Today we released Visual Studio 2017 15.7 Preview 4. Our 15.7 update brings some exciting updates for publishing applications from Visual Studio that we’re excited to tell you about, including:
- Ability to configure publish settings before you publish or create a publish profile
- Create Azure Storage Accounts and automatically store the connection string for App Service
- Automatic enablement of Managed Service Identity in App Service
If you haven’t installed a Visual Studio Preview yet, it’s worth noting that they can be installed side by side with your existing stable installations of Visual Studio 2017, so you can try the previews out, and then go back to the stable channel for your regular work. We’d be very appreciative if you’d try Visual Studio 2017 15.7 Preview 4 and give us any feedback you might have while we still have time to change or fix things before we ship the final version (download now). As always, if you run into any issues, please report them to us using Visual Studio’s built in “Report a Problem” feature.
Configure settings before publishing
When publishing your ASP.NET Core applications to either a folder or Azure App Service you can configure the following settings prior to creating your publish profile:
- Build configuration (Release | Debug)
- Target Framework
- Framework Dependent or Self-contained app
- Target Runtime
- Remove additional files at destination
To configure this prior to creating your profile, click the “Advanced…” link on the publish target page to open the Advanced Settings dialog.
Create Azure Storage Accounts and automatically store the connection string in App Settings
When creating a new Azure App Service, we’ve always offered the ability to create a new SQL Azure database and automatically store its connection string in your app’s App Service Settings. With 15.7, we now offer the ability to create a new Azure Storage Account while you are creating your App Service, and automatically place the connection string in the App Service settings as well. To create a new storage account:
- Click the “Create a storage account” link in the top right of the “Create App Service” dialog
- Provide in the connecting string key name your app uses to access the storage account in the “(Optional) Connecting String Name” field at the bottom of the Storage Account dialog
- Your application will now be able to talk to the storage account once your application is published
Managed Service Identity enabled for new App Services
A common challenge when building cloud applications is how to manage the credentials that need to be in your code for authenticating to other services. Ideally, credentials never appear on developer workstations or get checked into source control. Azure Key Vault provides a way to securely store credentials and other keys and secrets, but your code needs to authenticate to Key Vault to retrieve them. Managed Service Identity (MSI) makes solving this problem simpler by giving Azure services an automatically managed identity in Azure Active Directory (Azure AD). You can use this identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without having any credentials in your code.
Starting in Visual Studio 2017 15.7 Preview 4, when you publish an application to Azure App Service (not Linux) Visual Studio automatically enables MSI for your application. You can then give your app permission to communicate with any service that supports MSI authentication by logging into that service’s page in the Azure Portal and granting access your App Service. For example, to create a Key Vault and give your App Service access
- In the Azure Portal, select Create a resource > Security + Identity > Key Vault.
- Provide a Name for the new Key Vault.
- Locate the Key Vault in the same subscription and resource group as the App Service you created from Visual Studio.
- Select Access policies and click Add new.
- In Configure from template, select Secret Management.
- Choose Select Principal, and in the search field enter the name of the App Service.
- Select the App Service’s name in the result list and click Select.
- Click OK to finishing adding the new access policy, and OK to finish access policy selection.
- Click Create to finish creating the Key Vault.
Once you publish your application, it will have access to the Key Vault without the need for you to take any additional steps.
Conclusion
If you’re interested in the many other great things that Visual Studio 2017 15.7 brings for .NET development, check out our .NET tool updates in Visual Studio 15.7 post on the .NET blog.
We hope that you’ll give 15.7 a try and let us know how it works for you. If you run into any issues, or have any feedback, please report them to us using Visual Studio’s features for sending feedback. or let us know what you think below or via Twitter.