This repository demonstrates how to manage secrets in Azure Container Apps using Terraform, leveraging Azure Key Vault for secure storage.
Traditionally, integrating Azure Key Vault secrets into Azure Container Apps via Terraform was challenging due to limited support. With recent updates to the AzureRM provider, this integration is now streamlined. This project provides a practical example of setting up Azure Container Apps with secrets sourced from Azure Key Vault using Terraform.
-
Sample Application: A simple application illustrating the use of secrets within Azure Container Apps. Source code is available here.
-
Terraform Scripts: Scripts to provision Azure Key Vault and Azure Container Apps, configure Role-Based Access Control (RBAC) for secure Key Vault access, and set environment variables in Azure Container Apps referencing the Key Vault secrets.
-
GitHub Actions Workflow: Automated workflow to deploy the infrastructure, verify the application's response, and clean up resources post-deployment. The workflow runs weekly to ensure the solution remains functional.
- Azure CLI installed on your local machine.
- An active Azure subscription.
-
Clone the Repository:
git clone https://github.com/your-repo/azure-container-apps-secrets-terraform.git cd azure-container-apps-secrets-terraform -
Initialize Terraform:
terraform init
-
Apply Terraform Configuration:
terraform apply
Note: All Terraform variables have default values but can be overridden as needed.
-
Access the Application:
After deployment, Terraform will output the application's URL. Navigate to this URL to verify the application is functioning correctly. The expected output is:
AzureWayRocks!
To destroy all resources created by Terraform:
terraform destroy- For a detailed walkthrough, refer to the Azure Way blog post.
- Explore more articles on Azure Container Apps here.
This project is licensed under the MIT License. See the LICENSE file for details.
This README is based on the article "Azure Container Apps secrets by Terraform [part 7]" by Karol.