Azure App Configuration Service
Â
Intro
Use App Configuration to store all the settings for your application and secure their access in one place.
Documentation
Â
Tips and Tidbits
Â
App Configuration offers the following benefits:
A fully managed service that can be set up in minutes
Flexible key representations and mappings
Tagging with labels
Point-in-time replay of settings
Dedicated UI for feature flag management
Comparison of two sets of configurations on custom-defined dimensions
Enhanced security through Azure-managed identities
Complete data encryptions, at rest or in transit
Native integration with popular frameworks
Centralize management and distribution of hierarchical configuration data for different environments and geographies
Dynamically change application settings without the need to redeploy or restart an application
Control feature availability in real-time
The easiest way to add an App Configuration store to your application is through a client library that Microsoft provides.
Â
Azure App Configuration stores configuration data as key-value pairs.
Keys serve as the name for key-value pairs and are used to store and retrieve corresponding values.
It's a common practice to organize keys into a hierarchical namespace by using a character delimiter, such as
/
or:
Easier to read, Easier to manage, Easier to use.
AppName:Service1:ApiEndpoint AppName:Service2:ApiEndpoint
Keys stored in App Configuration are case-sensitive, unicode-based strings.
You can use any unicode character in key names entered into App Configuration except for
*
,,
, and\
.These characters are reserved.
If you need to include a reserved character, you must escape it by using
\{Reserved Character}
.
There's a combined size limit of 10,000 characters on a key-value pair.
Â
Key values in App Configuration can optionally have a label attribute.
Labels are used to differentiate key values with the same key.
Key = AppName:DbEndpoint & Label = Test Key = AppName:DbEndpoint & Label = Staging Key = AppName:DbEndpoint & Label = Production
App Configuration doesn't version key values automatically as they're modified.
Use labels as a way to create multiple versions of a key value.
You query an App Configuration store for key values by specifying a pattern.
The App Configuration store returns all key values that match the pattern and their corresponding values and attributes.
Â
Values assigned to keys are also unicode strings.
You can use all unicode characters for values.
There's an optional user-defined content type associated with each value.
Use this attribute to store information, for example an encoding scheme, about a value that helps your application to process it properly.
Â
Secure app configuration data
Every App Configuration instance has its own encryption key managed by the service and used to encrypt sensitive information.
Sensitive information includes the values found in key-value pairs.
When customer-managed key capability is enabled, App Configuration uses a managed identity assigned to the App Configuration instance to authenticate with Azure Active Directory.
The managed identity then calls Azure Key Vault and wraps the App Configuration instance's encryption key.
The wrapped encryption key is then stored and the unwrapped encryption key is cached within App Configuration for one hour
You can use private endpoints for Azure App Configuration to allow clients on a virtual network (VNet) to securely access data over a private link.
The private endpoint uses an IP address from the VNet address space for your App Configuration store.