如何使用 Azure.Security.KeyVault 库配置 Azure KeyVault 刷新间隔
How to configure Azure KeyVault refresh interval with the Azure.Security.KeyVault libraries
我正在尝试配置 Key Vault 值的定期刷新。 Visual Studio 生成的原始代码如下所示
var keyvaultEndpoint = new Uri($"https://{vaultName}.vault.azure.net/");
config.AddAzureKeyVault(
keyVaultEndpoint,
new DefaultAzureCredential()
);
我发现其中一种扩展方法接受类型为 AzureKeyVaultConfigurationOptions 的对象,该对象具有名为 ReloadInterval 的 TimeSpan 属性。事实证明,此扩展方法是 Microsoft 旧版 SDK 的一部分,已被替换,如本 . In case the post disappears, the OP encountered this error 中所讨论的,其中讨论了包“Microsoft.Azure.KeyVault”被替换为“Azure.Security.KeyVault”和他们建议转向最新的代码。由于 AzureKeyVaultConfigurationOptions 是 SDK v3 对象,因此不再推荐它。
因此,如果 AzureKeyVaultConfigurationOptions 未包含在新 SDK 中, 设置重新加载间隔的推荐方法是什么?
如您在 document, ReloadInterval is only used for v3. In the version 4.x.x 中所见,对于重试尝试的延迟也有类似的 class。
RetryOptions class is the set of options that can be specified to influence how retry attempts are made, and a failure is eligible to be retried. Delay means the delay between retry attempts for a fixed approach. The following shows how to use it in Secret, it can also used for Certificates and Keys.
SecretClientOptions options = new SecretClientOptions()
{
Retry =
{
Delay= TimeSpan.FromSeconds(2),
MaxDelay = TimeSpan.FromSeconds(16),
MaxRetries = 5,
Mode = RetryMode.Exponential
}
};
var client = new SecretClient(new Uri("https://<your-unique-key-vault-name>.vault.azure.net/"), new DefaultAzureCredential(),options);
KeyVaultSecret secret = client.GetSecret("mySecret");
string secretValue = secret.Value;
实际使用Azure.Extensions.AspNetCore.Configuration.Secrets是可能的。 (使用 1.0.2 测试)
如下:
config.AddAzureKeyVault(
new Uri(Configuration["KeyVault:URI"]),
new DefaultAzureCredential(
new DefaultAzureCredentialOptions
{
ExcludeSharedTokenCacheCredential = true,
VisualStudioTenantId = Configuration["AzureAd:TenantId"]
}),
new AzureKeyVaultConfigurationOptions()
{
ReloadInterval = TimeSpan.FromMinutes(15)
}
);
我正在尝试配置 Key Vault 值的定期刷新。 Visual Studio 生成的原始代码如下所示
var keyvaultEndpoint = new Uri($"https://{vaultName}.vault.azure.net/");
config.AddAzureKeyVault(
keyVaultEndpoint,
new DefaultAzureCredential()
);
我发现其中一种扩展方法接受类型为 AzureKeyVaultConfigurationOptions 的对象,该对象具有名为 ReloadInterval 的 TimeSpan 属性。事实证明,此扩展方法是 Microsoft 旧版 SDK 的一部分,已被替换,如本 AzureKeyVaultConfigurationOptions 是 SDK v3 对象,因此不再推荐它。
因此,如果 AzureKeyVaultConfigurationOptions 未包含在新 SDK 中, 设置重新加载间隔的推荐方法是什么?
如您在 document, ReloadInterval is only used for v3. In the version 4.x.x 中所见,对于重试尝试的延迟也有类似的 class。
RetryOptions class is the set of options that can be specified to influence how retry attempts are made, and a failure is eligible to be retried. Delay means the delay between retry attempts for a fixed approach. The following shows how to use it in Secret, it can also used for Certificates and Keys.
SecretClientOptions options = new SecretClientOptions()
{
Retry =
{
Delay= TimeSpan.FromSeconds(2),
MaxDelay = TimeSpan.FromSeconds(16),
MaxRetries = 5,
Mode = RetryMode.Exponential
}
};
var client = new SecretClient(new Uri("https://<your-unique-key-vault-name>.vault.azure.net/"), new DefaultAzureCredential(),options);
KeyVaultSecret secret = client.GetSecret("mySecret");
string secretValue = secret.Value;
实际使用Azure.Extensions.AspNetCore.Configuration.Secrets是可能的。 (使用 1.0.2 测试)
如下:
config.AddAzureKeyVault(
new Uri(Configuration["KeyVault:URI"]),
new DefaultAzureCredential(
new DefaultAzureCredentialOptions
{
ExcludeSharedTokenCacheCredential = true,
VisualStudioTenantId = Configuration["AzureAd:TenantId"]
}),
new AzureKeyVaultConfigurationOptions()
{
ReloadInterval = TimeSpan.FromMinutes(15)
}
);