aspnetcore-secrets-replacement-azure-keyvault 1.0.0

dotnet add package aspnetcore-secrets-replacement-azure-keyvault --version 1.0.0
NuGet\Install-Package aspnetcore-secrets-replacement-azure-keyvault -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="aspnetcore-secrets-replacement-azure-keyvault" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add aspnetcore-secrets-replacement-azure-keyvault --version 1.0.0
#r "nuget: aspnetcore-secrets-replacement-azure-keyvault, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install aspnetcore-secrets-replacement-azure-keyvault as a Cake Addin
#addin nuget:?package=aspnetcore-secrets-replacement-azure-keyvault&version=1.0.0

// Install aspnetcore-secrets-replacement-azure-keyvault as a Cake Tool
#tool nuget:?package=aspnetcore-secrets-replacement-azure-keyvault&version=1.0.0

aspnetcore-secrets-replacement

Provides a default implementation of a string replacement service that replaces keys with values and an implementation of a key replacement service that abstracts Azure Key Vault.

Usage

First, download the nuget package at ...TBD... Then follow the samples project and copy the following information from the project:

**appsettings.json ** - Register the settings needed for the key vault replacement service and any of your services. The sample project leverages the IOptions pattern, which is not absolutely required, but highly recommended as a best practice for configuration management.

{
  "SampleConfigurationSettings": {
    "AccountName": "MyAccount",
    "AccountKey": "{{KeyVaultKey}}" //This value will be replaced by a call to Azure Key Vault during Startup if configured properly
                                    //Use double-bracket syntax with the key inside to indicate the key should be replaced with the value.
  },
  "AzureKeyVaultConfigurationSettings": {
    "VaultUri": "",                 //Required (example: https://my-key-vault-service.vault.azure.net/)
    "UseManagedIdentity": true,     //Always set to 'true' when deployed to Azure
                                    //IMPORTANT: These settings are not recommended for deployed environments
    "TenantId": "",                 //When 'UseManagedIdentity' is false, this allows a localhost to connect to Key Vault directly
    "ClientId": "",                 //When 'UseManagedIdentity' is false, this allows a localhost to connect to Key Vault directly
    "ClientSecret": ""              //When 'UseManagedIdentity' is false, this allows a localhost to connect to Key Vault directly
  }
}

**Startup.cs **- Copy the registration of the ISecretsReplacementService, ISecretsRetrievalService, and get a copy of the secrets replacement services that will be used to replace values in other injected services.

//****************************************************
//****************************************************
//Secrets Replacement
//****************************************************
//****************************************************
//Add singleton will ensure Azure Key Vault is called once at startup. 
//When rotating keys, the web app will need to be recycled
services.AddSingleton<ISecretsReplacementService, DefaultSecretsReplacementService>();
services.AddSingleton<ISecretsRetrievalService, AzureKeyVaultSecretsRetrievalService>();

//Get an instance of the replacement service to replace keys in other services.
var secretsReplacementService =
	(ISecretsReplacementService)services
	.BuildServiceProvider()
	.GetService<ISecretsReplacementService>();

By getting a copy of the secrets replacement service, you can then use it later in this method to override other settings properties in other services.

//****************************************************
//****************************************************
//My Service
//****************************************************
//****************************************************

services.Configure<SampleConfigurationSettings>(options => {
	Configuration.GetSection("SampleConfigurationSettings").Bind(options);

	//Replace key with call to secrets management
	options.AccountKey = secretsReplacementService.Replace(options.AccountKey).Result;
});

services.AddSingleton<ISampleService, SampleService>();

Replace the SampleConfigurationSettings, ISampleService, and SampleService with your services. Again, this setup assumes you are using Microsoft'IOptions pattern. You could, however, choose to inject the ISecretsReplacementService directly into your service and perform the replacement there against standard IConfiguration[""] properties. However, having all configuration done in 2 files - appsettings.json and Startup.cs - and then having strong typing for configuration properties is really beneficial.

Samples

The project aspnetcore-secrets-replacement-tests contains a sample project that includes registering the key vault service in appsettings.json and Startup.cs, as well as using the key vault replacement service to replace other settings in the appsettings.json and the Startup.cs file.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.0 462 4/22/2020