupling sensitive information like connection strings, certificates and passwords keeps these secrets out of source control where it is all to easy to expose them unintentionally.
This session focuses mostly on .Net Core Configuration and also provides an overview of how to leverage Azure App Service Settings, KeyVault and Managed Identities for Azure Resources to help alleviate this long-standing problem. Additionally we will see how to consume configuration even when you, the developer, don't have access to production secrets.
Demonstrated are three application scenarios - A non-Azure-hosted app, An Azure-hosted app and local debugging.
Time permitting, we will also see some techniques for managing secrets in full-framework applications that typically rely on web.config files.
This presentation gives you the basic knowledge to keep secrets out of source code while still assuring correct production configuration.

60 minutes. Will try to compensate for lack of Internet but ideally should have a strong connection. This session has been well received: https://twitter.com/hutchcodes/status/1112496377009979394

Bob Crowley

Software Engineer, .NET

Portland, Maine, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top