From b80ece338558036a2052a4704a1dbeb3e4fade67 Mon Sep 17 00:00:00 2001 From: cmendible Date: Fri, 29 Jul 2022 11:24:24 +0000 Subject: [PATCH] Azure App Configuration docs Signed-off-by: cmendible --- .../supported-configuration-stores/_index.md | 2 +- .../azure-appconfig-configuration-store.md | 93 +++++++++++++++++++ .../redis-configuration-store.md | 2 +- 3 files changed, 95 insertions(+), 2 deletions(-) create mode 100644 daprdocs/content/en/reference/components-reference/supported-configuration-stores/azure-appconfig-configuration-store.md diff --git a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/_index.md b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/_index.md index b6fe3ade1..2541276db 100644 --- a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/_index.md +++ b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/_index.md @@ -5,7 +5,7 @@ linkTitle: "Configuration stores" weight: 4500 description: The supported configuration stores that interface with Dapr aliases: - - "/operations/components/setup-secret-store/supported-configuration-stores/" + - "/operations/components/setup-configuration-store/supported-configuration-stores/" no_list: true --- diff --git a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/azure-appconfig-configuration-store.md b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/azure-appconfig-configuration-store.md new file mode 100644 index 000000000..450270b2a --- /dev/null +++ b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/azure-appconfig-configuration-store.md @@ -0,0 +1,93 @@ +--- +type: docs +title: "Azure App Configuration" +linkTitle: "Azure App Configuration" +description: Detailed information on the Azure App Configuration configuration store component +aliases: + - "/operations/components/setup-configuration-store/supported-configuration-stores/setup-azure-appconfig/" +--- + +## Component format + +To set up an Azure App Configuration configuration store, create a component of type `configuration.azure.appconfig`. + +```yaml +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: +spec: + type: configuration.azure.appconfig + version: v1 + metadata: + - name: appConfigHost # appConfigHost should be used when + # Azure Authentication mechanism is used. + value: + - name: appConfigConnectionString # appConfigConnectionString should not be used when + # Azure Authentication mechanism is used. + value: + - name: maxRetries + value: # Optional + - name: retryDelay + value: # Optional + - name: maxRetryDelay + value: # Optional + - name: azureEnvironment # Optional, defaults to AZUREPUBLICCLOUD + value: "AZUREPUBLICCLOUD" + # See authentication section below for all options + - name: azureTenantId # Optional + value: "[your_service_principal_tenant_id]" + - name: azureClientId # Optional + value: "[your_service_principal_app_id]" + - name: azureCertificateFile # Optional + value : "[pfx_certificate_file_fully_qualified_local_path]" + +``` + +{{% alert title="Warning" color="warning" %}} +The above example uses secrets as plain strings. It is recommended to use a secret store for the secrets as described [here]({{< ref component-secrets.md >}}). +{{% /alert %}} + +## Spec metadata fields + +| Field | Required | Details | Example | +|----------------------------|:--------:|---------|---------| +| appConfigConnectionString | Y* | Connection String for the Azure App Configuration instance. No Default. Can be `secretKeyRef` to use a secret reference. *Mutally exclusive with appConfigHost field. *Not to be used when [Azure Authentication](https://docs.dapr.io/developing-applications/integrations/azure/authenticating-azure/) is used | `Endpoint=https://foo.azconfig.io;Id=osOX-l9-s0:sig;Secret=00000000000000000000000000000000000000000000` +| appConfigHost | N* | Endpoint for the Azure App Configuration instance. No Default. *Mutally exclusive with appConfigConnectionString field. *To be used when [Azure Authentication](https://docs.dapr.io/developing-applications/integrations/azure/authenticating-azure/) is used | `https://dapr.azconfig.io` +| maxRetries | N | Maximum number of retries before giving up. Defaults to `3` | `5`, `10` +| retryDelay | N | RetryDelay specifies the initial amount of delay to use before retrying an operation. The delay increases exponentially with each retry up to the maximum specified by MaxRetryDelay. Defaults to `4` seconds; `"-1"` disables delay between retries. | `4000000000` +| maxRetryDelay | N | MaxRetryDelay specifies the maximum delay allowed before retrying an operation. Typically the value is greater than or equal to the value specified in RetryDelay. Defaults to `120` seconds; `"-1"` disables the limit | `120000000000` + +**Note**: either `appConfigHost` or `appConfigConnectionString` must be specified. + +## Authenticating with Connection String + +Access an App Configuration instance using its connection string, which is available in the Azure portal. Since connection strings contain credential information, you should treat them as secrets and [use a secret store]({{< ref component-secrets.md >}}). + +## Authenticating with Azure AD + +The Azure App Configuration configuration store component also supports authentication with Azure AD. Before you enable this component: +- Read the [Authenticating to Azure]({{< ref authenticating-azure.md >}}) document. +- Create an Azure AD application (also called Service Principal). +- Alternatively, create a managed identity for your application platform. + +## Set up Azure App Configuration + +You need an Azure subscription to set up Azure App Configuration. + +1. [Start the Azure App Configuration creation flow](https://ms.portal.azure.com/#create/Microsoft.Azconfig). Log in if necessary. +1. Click **Create** to kickoff deployment of your Azure App Configuration instance. +1. Once your instance is created, grab the **Host (Endpoint)** or your **Connection string**: + - For the Host: navigate to the resource's **Overview** and copy **Endpoint**. + - For your connection string: navigate to **Settings** > **Access Keys** and copy your Connection string. +1. Add your host or your connection string to an `azappconfig.yaml` file that Dapr can apply. + + Set the `appConfigHost` key to `[Endpoint]` or the `appConfigConnectionString` key to the values you saved earlier. + + {{% alert title="Note" color="primary" %}} + In a production-grade application, follow [the secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets. + {{% /alert %}} + +## Related links +- [Basic schema for a Dapr component]({{< ref component-schema >}}) +- [Configuration building block]({{< ref configuration-api-overview >}}) diff --git a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md index 4e05baf36..eae59db9a 100644 --- a/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md +++ b/daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md @@ -4,7 +4,7 @@ title: "Redis" linkTitle: "Redis" description: Detailed information on the Redis configuration store component aliases: - - "/operations/components/setup-state-store/supported-configuration-stores/setup-redis/" + - "/operations/components/setup-configuration-store/supported-configuration-stores/setup-redis/" --- ## Component format