如何从 Azure Key Vault 获取所有机密,然后使用 ASP.Net Core 加载到配置对象中
How to get all secrets from Azure Key Vault and then load into configuration object using ASP.Net Core
我正在努力将 Azure Key Vault 集成到 ASP.NETCore 2.1 Azure WebJob 中。为此,我尝试将以下代码用于 WebJob。
.NetCore WebJob: Program.cs
private static IConfiguration GetConfiguration(ServiceCollection services)
{
var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
// build config
var configuration = new ConfigurationBuilder()
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile($"appsettings.{environment}.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
var keyVault = configuration.GetSection("KeyVault");
configuration.AddAzureKeyVault(
$"https://{keyVault["Vault"]}.vault.azure.net/",
keyVault["ClientId"],
keyVault["ClientSecret"]);
return configuration;
}
但我收到以下错误:
IConfigurationBuilder Does Not Contain Definition for AddAzureKeyVault
我使用了以下 NuGet 包:
<PackageReference Include="Microsoft.Azure.KeyVault" Version="2.3.2" />
<PackageReference Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="2.1.1" />
如果想在web作业中使用Azure key vault,请参考以下代码
- SDK
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>netcoreapp2.1</TargetFramework>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions" Version="3.0.6" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.Storage" Version="3.0.10" />
<PackageReference Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="2.1.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="2.1.0" />
</ItemGroup>
<ItemGroup>
<None Update="appsettings.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
</ItemGroup>
</Project>
- Program.cs
class Program
{
static async Task Main()
{
var builder = new HostBuilder();
builder.ConfigureWebJobs(b =>
{
b.AddAzureStorageCoreServices();
b.AddAzureStorage();
});
builder.ConfigureLogging((context, b) =>
{
b.AddConsole();
});
var host = builder.Build();
using (host)
{
await host.RunAsync();
}
}
}
- Functions.cs
public class Functions
{
public static void ProcessQueueMessage([QueueTrigger("queue")] string message, ILogger logger)
{
// create IConfigurationRoot to read appsetting.json
IConfigurationRoot configuration = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.Build();
// create IConfigurationRoot to read Azure key vault
IConfigurationRoot config = new ConfigurationBuilder()
.AddAzureKeyVault(
$"https://{configuration["KeyVaultName"]}.vault.azure.net/",
configuration["AzureADApplicationId"],
configuration["AzureADCert"],
new DefaultKeyVaultSecretManager())
.Build();
// read one secret in Azure key vault
var str = config["hurysecret"];
logger.LogInformation(message + "\n str: " +str);
}
}
我正在努力将 Azure Key Vault 集成到 ASP.NETCore 2.1 Azure WebJob 中。为此,我尝试将以下代码用于 WebJob。 .NetCore WebJob: Program.cs
private static IConfiguration GetConfiguration(ServiceCollection services)
{
var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
// build config
var configuration = new ConfigurationBuilder()
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile($"appsettings.{environment}.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
var keyVault = configuration.GetSection("KeyVault");
configuration.AddAzureKeyVault(
$"https://{keyVault["Vault"]}.vault.azure.net/",
keyVault["ClientId"],
keyVault["ClientSecret"]);
return configuration;
}
但我收到以下错误:
IConfigurationBuilder Does Not Contain Definition for AddAzureKeyVault
我使用了以下 NuGet 包:
<PackageReference Include="Microsoft.Azure.KeyVault" Version="2.3.2" />
<PackageReference Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="2.1.1" />
如果想在web作业中使用Azure key vault,请参考以下代码
- SDK
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>netcoreapp2.1</TargetFramework>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions" Version="3.0.6" />
<PackageReference Include="Microsoft.Azure.WebJobs.Extensions.Storage" Version="3.0.10" />
<PackageReference Include="Microsoft.Extensions.Configuration.AzureKeyVault" Version="2.1.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Console" Version="2.1.0" />
</ItemGroup>
<ItemGroup>
<None Update="appsettings.json">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None>
</ItemGroup>
</Project>
- Program.cs
class Program
{
static async Task Main()
{
var builder = new HostBuilder();
builder.ConfigureWebJobs(b =>
{
b.AddAzureStorageCoreServices();
b.AddAzureStorage();
});
builder.ConfigureLogging((context, b) =>
{
b.AddConsole();
});
var host = builder.Build();
using (host)
{
await host.RunAsync();
}
}
}
- Functions.cs
public class Functions
{
public static void ProcessQueueMessage([QueueTrigger("queue")] string message, ILogger logger)
{
// create IConfigurationRoot to read appsetting.json
IConfigurationRoot configuration = new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.Build();
// create IConfigurationRoot to read Azure key vault
IConfigurationRoot config = new ConfigurationBuilder()
.AddAzureKeyVault(
$"https://{configuration["KeyVaultName"]}.vault.azure.net/",
configuration["AzureADApplicationId"],
configuration["AzureADCert"],
new DefaultKeyVaultSecretManager())
.Build();
// read one secret in Azure key vault
var str = config["hurysecret"];
logger.LogInformation(message + "\n str: " +str);
}
}