Demo: Azure Key Vault + .NET 5.x
Please refer to below article(s) of my publication Awesome Azure on Azure Key Vault:
To install NuGet, run the following command in the Package Manager Console
PM> Install-Package Azure.Security.KeyVault.Secrets
PM> Install-Package Microsoft.Extensions.Configuration.AzureKeyVault
PM> Install-Package Azure.Identity
Here are samples that show you how to config.
{
// Way-1: Connect to Azure App Configuration using the Managed Identity (for Production Scenario)
"AzureKeyVaultEndpoint": "https://<YourKeyVaultName>.vault.azure.net",
// Way-2: Connect to Azure App Configuration using the Connection String (for Development Scenario)
"AzureKeyVault": {
"Endpoint": "https://<YourKeyVaultName>.vault.azure.net",
"ClientId": "<YourKeyVaultClientId>",
"ClientSecret": "<YourKeyVaultClientSecret>"
},
"Settings": {
"AppName": "Azure Key Vault Labs",
"Version": 1.0,
"FontSize": 50,
"RefreshRate": 1000,
"Language": "English",
"Messages": "Hello There. Thanks for using Azure Key Vault.",
"BackgroundColor": "Black"
}
}
public class Program
{
public static void Main(string[] args)
{
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureAppConfiguration((context, config) =>
{
var settings = config.Build();
if (!context.HostingEnvironment.IsDevelopment())
{
// Way-1
// Connect to Azure Key Vault using the Managed Identity.
var keyVaultEndpoint = settings["AzureKeyVaultEndpoint"];
if (!string.IsNullOrEmpty(keyVaultEndpoint))
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
config.AddAzureKeyVault(keyVaultEndpoint, keyVaultClient, new DefaultKeyVaultSecretManager());
}
}
else
{
// Way-2
// Connect to Azure Key Vault using the Client Id and Client Secret (AAD) - Get them from Azure AD Application.
var keyVaultEndpoint = settings["AzureKeyVault:Endpoint"];
var keyVaultClientId = settings["AzureKeyVault:ClientId"];
var keyVaultClientSecret = settings["AzureKeyVault:ClientSecret"];
if (!string.IsNullOrEmpty(keyVaultEndpoint) && !string.IsNullOrEmpty(keyVaultClientId) && !string.IsNullOrEmpty(keyVaultClientSecret))
{
config.AddAzureKeyVault(keyVaultEndpoint, keyVaultClientId, keyVaultClientSecret, new DefaultKeyVaultSecretManager());
}
}
})
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
});
}
public class TestController : ControllerBase
{
#region Members
private readonly Settings _settings;
private readonly IAzureKeyVaultService _azureKeyVaultService;
private readonly IConfiguration _configuration;
#endregion
#region Ctor
public TestController(IAzureKeyVaultService azureKeyVaultService, IConfiguration configuration, IOptions<Settings> options)
{
_azureKeyVaultService = azureKeyVaultService;
_configuration = configuration;
_settings = options.Value;
}
#endregion
#region Methods
/// <summary>
/// Get Settings (From Azure Key Vault - Specific setting)
/// </summary>
/// <returns></returns>
[HttpGet]
[Route("get-settings-from-azure-key-vault")]
public async Task<IActionResult> GetSpecificSettings()
{
var appName = await _azureKeyVaultService.GetSecret("Settings__AppName");
var language = await _azureKeyVaultService.GetSecret("Settings__Language");
var messages = await _azureKeyVaultService.GetSecret("Settings__Messages");
var settings = new Settings
{
AppName = appName,
Language = language,
Messages = messages
};
return Ok(settings);
}
/// <summary>
/// Get Settings
/// </summary>
/// <returns></returns>
[HttpGet]
[Route("get-settings")]
public IActionResult GetSettings()
{
var settings = _settings;
return Ok(settings);
}
#endregion
}
Feel free to request an issue on github if you find bugs or request a new feature. Your valuable feedback is much appreciated to better improve this project. If you find this useful, please give it a star to show your support for this project.
Reach out to me at one of the following places!
- Email โ๏ธ at
[email protected]
- Ashish Patel - A-Patel
Portfolio | Medium | GitHub | NuGet | Microsoft | ||||
---|---|---|---|---|---|---|---|---|
If you find this project useful โ or just feeling generous, consider buying me a beer or a coffee. Cheers! ๐ป โ
PayPal | BMC | Patreon |
---|---|---|
This project is licensed under the MIT License - see the LICENSE file for details.