One way to encrypt the app settings JSON file, is to run func settings encrypt
from the directory that contains the appsettings.json
.
We can also add new encrypted settings with func settings add SOME_NAME some_value
.
Caveat: this has limited utility, because the user that encrypted the data is the only user that can decrypt it. The encryption uses DataProtectionScope.CurrentUser
. (See the source code for this is in the SecretManager
class in the https://github.com/Azure/azure-functions-cli repository). The nuances of encrypting on one machine and decrypting on another machine are explained in the "DPAPI and Roaming Profiles section" of this document.