DotNetCore.Azure.Configuration.KvSecrets
8.0.0
dotnet add package DotNetCore.Azure.Configuration.KvSecrets --version 8.0.0
NuGet\Install-Package DotNetCore.Azure.Configuration.KvSecrets -Version 8.0.0
<PackageReference Include="DotNetCore.Azure.Configuration.KvSecrets" Version="8.0.0" />
paket add DotNetCore.Azure.Configuration.KvSecrets --version 8.0.0
#r "nuget: DotNetCore.Azure.Configuration.KvSecrets, 8.0.0"
// Install DotNetCore.Azure.Configuration.KvSecrets as a Cake Addin #addin nuget:?package=DotNetCore.Azure.Configuration.KvSecrets&version=8.0.0 // Install DotNetCore.Azure.Configuration.KvSecrets as a Cake Tool #tool nuget:?package=DotNetCore.Azure.Configuration.KvSecrets&version=8.0.0
DotNetCore Azure Configuration Key Vault Secrets
The DotNetCore.Azure.Configuration.KvSecrets based on Azure.Extensions.AspNetCore.Configuration.Secrets.
Improvements
- Allows storing configuration values using Azure Key Vault Secrets.
- Allows to load secrets by list and map them into new names.
- Allows to load secrets into the configuration section.
Getting started
Install the package
Install the package with DotNetCore.Azure.Configuration.KvSecrets:
Version 8.x.x : supports only .NET 8.0
Version 7.x.x : supports only .NET 7.0
Version 6.x.x : supports only .NET 6.0
Version 5.x.x : supports only Microsoft.AspNetCore.App 5.0-*
Version 3.1.x : supports only Microsoft.AspNetCore.App 3.1.0-*
dotnet add package DotNetCore.Azure.Configuration.KvSecrets
Prerequisites
You need an Azure subscription and [Azure Key Vault][keyvault_doc] to use this package.
To create a new Key Vault, you can use the Azure Portal, Azure PowerShell, or the Azure CLI. Here's an example using the Azure CLI:
az keyvault create --name MyVault --resource-group MyResourceGroup --location westus
az keyvault secret set --vault-name MyVault --name MySecret --value "hVFkk965BuUv"
.NetCore Microservice Examples
Can be used in conjunction with DotNetCore Azure Configuration KeyVault Certificates.
Add configuration provider with WebHostBuiler initialization.
Program.cs
var builder = WebApplication.CreateBuilder(args);
builder.AddKeyVaultConfigurationProvider();
StartupExt.cs
Used DotNetCore Configuration Templates to inject secrets into Microservice configuration. (Add to project nuget package DotNetCore.Configuration.Formatter.)
public static void AddKeyVaultConfigurationProvider(this WebApplicationBuilder builder)
{
var credential = new DefaultAzureCredential(
new DefaultAzureCredentialOptions()
{
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeInteractiveBrowserCredential = true
});
var optionsKv = builder.Configuration
.GetTypeNameFormatted<AzureKvConfigurationOptions>();
// Adds Azure Key Valt configuration provider.
builder.Configuration.AddAzureKeyVault(credential, optionsKv);
}
appsettings.json
"AzureKvConfigurationOptions": {
"ConfigurationSectionPrefix": "secret",
"VaultUri": "https://secrets128654s235.vault.azure.net/",
"VaultSecrets": [
"service-bus-Developement-connection",
"sql-Developement-password",
"sql-Developement-user"
"service-bus-Production-connection",
"sql-Production-password",
"sql-Production-user" ]
}
The Azure Identity library provides easy Azure Active Directory support for authentication.
Read more about configuration in ASP.NET Core.
Example with DotNetCore Configuration Templates
Use DotNetCore Configuration Templates to inject secrets into Microservice configuration.
Add to project nuget package DotNetCore.Configuration.Formatter.
Environment Variables set to :
DOTNET_RUNNING_IN_CONTAINER=true
ASPNETCORE_ENVIRONMENT=Development
...
host_environmet=datacenter
Microservice has the ApplicationConfiguration.cs
public class ApplicationConfiguration
{
public bool IsDocker {get; set;}
public string RunLocation {get; set;}
public string AppEnvironment {get; set;}
public string BusConnection {get; set;}
public string DbUser {get; set;}
public string DbPassword {get; set;}
}
Microservice has the following appsettings.json:
{
"AzureKvConfigurationOptions": {
"ConfigurationSectionPrefix": "secret",
"VaultUri": "https://secrets128654s235.vault.azure.net/",
"VaultSecrets": [
"service-bus-Development-connection",
"sql-Development-password",
"sql-Development-user",
"service-bus-Production-connection",
"sql-Production-password",
"sql-Production-user" ]
}
ApplicationConfiguration:{
"IsDocker": "{DOTNET_RUNNING_IN_CONTAINER??false}",
"RunLocation":"{host_environmet??local}",
"AppEnvironment":"{ENVIRONMENT}",
"BusConnection":"{secret:service-bus-{ENVIRONMENT}-connection}",
"DbPassword":"{secret:sql-{ENVIRONMENT}-password}",
"DbUser":"{secret:sql-{ENVIRONMENT}-user}"
}
}
Microservice the Startup.cs
var applicationConfig = Configuration.UseFormater()
.GetSection(nameof(ApplicationConfiguration))
.Get<ApplicationConfiguration>();
or with shorthand
var applicationConfig = Configuration.GetTypeNameFormatted<ApplicationConfiguration>();
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
-
net8.0
- Azure.Identity (>= 1.10.4)
- Azure.Security.KeyVault.Secrets (>= 4.5.0)
- System.Linq.Async (>= 6.0.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Only supports the .net 8.0.