ASP.NET (snapshot 2017) Microsoft documentation and samples

Key Vault Configuration Provider sample application (ASP.NET Core 1.x)

This sample illustrates the use of the Azure Key Vault Configuration Provider for ASP.NET Core 1.x. For the ASP.NET Core 2.x sample, see Key Vault Configuration Provider sample application (ASP.NET Core 2.x).

[!NOTE] The configuration provider isn’t available for ASP.NET Core 1.0. If you want to implement the configuration provider and the app is an ASP.NET Core 1.0 app, upgrade the app to 1.1 or later first.

For more information on how the sample works, see the (xref:)Azure Key Vault configuration provider topic.

Using the sample

Create a key vault and set up Azure Active Directory (Azure AD) for the application following the guidance in Get started with Azure Key Vault.

Add secrets to the key vault using the AzureRM Key Vault PowerShell Module available from the PowerShell Gallery, the Azure Key Vault REST API, or the Azure Portal. Secrets are created as either Manual or Certificate secrets. Certificate secrets are certificates for use by apps and services but are not supported by the configuration provider. You should use the Manual option to create name-value pair secrets for use with the configuration provider.
- Simple secrets are created as name-value pairs. Azure Key Vault secret names are limited to alphanumeric characters and dashes.
- Hierarchical values (configuration sections) use -- (two dashes) as a separator in the sample. Colons, which are normally used to delimit a section from a subkey in (xref:)ASP.NET Core configuration, aren’t allowed in secret names. Therefore, two dashes are used and swapped for a colon when the secrets are loaded into the app’s configuration.
- Create two Manual secrets with the following name-value pairs. The first secret is a simple name and value, and the second secret creates a secret value with a section and subkey in the secret name:
  - SecretName: secret_value_1
  - Section--SecretName: secret_value_2
Register the sample app with Azure Active Directory.
Authorize the app to access the key vault. When you use the Set-AzureRmKeyVaultAccessPolicy PowerShell cmdlet to authorize the app to access the key vault, provide List and Get access to secrets with -PermissionsToKeys list,get.

Update the app’s appsettings.json file with the values of Vault, ClientId, and ClientSecret.
Run the sample app, which obtains its configuration values from IConfigurationRoot with the same name as the secret name.

Non-hierarchical values: The value for SecretName is obtained with config["SecretName"].
Hierarchical values (sections): Use : (colon) notation or the GetSection extension method. Use either of these approaches to obtain the configuration value:
- config["Section:SecretName"]
- config.GetSection("Section")["SecretName"]

Comments (

)

Link to this page: //www.vb-net.com/AspNet-DocAndSamples-2017/aspnetcore/security/key-vault-configuration/samples/basic-sample/1.x/README.htm

< THANKS ME>