Migrating Azure Web Apps Access Keys to Azure Key Vault

A

Azure Key Vault provides a way to securely store credentials and other secrets, but your code needs to authenticate to Key Vault to retrieve them. Managed identities for Azure resources overview helps to solve this problem by giving Azure services an automatically managed identity in Azure AD. You can use this identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without having to display credentials in your code.

The correct answer is A. Managed Identities.

Managed identities for Azure resources is a feature that allows Azure resources such as Azure Virtual Machines, Azure App Service, and Azure Functions to authenticate themselves with Azure AD without requiring any credentials to be stored in the code or configuration files. In this case, Azure App Service will use managed identities to authenticate with Azure AD to access the access keys stored in Azure Key Vault.

To configure managed identities for Azure App Service, you need to perform the following steps:

1. Create an Azure AD application and service principal for the App Service.
2. Enable the managed identity for the App Service.
3. Grant the Azure AD application access to the Key Vault.

After you have completed these steps, the App Service can authenticate with Azure AD using the managed identity and access the access keys stored in the Key Vault. This ensures that the access keys are secure and not stored in the code or configuration files.

Option B, managed applications, is incorrect because it is not a feature in Azure that is related to managing access keys for web apps.

Option C, Azure policies, is also incorrect because it is a feature that enables you to enforce rules and actions on resources in Azure. It is not directly related to managing access keys for web apps.

Option D, an App Service plan, is incorrect because it is a container for one or more related web apps, but it is not directly related to managing access keys for web apps.