DotNetCore.Azure.Configuration.KvCertificates
8.0.0
dotnet add package DotNetCore.Azure.Configuration.KvCertificates --version 8.0.0
NuGet\Install-Package DotNetCore.Azure.Configuration.KvCertificates -Version 8.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="DotNetCore.Azure.Configuration.KvCertificates" Version="8.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add DotNetCore.Azure.Configuration.KvCertificates --version 8.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: DotNetCore.Azure.Configuration.KvCertificates, 8.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install DotNetCore.Azure.Configuration.KvCertificates as a Cake Addin
#addin nuget:?package=DotNetCore.Azure.Configuration.KvCertificates&version=8.0.0
// Install DotNetCore.Azure.Configuration.KvCertificates as a Cake Tool
#tool nuget:?package=DotNetCore.Azure.Configuration.KvCertificates&version=8.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
DotNetCore Azure Configuration Key Vault Certificates
The AspNetCore.Azure.Configuration.KvCertificate based on idea DotNetCore.Azure.Configuration.KvSecrets which package allows storing configuration values using Azure Key Vault Certificates.
Features
- Allows to load certifcates by list and map them into new names.
- Allows to load certifcates into the configuration section.
Getting started
Install the package
Install the package with DotNetCore.Azure.Configuration.KvCertificates:
Version 8.0.x : **supports only Microsoft.AspNetCore.App 8.0
dotnet add package DotNetCore.Azure.Configuration.KvCertificates
Prerequisites
You need an Azure subscription
Examples
To load initialize configuration from Azure Key Vault secrets call the AddAzureKeyVault on ConfigurationBuilder:
Program.cs
var builder = WebApplication.CreateBuilder(args);
builder.AddKeyVaultConfigurationProvider();
StartupExt.cs
Used DotNetCore Configuration Templates to inject secrets into Microservice configuration. (Add to project nuget package DotNetCore.Configuration.Formatter.)
public static void AddKeyVaultConfigurationProvider(this WebApplicationBuilder builder)
{
var credential = new DefaultAzureCredential(
new DefaultAzureCredentialOptions()
{
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeInteractiveBrowserCredential = true
});
var optionsCert = builder.Configuration
.GetTypeNameFormatted<AzureKvCertificatesConfigurationOptions>();
// Adds Azure Key Valt configuration provider.
builder.Configuration.AddAzureKeyVaultCertificates(credential, optionsCert);
}
appsettings.json
"AzureKvCertificatesConfigurationOptions": {
"ConfigurationSectionPrefix": "certificates",
"VaultUri": "https://mps-Development-microsevices.vault.azure.net/",
"VaultCertificates": [
"Development-jwt-microservices"
]
}
The Azure Identity library provides easy Azure Active Directory support for authentication.
Read more about configuration in ASP.NET Core.
Example with DotNetCore Configuration Templates
Use DotNetCore Configuration Templates to inject secrets into Microservice configuration.
Add to project nuget package DotNetCore.Azure.Configuration.KvSecrets.
Add to project nuget package DotNetCore.Configuration.Formatter.
Environment Variables set to :
DOTNET_RUNNING_IN_CONTAINER=true
ASPNETCORE_ENVIRONMENT=Development
...
host_environmet=datacenter
Microservice has the ApplicationConfiguration.cs
public class ApplicationConfiguration
{
public bool IsDocker {get; set;}
public string RunLocation {get; set;}
public string AppEnvironment {get; set;}
public string BusConnection {get; set;}
public string DbUser {get; set;}
public string DbPassword {get; set;}
}
Microservice has the following appsettings.json:
{
"AzureKvConfigurationOptions": {
"ConfigurationSectionPrefix": "secret",
"VaultUri": "https://secrets128654s235.vault.azure.net/",
"VaultSecrets": [
"service-bus-Development-connection",
"sql-Development-password",
"sql-Development-user",
"service-bus-Production-connection",
"sql-Production-password",
"sql-Production-user" ]
},
"AzureKvCertificatesConfigurationOptions": {
"ConfigurationSectionPrefix": "certificates",
"VaultUri": "https://mps-Development-microsevices.vault.azure.net/",
"VaultCertificates": [
"Development-jwt-microservices"
]
}
ApplicationConfiguration:{
"IsDocker": "{DOTNET_RUNNING_IN_CONTAINER??false}",
"RunLocation":"{host_environmet??local}",
"AppEnvironment":"{ENVIRONMENT}",
"BusConnection":"{secret:service-bus-{ENVIRONMENT}-connection}",
"DbPassword":"{secret:sql-{ENVIRONMENT}-password}",
"DbUser":"{secret:sql-{ENVIRONMENT}-user}",
"JwtCertificate": "{certificates:{ENVIRONMENT}-jwt-microservices}"
}
}
Microservice the Startup.cs
var applicationConfig = Configuration.UseFormater()
.GetSection(nameof(ApplicationConfiguration))
.Get<ApplicationConfiguration>();
Microservice has the ApplicationConfiguration.cs
public class ApplicationConfiguration
{
public bool IsDocker {get; set;}
public string RunLocation {get; set;}
public string AppEnvironment {get; set;}
public string BusConnection {get; set;}
public string DbUser {get; set;}
public string DbPassword {get; set;}
public KvCertificateConfigContainer JwtCertificate { get; set; }
}
Program.cs
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureAppConfiguration(Startup.AddKvCertificatesConfigurations);
webBuilder.UseStartup<Startup>();
});
Startup.cs
public static void AddKvCertificatesConfigurations(WebHostBuilderContext hostingContext, IConfigurationBuilder configurationBuilder)
{
var configBuilder = new ConfigurationBuilder().AddInMemoryCollection();
IHostEnvironment env = hostingContext.HostingEnvironment;
configBuilder.AddJsonFile("appsettings.json", optional: true, reloadOnChange: false)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true, reloadOnChange: false);
configBuilder.AddEnvironmentVariables();
var config = configBuilder.Build();
var options = configuration.GetSection(nameof(AzureKvCertificatesConfigurationOptions))
.Get<AzureKvCertificatesConfigurationOptions>();
var credential = new DefaultAzureCredential(
new DefaultAzureCredentialOptions()
{
ExcludeSharedTokenCacheCredential = true,
ExcludeVisualStudioCodeCredential = true,
ExcludeVisualStudioCredential = true,
ExcludeInteractiveBrowserCredential = true
});
// Adds Azure Key Valt configuration provider.
configurationBuilder.AddAzureKeyVaultCertificates(credential, options);
var optionsSecrets = configuration.GetSection(nameof(AzureKvConfigurationOptions))
.Get<AzureKvConfigurationOptions>();
// Adds Azure Key Valt configuration provider.
configurationBuilder.AddAzureKeyVault(credential, options);
or with shorthand
var applicationConfig = Configuration.GetTypeNameFormatted<ApplicationConfiguration>();
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- Azure.Identity (>= 1.10.4)
- Azure.Security.KeyVault.Certificates (>= 4.5.1)
- Azure.Security.KeyVault.Secrets (>= 4.5.0)
- System.Linq.Async (>= 6.0.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Only supports the net8.0.