General availability: Networking for Key Vault references on Windows in App Service and Azure Functions
Published date: 31 March, 2021
While apps deployed using App Service Environments have been able to access network restricted vaults previously, now Windows apps with virtual network integrations can also access these vaults. This enables teams to further restrict access to secrets on which their applications depend. Support for Linux apps is coming soon.
Please note that there is a known issue at the time of this update which prevents versionless references from automatically updating when behind network restrictions. This will be fixed soon, but in the meantime, it is not recommended to use both features at the same time.
Key Vault references allow the app to use a managed identity to resolve secrets from Azure Key Vault and expose them as environment variables. This allows teams to easily move secrets into management without code changes.