使用 .NET 程序集创建 Azure Key Vault (Microsoft.Azure.KeyVault)
Creating Azure Key Vault using .NET assembly (Microsoft.Azure.KeyVault)
我正在编写一个 .Net 控制台应用程序来创建 Key Vault,但无法在 Microsoft.Azure.KeyVault 程序集中找到 class/method 允许创建 Vault 并将服务主体设置到该 Vault。
谁能告诉我可以用来创建保险库的 assembly/class。
谢谢
出于某种原因,客户端 SDK 中没有这样的功能(或者,至少,即使通过放置在开发工具包)。
有 REST API for Create/Update key vault, so you may create that by using that. Or PowerShell - it is possible to execute Powershell from C#,我尝试这样做 - 它有效,但应该进行测试。
您要查找的class是Microsoft.Azure.Management[=23]中的KeyVaultManagementClient =].KeyVault 命名空间。这是在您可以从 NuGet 获得的管理 KeyVault 程序集中定义的。
执行此操作的主要代码部分如下所示。但是,请注意我已经缩写了一些您必须进一步定义和初始化的内容(属性、订阅凭据等)。如果您想查看完整的解决方案,请查看 .NET Azure SDK, in particular, the KeyVaultManagement.Tests 项目中的示例。
// The resource group to create the vault in.
const string resourceGroupName = "Vaults-Resource-Group";
// The name of the vault to create.
const string vaultName = "web-app-01-vault";
// Define access policies to keys and secrets (abbreviated just to illustrate...)
var accessPolicy = new AccessPolicyEntry
{
ApplicationId = sp,
PermissionsToKeys = new string[] { "all" },
PermissionsToSecrets = new string[] { "backup", "create", "delete" } //etc. just to name a few
};
// Define vault properties (abbreviated just to illustrate...)
VaultProperties vaultProps = new VaultProperties()
{
EnabledForTemplateDeployment = true,
AccessPolicies = new List<AccessPolicyEntry>()
{
accessPolicy
}
};
// Initialize 'create parameters' to create the vault in "West US"
VaultCreateOrUpdateParameters vaultParams = new VaultCreateOrUpdateParameters(vaultProps, "westus");
// Initialize an instance to the mgmt client
// NOTE: Need to initialize creds derived from SubscriptionCloudCredentials
KeyVaultManagementClient mgmtClient = new KeyVaultManagementClient(creds);
// Create the vault
mgmtClient.Vaults.CreateOrUpdateAsync(resourceGroupName, vaultName, vaultParams);
我正在编写一个 .Net 控制台应用程序来创建 Key Vault,但无法在 Microsoft.Azure.KeyVault 程序集中找到 class/method 允许创建 Vault 并将服务主体设置到该 Vault。
谁能告诉我可以用来创建保险库的 assembly/class。
谢谢
出于某种原因,客户端 SDK 中没有这样的功能(或者,至少,即使通过放置在开发工具包)。 有 REST API for Create/Update key vault, so you may create that by using that. Or PowerShell - it is possible to execute Powershell from C#,我尝试这样做 - 它有效,但应该进行测试。
您要查找的class是Microsoft.Azure.Management[=23]中的KeyVaultManagementClient =].KeyVault 命名空间。这是在您可以从 NuGet 获得的管理 KeyVault 程序集中定义的。
执行此操作的主要代码部分如下所示。但是,请注意我已经缩写了一些您必须进一步定义和初始化的内容(属性、订阅凭据等)。如果您想查看完整的解决方案,请查看 .NET Azure SDK, in particular, the KeyVaultManagement.Tests 项目中的示例。
// The resource group to create the vault in.
const string resourceGroupName = "Vaults-Resource-Group";
// The name of the vault to create.
const string vaultName = "web-app-01-vault";
// Define access policies to keys and secrets (abbreviated just to illustrate...)
var accessPolicy = new AccessPolicyEntry
{
ApplicationId = sp,
PermissionsToKeys = new string[] { "all" },
PermissionsToSecrets = new string[] { "backup", "create", "delete" } //etc. just to name a few
};
// Define vault properties (abbreviated just to illustrate...)
VaultProperties vaultProps = new VaultProperties()
{
EnabledForTemplateDeployment = true,
AccessPolicies = new List<AccessPolicyEntry>()
{
accessPolicy
}
};
// Initialize 'create parameters' to create the vault in "West US"
VaultCreateOrUpdateParameters vaultParams = new VaultCreateOrUpdateParameters(vaultProps, "westus");
// Initialize an instance to the mgmt client
// NOTE: Need to initialize creds derived from SubscriptionCloudCredentials
KeyVaultManagementClient mgmtClient = new KeyVaultManagementClient(creds);
// Create the vault
mgmtClient.Vaults.CreateOrUpdateAsync(resourceGroupName, vaultName, vaultParams);