Azure App configuration

1. Azure App configuration

Need to change a message, toggle a feature, or update a setting without touching code or redeploying? That’s exactly what Azure App Configuration does.

2. What Is Azure App configuration?

In cloud apps, settings often get scattered across files, variables, or databases making them hard to manage. Azure App Configuration centralizes all your application settings in one secure place. You can update settings or toggle features without redeploying your app. Since it’s fully managed by Azure, it also comes with built-in security and easy integration.

3. PeopleSphere with App Configuration

For example, PeopleSphere, the HR app we discussed earlier, keeps settings like login rules, password expiry, and toggles for new HR features here instead of hardcoding them.

4. App Config storage: keys

App Configuration stores data as key-value pairs. Keys uniquely name each setting. They can be flat or use prefixes to form a hierarchy. For example, PeopleSphere:HR:ThemeColor uses colons for folder-like grouping.

5. Labels in App configuration

Labels are optional and let you tag the same key with different values for each environment, like Dev or Prod. This way, an app can use the same key name and still get values depending on where it runs.

6. App config storage: values

Now, let’s talk about values. They store the data, support all characters, and can include metadata, which is extra info like type or format. Everything is encrypted at rest and in transit but metadata isn’t encrypted like values, so only use it for non-sensitive descriptive information.

7. Feature management

Features are parts of your app like dark mode, beta access, or banners. Feature management lets you toggle them without code changes or redeploys. It has three core parts First, Feature Flags. These are simple switches that turn features on or off. Next, the Feature Manager. This is typically a library or SDK you add to your app's code. It reads the flag’s value and acts accordingly. To ensure performance and prevent constant requests, it also intelligently caches setting values and updates them on the fly. Lastly, Filters decide when a feature should be active, based user group, region, or time.

8. Securing data in Azure App configuration

Securing configuration data is essential. Azure App Configuration supports three options for this: Customer Managed Keys, Private Endpoints, and Managed Identities.

9. Customer-managed keys

Customer Managed Keys let you bring your own encryption keys from Azure Key Vault, using Managed Identity instead of using Azure’s defaults. It wraps (that is, protects) the internal encryption key that secures your data. This wrapped key is stored safely, while the unwrapped version is cached in memory for performance and automatically refreshed every hour to stay in sync with the latest version from Key Vault.

10. Secure with private endpoints

Another way to secure App Configuration is through Private Endpoints. They use a private IP from your virtual network, so data stays off the public internet. This is ideal for internal access and data protection, allowing firewall rules and connections from on-prem via VPN or ExpressRoute.

11. Securing with managed identities

Now, let’s talk about Managed Identities. They let apps securely access Azure services without storing secrets. Azure handles identity creation and key rotation. There are two types: First, System-assigned identity. Azure creates it automatically for your app and removes it when the app is deleted. Second, User-assigned identity, you create it once and can share it across multiple services.

12. Let's practice!

Now, let’s strengthen your knowledge with some exercises!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.