Reputation: 4581
Create new keys and secrets in Azure Key Vault
I am trying to create new keys/secrets and add them to the Azure Key Vault using the C# API. I can't really find any useful documentation or instructions on how to do this, I have been trying something like
keyVaultClient.SetSecretAsync("myKeyVaultUrl", "My test secret", "12345");
which doesn't seem to do anything, but that's about all I have.
For keys, I see that I can do
KeyBundle keyBundle = await keyVaultClient.CreateKeyAsync("myKeyVaultUrl", "My Test Key", "RSA");
but again, I don't know what to do with this key bundle.
Upvotes: 2
Views: 5718
Answers (4)
Reputation: 47570
VaultClient.ImportKeyAsync creates a new key in the specified Key-Vault.
public static void Import()
{
KeyVaultClient vaultClient = new KeyVaultClient(GetAccessToken);
RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(2048);
var keyBundle = Task.Run(() => vaultClient.ImportKeyAsync("<YOUR BASE VAULT ID>", "ImportedKey", new KeyBundle(new JsonWebKey(rsaProvider, true)), true)).
ConfigureAwait(false).GetAwaiter().GetResult();
}
public static async Task<string> GetAccessToken(string authority, string resource, string scope)
{
string AppId = "<YOUR APP ID GUID>";
string AppSecret = "<YOUR APP SECRET>";
var authContext = new AuthenticationContext(authority);
ClientCredential clientCred = new ClientCredential(AppId, AppSecret);
AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);
if (result == null)
throw new InvalidOperationException("Failed to obtain the JWT token");
return result.AccessToken;
}
Upvotes: 0
Reputation: 3097
You can use the CLI to create it like this:
az keyvault secret set --vault-name (vaultName) --name (Secretname) --value (actualvalue)
Eg: az keyvault secret set --vault-name "MyVault" --name "FBPassword" --value "123"
Check here for more information: https://learn.microsoft.com/en-us/azure/azure-app-configuration/cli-samples
In codes here is the method signature:
public static Task<SecretBundle> SetSecretAsync(this IKeyVaultClient operations, string vaultBaseUrl, string secretName, string value, IDictionary<string, string> tags = null, string contentType = null, SecretAttributes secretAttributes = null, CancellationToken cancellationToken = default);
In codes you can: first set these then
contentType = null;
SecretAttributes secretAttributes = null;
CancellationToken cancellationToken = default;
SecretBundle secretBundle = await _keyVaultClient.SetSecretAsync(("myKeyVaultUrl", "My test secret", "12345", null, null, cancellationToken);
Upvotes: 0
Reputation: 1156
See the Microsoft example code here: https://github.com/Azure-Samples/key-vault-dotnet-authentication
specifically, line 80 of KeyVaultAuthSample.cs creates a new Secret and pushes it to Azure: https://github.com/Azure-Samples/key-vault-dotnet-authentication/blob/master/KeyVaultAuthSample.cs#L80
To push a key bundle up to Azure, look at the method KeyVaultClient.ImportKeyAsync: https://learn.microsoft.com/en-us/dotnet/api/microsoft.azure.keyvault.keyvaultclientextensions.importkeyasync
Upvotes: 0
Reputation: 72191
This sample application contains code that might help you on your journey:
https://www.microsoft.com/en-us/download/details.aspx?id=45343
You can also manage Azure Key Vault with REST, Azure Cli, PowerShell. Which is the recommended way, I believe.
Upvotes: 1
Related Questions
- How do I update value of my Secret created in Azure Key Vault using .Net SDK
- How to add multiple keys to Azure Key Vault?
- How to add a Key-Value in a Azure Key Vault?
- Azure Key Vault Add Access Policy with C#
- Azure Key Vault - programmatic creation
- Create Keys in Azure Key Vault by using API
- Create Azure Key Vault C# error remote server returned an error: (403) Forbidden
- Programatically adding Secrets to Key Vault in C#
- Is it possible to create a key vault in Azure via c#
- Creating Azure Key Vault using .NET assembly (Microsoft.Azure.KeyVault)