Forum Discussion
Mask Azure App Insight Connection String
Hi all,
I have a customer who is looking for a way to mask the App Insight connection string. Is there a way to accomplish that?
Thanks.
- balasubramanimIron Contributor
To mask the Azure App Insights connection string in Azure DevOps:
Use Secret Variable: Add it as a secret variable in your pipeline settings (APP_INSIGHTS_CONN_STRING). It will be masked in logs.
- script: |
export APP_INSIGHTS_CONN_STRING=$(APP_INSIGHTS_CONN_STRING)
displayName: "Setup App Insights Connection String"Use Azure Key Vault: Store it in Azure Key Vault, then retrieve it in your pipeline with the Azure Key Vault task. The secret will stay masked.
- task: AzureKeyVault@1
inputs:
azureSubscription: '<Your Service Connection>'
keyVaultName: '<Your Key Vault Name>'
secretsFilter: 'APP_INSIGHTS_CONN_STRING'Both methods will securely mask the connection string in pipeline logs
Try below:
- Use Secret Variables in Azure DevOps: Add the connection string as a secret variable in your pipeline settings. This will mask it in logs and keep it secure.
- Store in Azure Key Vault: Store the connection string in Azure Key Vault and retrieve it in your application using the Azure Key Vault task. This ensures the connection string stays masked.
- terruahmadMicrosoft
Hello Kidd_Ip,
Thanks for your response. We proposed these 2 options to the customer. However, the customer wants to mask the connection string under App Insight so only limited number of users who have access to Azure Portal and proper RBAC can view the string.
Thanks.
- terruahmadMicrosoft
Hello Balasubramanim,
Thanks for your response. We proposed these 2 options to the customer. However, the customer wants to mask the connection string under App Insight so only limited number of users who have access to Azure Portal and proper RBAC can view the string.
Thanks.