I’m working on converting our website to ASP.NET and running into a security issue. Our team can’t use Windows authentication to connect to the database because of company policies. Instead we have to use SQL Server authentication with a specific username and password. The problem is that we don’t want the development team to be able to see these database credentials since they’re stored in plain text in the web.config file. I looked into encryption but that seems like it would slow things down and developers could still decrypt it if they really wanted to. Has anyone found a good way to handle this situation? What are some secure methods to store database connection info without exposing it to other team members?
we use separate config files for each enviroment. dev gets web.config with dummy creds, prod uses web.release.config with real connection strings that swaps during deployment. devs never see actual credentials and its way simpler than seting up key vault.
What about appsettings transforms with different builds? I’m curious though - are you deploying through CI/CD or doing it manually? If it’s manual, someone still needs access to prod credentials to update configs. How do you handle that without exposing them to more people?
I’ve had great success using environment variables with Azure Key Vault for exactly this. Set up prod and staging to pull connection strings from Key Vault, then use local environment variables for dev with sanitized credentials pointing to dev databases. This keeps your production secrets completely out of the codebase and away from the dev team. Performance isn’t an issue since connection strings get cached after the first pull. Most cloud providers have similar secret management that works seamlessly with ASP.NET config providers - pretty straightforward to implement without major changes to your existing app.