The Raiqub Azure Key Vault Reference NuGet packages simplify the integration of Azure Key Vault with your
.NET applications by providing support for Azure Key Vault references in the IConfiguration system.
🏃 Quickstart | 📗 Guide | 📦 NuGet
- Seamless integration of Azure Key Vault references with
IConfiguration - Easy retrieval of secrets from configuration using Azure Key Vault references
- Support for parsing Azure Key Vault references from strings
Raiqub.AzureKeyVaultReference: provides support for parsing Azure Key Vault references
Raiqub.AzureKeyVaultReference.Configuration: provides support for integrating Azure Key Vault references with
IConfiguration
Before you begin, you'll need the following:
- .NET 6.0 or later SDK installed on your machine
- An IDE such as Visual Studio, Visual Studio Code, or JetBrains Rider
- Azure Key Vault instance with appropriate permissions (Get Secrets)
- Azure credentials configured (the library uses DefaultAzureCredential)
To use the library, you can install the desired NuGet package(s) in your Web project and add the configuration provider. Here's an example of how to add the configuration provider:
var builder = Host.CreateDefaultBuilder(args);
builder.ConfigureAzureKeyVaultReference();or using WebApplication
var builder = WebApplication.CreateBuilder(args);
builder.Host.ConfigureAzureKeyVaultReference();To use the Azure Key Vault Configuration Provider, follow these steps:
-
Set up Azure Key Vault: Ensure you have an Azure Key Vault instance created and the necessary permissions to access it.
-
Install and configure the package: Install the NuGet package and add the necessary configuration to your application.
dotnet add package Raiqub.AzureKeyVaultReference.Configuration
-
Configure Azure Key Vault references: In your
appsettings.jsonfile or any other configuration source, add Azure Key Vault references using the@Microsoft.KeyVaultsyntax. For example:{ "MySecret": "@Microsoft.KeyVault(SecretUri=https://your-keyvault.vault.azure.net/secrets/MySecret)", "OtherSecret": "@Microsoft.KeyVault(VaultName=your-keyvault;SecretName=OtherSecret)" } -
Retrieve configuration values: Access the configuration values as usual using the
IConfigurationinterface. The Azure Key Vault Configuration Provider will automatically fetch the secrets from Azure Key Vault and replace the references with the corresponding values.using System.IO; using Microsoft.Extensions.Configuration; using Raiqub.AzureKeyVaultReference.Configuration; var configuration = new ConfigurationManager() .AddAzureKeyVaultReference(builder => builder .SetBasePath(Directory.GetCurrentDirectory()) .AddJsonFile("appsettings.json")) .Build(); var mySecretValue = configuration["MySecret"];
If you need to parse Azure Key Vault references from strings programmatically, you can use the KeyVaultSecretReference
class provided by this package.
using Raiqub.AzureKeyVaultReference;
var reference = "@Microsoft.KeyVault(SecretUri=https://your-keyvault.vault.azure.net/secrets/MySecret)";
var parsedReference = KeyVaultSecretReference.Parse(reference);
// parsedReference.VaultUri: "https://your-keyvault.vault.azure.net"
// parsedReference.Name: "MySecret"
// parsedReference.Version: nullThis library supports defining a default Key Vault to use when one is not defined on Azure Key Vault reference.
var builder = Host.CreateDefaultBuilder(args);
builder.ConfigureAzureKeyVaultReference(
options => options.GetDefaultVaultNameOrUri = () => Environment.GetEnvironmentVariable("KEYVAULTURI"));or using WebApplication
builder.Host.ConfigureAzureKeyVaultReference(
options => options.GetDefaultVaultNameOrUri = () => Environment.GetEnvironmentVariable("KEYVAULTNAME"));Doing so, the Azure Key Vault reference does not need to specify the Key Vault Name
{
"MySecret": "@Microsoft.KeyVault(SecretName=MySecret)"
}If something is not working for you or if you think that the source file should change, feel free to create an issue or Pull Request. I will be happy to discuss and potentially integrate your ideas!
This library is licensed under the MIT License.