data-landing-zone icon indicating copy to clipboard operation
data-landing-zone copied to clipboard
verified publisher icon Azure

Bug: administratorPassword should not be in params

Open mike-leuer opened this issue 3 years ago • 1 comments

Deployment Mode

Deploy To Azure

Steps to reproduce

We should be using a keyvault in Data Management Zone to get access to this or some other way. Not secure to keep that in code. Or update documentation on how to secure it.

https://github.com/Azure/data-landing-zone/blob/ca7a66c93165b17ae2bc18c538b46691770f0eb1/infra/params.dev.json#L62

Example on how to secure it

        "administratorPassword": {
            "reference": {
                "keyVault": {
                    "id": "/subscriptions/<SubcriptionID>/resourceGroups/<ResourceGroup>/providers/Microsoft.KeyVault/vaults/<KeyVault>"
                },
                "secretName": "<SecretName>"
                }
        },

Error Message

No response

Screenshots

No response

Code of Conduct

mike-leuer avatar Sep 02 '22 18:09 mike-leuer

Same with purviewSelfHostedIntegrationRuntimeAuthKey

mike-leuer avatar Sep 02 '22 18:09 mike-leuer