Title
k

kind-mechanic-53546

07/29/2020, 3:27 AM
Does anyone have a good azure service for config management? I'd like to export all my config (endpoints, secrets, connection strings, hostnames etc...) to have 1 consolidated place, currently, it's spread over 10 odd pulumi stacks In AWS, I'd use SSM Parameter store, but Azure App Configuraton is 1) not supported by Terraform or Pulumi and 2) expensive
c

colossal-room-15708

07/29/2020, 5:19 AM
The best service for this would be Azure Key Vault.
k

kind-mechanic-53546

07/29/2020, 6:49 AM
I was afraid that would be the answer 🙂
I'm doing that with secrets now, but it's a terrible interface compared to SSM Parameters
This is the presentation on the console
its 3 clicks to get to the tags which I put the description of the resource in 🙂
horrible UX
anyway, thanks 🙂
c

colossal-room-15708

07/29/2020, 7:05 AM
That UX depends on how you do it. Plus, if you don't care about encryption of values in the UI / API then maybe cosmos DB or storage accounts tables might be enough https://docs.microsoft.com/en-us/azure/cosmos-db/table-storage-overview
k

kind-mechanic-53546

07/29/2020, 8:33 AM
must be encrypted & hidden and RBAC'd for secrets
c

colossal-room-15708

07/29/2020, 10:43 AM
In which case it'll be Key Vault. Understand though that RBAC (for now) only works on the vault, not on secrets.
👍 1