CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup
1.0.0
dotnet add package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup --version 1.0.0
NuGet\Install-Package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup -Version 1.0.0
<PackageReference Include="CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup" Version="1.0.0" />
paket add CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup --version 1.0.0
#r "nuget: CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup, 1.0.0"
// Install CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup as a Cake Addin #addin nuget:?package=CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup&version=1.0.0 // Install CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup as a Cake Tool #tool nuget:?package=CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup&version=1.0.0
Copy Azure KeyVault secrets hosting startup
CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup is a .NET library for copying secrets from Azure Key Vault into local user secrets storage. See: Secret Manager.
Allows development teams to store secrets on shared development Key Vault instance and keeps them locally in sync in local User Secrets store without having to perform manual (and error prone) updates.
Also, avoids paying the performance penalty of fetching secrets from KeyVault on every start of the application when in development. See: Reading a secret from Azure Key Vault takes a long time.
Installation
You will need to add a reference to CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup.dll in your project. The simplest way to do this is to use either the NuGet package manager, or the dotnet CLI.
Install-Package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup
Or using the .net core CLI from a terminal window:
dotnet add package CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup
Configuring the Asp Net core web project
Enable user secrets in your Asp Net core web project
Using the .net core CLi from a terminal window run:
dotnet user-secrets init
This will add the UserSecretsId element within a PropertyGroup of the project file. For more information see: Enable secret storage.
Edit launchSettings.json
Set the environment variables for the profiles for which you want this tool to run.
Environment Variables
ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT
This variable is used to set Url to the Azure Key Vault from which you want to read the secrets.
This library uses same Visual Studio's Connected Service authentication mechanism as the Microsoft.AspNetCore.AzureKeyVault.HostingStartup NuGet. (see Add Key Vault to your web application by using Visual Studio Connected Services.
The Microsoft account under which you are logged in to Visual Studio must have granted GET and LIST Secret Management Operations in the corresponding Key Vault Access Policies for the secrets to be read locally. More info Key Vault security features.
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-dev-vault-here.vault.azure.net"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED
This variable enables or disables the copy functionality. In development environment this should be set to true. In production the variable should be removed or set to false
"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "true"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__COPYINTERVAL
This variable defines the time span after which secrets will be refreshed from the key vault. The format of the value should be a valid TimeSpan string that can be parsed (see TimeSpan.Parse).
"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__COPYINTERVAL": "7.00:00:00"
ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__FORCECOPYENABLED
This variable when set to true overrides the copy interval variable, and forces copying of the values from the key vault. Useful when a new secrets is available in the key vault and you do not want to wait for the previous fetch interval to expire.
"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__FORCECOPYENABLED": "false"
Update Program.cs and add call to the AddCopyKeyVaultSecretsHostingStartup() extension method
If you are using .NET 6 version of Asp Net Core project add call to the extension method AddCopyKeyVaultSecretsHostingStartup() while configuring the WebApplicationBuilder.
using CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup;
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
// Add copy KeyVault secrets hosting startup
builder.WebHost.AddCopyKeyVaultSecretsHostingStartup();
// Add services to the container.
builder.Services.AddControllers();
If you are using .NET 3.1 or .NET 5 version of Asp Net Core project add call to the extension method AddCopyKeyVaultSecretsHostingStartup() while configuring the IWebHostBuilder.
using CraftersCloud.AspNetCore.CopyAzureKeyVaultSecrets.HostingStartup;
IHostBuilder builder = Host.CreateDefaultBuilder();
builder.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.AddCopyKeyVaultSecretsHostingStartup();
});
How to setup application when in production
In production you should either remove the environment variable ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED or set it to false. The call to the method AddCopyKeyVaultSecretsHostingStartup() can remain since the actual copying is performed only if the value of this environment variable is set to true.
This library can work without any problems along with the NuGet Microsoft.AspNetCore.AzureKeyVault.HostingStartup.
The same environment variable for the KeyVault Url is used in both librarires (i.e. ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT). The environment variable ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED is not being used by the copy Key Vault secrets library, so the two libraries can be independently turned on/off depending on the environment.
In development:
"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "true",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-dev-vault-here.vault.azure.net",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED": "false",
In production
"ASPNETCORE_HOSTINGSTARTUP__COPYKEYVAULTSECRETS__CONFIGURATIONENABLED": "false",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONVAULT": "https://put-your-prod-vault-here.vault.azure.net",
"ASPNETCORE_HOSTINGSTARTUP__KEYVAULT__CONFIGURATIONENABLED": "true",
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
.NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen40 was computed. tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.0
- Azure.Identity (>= 1.5.0)
- JetBrains.Annotations (>= 2021.3.0)
- Microsoft.AspNetCore.Hosting.Abstractions (>= 2.2.0)
- Microsoft.Azure.KeyVault (>= 3.0.5)
- Microsoft.Extensions.Configuration.AzureKeyVault (>= 3.1.21)
- Microsoft.Extensions.Configuration.EnvironmentVariables (>= 5.0.0)
- Microsoft.Extensions.Configuration.UserSecrets (>= 5.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
1.0.0 | 3,029 | 1/9/2022 |