hands-on lab

Securing Azure Web App Application Settings using Key Vault Secrets

Up to 1h
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.


Developers are most often facing challenges to store and manage secrets and credentials while building a solution for an organization. Azure Key Vault offers a secure implementation of a secret management solution with a wide range of capabilities to support the development needs. It eliminates the need for developers to handle secret management.

While building web-based solutions, including API, and web applications, it is crucial to secure and manage the environment variables in a central location for ease of use.

In this hands-on lab, you will learn how to secure the application settings on a web app using Key Vault referenced secrets in the Azure Portal.

Learning Objectives

Upon completion of this advanced-level lab, you will be able to:

  • Add secrets to Key Vault resource
  • Understand managed identities in Azure
  • Create application settings using the Key Vault reference

Intended Audience

  • Candidates for Azure Security Engineer Associate Exam (AZ-500)
  • Cloud Architects
  • Security Engineers
  • DevOps Engineers
  • Software Engineers


Familiarity with the following will be beneficial but is not required:

  • Azure Key Vault
  • Azure Web Apps

The following content can be used to fulfill the prerequisite:


June 12th, 2024 - Resolved deployment issue

June 3rd, 2024 - Updated the instructions and screenshots to reflect the latest UI

November 7th, 2023 - Resolved an issue that caused the lab to fail periodically

May 26th, 2023 - Resolved an issue that caused the lab to fail periodically

April 3rd, 2023 - Fixed typos in the lab to reflect the correct resource name

October 14th, 2022 - Updated the instructions and screenshots to reflect the latest UI


Environment before

Environment after

About the author

Learning paths

Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.

Covered topics

Lab steps

Logging in to the Microsoft Azure Portal
Adding Web App Application Settings as Secrets to Key Vault
Configuring Web App Application Settings with Azure Key Vault Reference