0

I've configured the access to azure app configuration and vault in my project, it works locally, but when I publish the aws lambda to aws cloud it doesn't access azure key values anymore.

I have configured:

_configuration = new ConfigurationBuilder()
                            .SetBasePath(Directory.GetCurrentDirectory())
                            .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
                            .AddJsonFile($"appsettings.{Svc.Name}.json", optional: false)
                            .AddEnvironmentVariables()
                            .AddAzureAppConfiguration(options =>
                            {
                                options
                                .Connect(tempConfig["AzureAppConfiguration:ConnectionString"])
                                .ConfigureRefresh(options =>
                                {
                                    options.Register("ConnectionString", false);
                                })
                                .ConfigureKeyVault(options =>
                                {
                                    options.SetCredential(new ClientSecretCredential(
                                        tempConfig["App:TenantId"],
                                        tempConfig["App:ClientId"],
                                        tempConfig["App:ClientSecret"]
                                        ));
                                });
                            })
                            .Build();

the values are on Json Files, lambda function is getting the right environment, my services configuration applies

serviceCollection.AddAzureAppConfiguration();

all works fine in local machine, but it triggers time out when tries to load Key values running on aws cloud.

Is there some permission/role/access I must grant in lambda's or azure's feature configuration?

Raphael Ribeiro
  • 529
  • 5
  • 18

1 Answers1

0

Here are a few things I will look

  • Make sure tempConfig is resolved before the code you shared is reached.
  • You use the connection string to connect to Azure App Configuration. It should work from anywhere. Please make sure the networking of your lambda is not blocking any traffic to App Configuration IP addresses or its domain "azconfig.io".
  • Don't load secrets from Key Vault temporarily to isolate the issue, so you can tell whether it's a connection issue with App Configuration or Key Vault.

BTW, if the issue is with refreshing, please make sure you call TryRefreshAsync in your Lambda call.

Zhenlan Wang
  • 1,213
  • 8
  • 10