DotNetCore.Azure.Configuration.KvCertificates
6.0.2
See the version list below for details.
dotnet add package DotNetCore.Azure.Configuration.KvCertificates --version 6.0.2
NuGet\Install-Package DotNetCore.Azure.Configuration.KvCertificates -Version 6.0.2
<PackageReference Include="DotNetCore.Azure.Configuration.KvCertificates" Version="6.0.2" />
paket add DotNetCore.Azure.Configuration.KvCertificates --version 6.0.2
#r "nuget: DotNetCore.Azure.Configuration.KvCertificates, 6.0.2"
// Install DotNetCore.Azure.Configuration.KvCertificates as a Cake Addin #addin nuget:?package=DotNetCore.Azure.Configuration.KvCertificates&version=6.0.2 // Install DotNetCore.Azure.Configuration.KvCertificates as a Cake Tool #tool nuget:?package=DotNetCore.Azure.Configuration.KvCertificates&version=6.0.2
DotNetCore Azure Configuration Key Vault Certificates
The AspNetCore.Azure.Configuration.KvCertificate based on idea DotNetCore.Azure.Configuration.KvSecrets which package allows storing configuration values using Azure Key Vault Certificates.
Features
- Allows to load certifcates by list and map them into new names.
- Allows to load certifcates into the configuration section.
Getting started
Install the package
Install the package with DotNetCore.Azure.Configuration.KvCertificates:
Version 6.0.x : supports only Microsoft.AspNetCore.App 6.0 5.0 3.1-*
dotnet add package DotNetCore.Azure.Configuration.KvCertificates
Prerequisites
You need an Azure subscription
Examples
To load initialize configuration from Azure Key Vault secrets call the AddAzureKeyVault
on ConfigurationBuilder
:
Program.cs
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureAppConfiguration(Startup.AddKvCertificatesConfigurations);
webBuilder.UseStartup<Startup>();
});
Startup.cs
public static void AddKvCertificatesConfigurations(WebHostBuilderContext hostingContext, IConfigurationBuilder configurationBuilder)
{
var configBuilder = new ConfigurationBuilder().AddInMemoryCollection();
IHostEnvironment env = hostingContext.HostingEnvironment;
configBuilder.AddJsonFile("appsettings.json", optional: true, reloadOnChange: false)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true, reloadOnChange: false);
configBuilder.AddEnvironmentVariables();
var config = configBuilder.Build();
var options = configuration.GetSection(nameof(AzureKvCertificatesConfigurationOptions))
.Get<AzureKvCertificatesConfigurationOptions>();
var credential = new DefaultAzureCredential(
new DefaultAzureCredentialOptions()
{
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeInteractiveBrowserCredential = true
});
// Adds Azure Key Valt configuration provider.
configurationBuilder.AddAzureKeyVaultCertificates(credential, options);
appsettings.json
"AzureKvCertificatesConfigurationOptions": {
"ConfigurationSectionPrefix": "certificates",
"VaultUri": "https://mps-Development-microsevices.vault.azure.net/",
"VaultCertificates": [
"Development-jwt-microservices"
]
}
The Azure Identity library provides easy Azure Active Directory support for authentication.
Read more about configuration in ASP.NET Core.
Example with DotNetCore Configuration Templates
Use DotNetCore Configuration Templates to inject secrets into Microservice configuration.
Add to project nuget package DotNetCore.Azure.Configuration.KvSecrets.
Add to project nuget package DotNetCore.Configuration.Formatter.
