Secret management isn’t an easy task, specially if you are using Azure Kubernetes Service. Often Secrets are stored in Kubernetes in a not very safe base64 encoding. ASP.NET developers often tend to ship connectionstrings within the docker-container and use Kubernetes ConfigMaps.

But Azure offers a great secrets management and cryptography service called Azure KeyVault, where secrets can be managed in a very secure way. Through ARM Template deployment it is possible to save connectionstrings to Azure Services like Azure Databases or Azure Storage only in KeyVault. By using Azure Pod Identity applications can fetch connectionstrings and secrets directly from Azure KeyVault during runtime. This makes software development-security much easier and much safer.

In this session you’ll see how all these come together to bring developers an easy to secure experience.