Reputation: 371
Store secrets from appsettings.json file in .Net Console Application on Azure Key Vault
I have a .Net Core console application which retrieves raw data, then applies a Kusto query and finally uploads them on azure. I have the client secrets stored in the appsettings.json file. However, this is not a good practice since they should never be stored there. I would like to know how can I store the following information on Azure Key Vaults (BlobConnectionString, KustoConnectionString, ClientId, ClientSecret, ApplicationInsights Instrumentation Key) which are found in the appsettings.json file. I found several documentations about azure key vaults related to .Net Core Web Apps but I didn't find anything related to Console Applications. What are the exact steps to do so? Should I first create a key vault service. Or should I do something before? What should I do then with the values of the keys mentioned above in the appsettings.json and is there a code sample which is ready used to directly retrieve the values stored in the Key Vaults so when I execute my code it will normally work like before.
I would really appreciate it if someone can give me an idea how to do that and if there are any previous code samples related to the same subject.
Upvotes: 2
Views: 2572
Answers (1)
Reputation: 11889
KeyVault can be added to any .net core application by using AddAzureKeyVault, and then accessing it in exactly the same way as other configuration providers (File: appsettings.json, UserSecrets, Environment variables).
Full example: https://learn.microsoft.com/en-us/aspnet/core/security/key-vault-configuration?view=aspnetcore-6.0
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureAppConfiguration((context, config) =>
{
config.AddAzureKeyVault(
new SecretClient(
new Uri("Your Key Vault Endpoint"),
new DefaultAzureCredential()),
new AzureKeyVaultConfigurationOptions())
{
...
});
})
Upvotes: 4
Related Questions
- Fetching KeyVault values through App Configuration
- Retrieving secrets from KeyVault defined in appsettings
- Using KeyVault secrets to override appsettings in Azure App Service and locally
- How can access secrets like app-settings and connection-strings in web.config, from Azure key Vault using a Web-app hosted at on-premise IIS
- How to get AzureKeyVault Secret without storing the ClientSecret in appsettings.json?
- appsettings.json copied, passed or published to Azure App Service configuration?
- App Settings config section from Azure Key Vault
- .net 5, secrets.json, appsettings.json and Azure Application Settings
- Store appsettings.json in Azure App Service Web App
- How to authenticate app with Azure Key Vault without storing keys in code or appconfig?