Environment Variables set to :
DOTNET_RUNNING_IN_CONTAINER=true
ASPNETCORE_ENVIRONMENT=Development
...
host_environmet=datacenter
Microservice has the ApplicationConfiguration.cs
public class ApplicationConfiguration
{
public bool IsDocker {get; set;}
public string RunLocation {get; set;}
public string AppEnvironment {get; set;}
public string BusConnection {get; set;}
public string DbUser {get; set;}
public string DbPassword {get; set;}
}
Microservice has the following appsettings.json:
{
"AzureKvConfigurationOptions": {
"ConfigurationSectionPrefix": "secret",
"VaultUri": "https://secrets128654s235.vault.azure.net/",
"VaultSecrets": [
"service-bus-Development-connection",
"sql-Development-password",
"sql-Development-user",
"service-bus-Production-connection",
"sql-Production-password",
"sql-Production-user" ]
},
"AzureKvCertificatesConfigurationOptions": {
"ConfigurationSectionPrefix": "certificates",
"VaultUri": "https://mps-Development-microsevices.vault.azure.net/",
"VaultCertificates": [
"Development-jwt-microservices"
]
}
ApplicationConfiguration:{
"IsDocker": "{DOTNET_RUNNING_IN_CONTAINER??false}",
"RunLocation":"{host_environmet??local}",
"AppEnvironment":"{ENVIRONMENT}",
"BusConnection":"{secret:service-bus-{ENVIRONMENT}-connection}",
"DbPassword":"{secret:sql-{ENVIRONMENT}-password}",
"DbUser":"{secret:sql-{ENVIRONMENT}-user}",
"JwtCertificate": "{certificates:{ENVIRONMENT}-jwt-microservices}"
}
}
Microservice the Startup.cs
var applicationConfig = Configuration.UseFormater()
.GetSection(nameof(ApplicationConfiguration))
.Get<ApplicationConfiguration>();
Microservice has the ApplicationConfiguration.cs
public class ApplicationConfiguration
{
public bool IsDocker {get; set;}
public string RunLocation {get; set;}
public string AppEnvironment {get; set;}
public string BusConnection {get; set;}
public string DbUser {get; set;}
public string DbPassword {get; set;}
public KvCertificateConfigContainer JwtCertificate { get; set; }
}
Program.cs
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureAppConfiguration(Startup.AddKvCertificatesConfigurations);
webBuilder.UseStartup<Startup>();
});
Startup.cs
public static void AddKvCertificatesConfigurations(WebHostBuilderContext hostingContext, IConfigurationBuilder configurationBuilder)
{
var configBuilder = new ConfigurationBuilder().AddInMemoryCollection();
IHostEnvironment env = hostingContext.HostingEnvironment;
configBuilder.AddJsonFile("appsettings.json", optional: true, reloadOnChange: false)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true, reloadOnChange: false);
configBuilder.AddEnvironmentVariables();
var config = configBuilder.Build();
var options = configuration.GetSection(nameof(AzureKvCertificatesConfigurationOptions))
.Get<AzureKvCertificatesConfigurationOptions>();
var credential = new DefaultAzureCredential(
new DefaultAzureCredentialOptions()
{
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeInteractiveBrowserCredential = true
});
// Adds Azure Key Valt configuration provider.
configurationBuilder.AddAzureKeyVaultCertificates(credential, options);
var optionsSecrets = configuration.GetSection(nameof(AzureKvConfigurationOptions))
.Get<AzureKvConfigurationOptions>();
// Adds Azure Key Valt configuration provider.
configurationBuilder.AddAzureKeyVault(credential, options);
or with shorthand
var applicationConfig = Configuration.GetTypeNameFormatted<ApplicationConfiguration>();
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 is compatible. net5.0-windows was computed. net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp3.1 is compatible. |
-
.NETCoreApp 3.1
- Azure.Identity (>= 1.5.0)
- Azure.Security.KeyVault.Certificates (>= 4.2.0)
- Azure.Security.KeyVault.Secrets (>= 4.2.0)
- System.Linq.Async (>= 5.0.0)
-
net5.0
- Azure.Identity (>= 1.5.0)
- Azure.Security.KeyVault.Certificates (>= 4.2.0)
- Azure.Security.KeyVault.Secrets (>= 4.2.0)
- System.Linq.Async (>= 5.0.0)
-
net6.0
- Azure.Identity (>= 1.5.0)
- Azure.Security.KeyVault.Certificates (>= 4.2.0)
- Azure.Security.KeyVault.Secrets (>= 4.2.0)
- System.Linq.Async (>= 5.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Only supports the .net 6.0.