Keeping secrets safe and out of source code has always been challenging. De-coupling sensitive information like connection strings, certificates and passwords keeps these secrets out of source control and away from the prying eyes of decompilers. This session provides an overview of Managed identities for Azure Resources which solves this long-standing problem. Demonstrated is an Azure App Service pulling secrets out of Azure Key Vault with no stored password or token. The Azure portal is used to create a managed identity and assign it to the application, then Azure Key Vault is configured to trust it in a particular role. Additionally, you learn the difference between a system assigned managed identity vs user assigned managed identity. This presentation gives you the basic knowledge to store and retrieve secrets from a variety of Azure service offerings.