Azure Key Vault Configuration And Implementation Using .NET Core 7 Web API

Jaydeep Patil
Feb 06, 2023

27.5k
0
6
- facebook
- twitter
- linkedIn
- Reddit
- WhatsApp
- Email
- Print
- Other Artcile

In this article, we are going to discuss Azure Key Vault introduction, configuration, and step-by-step implementation using .NET Core 7 Web API.

Agenda

Introduction
Implementation
Azure Key Vault Setup

Prerequisites

Visual Studio 2022
Azure Account
.NET Core 7

Introduction

Azure Key Vault manages and stores data securely like passwords, certificates, and other credentials.
It provides centralized storage in which we can manage our all credentials.

Azure Key Vault Configuration and Implementation using .NET Core 7 Web API
Fig - Key Vault Diagram from Microsoft Documentation

There are many scenarios in which we store our sensitive information like database connection strings and passwords inside our codebase but that may cause in the future because sometimes wrong people can access it.
Key Vault provides centralized storage and also, and we can monitor and keep track of access and usage of our secrets.

Implementation

Step 1

Create a new .NET Core Web API

Azure Key Vault Configuration and Implementation using .NET Core 7 Web API

Step 2

Configure application

Azure Key Vault Configuration and Implementation using .NET Core 7 Web API

Step 3

Provide additional information

Azure Key Vault Configuration and Implementation using .NET Core 7 Web API

Step 4

Install the following NuGet Package

Azure Key Vault Configuration and Implementation using .NET Core 7 Web API

Step 5

Create some environmental variables inside the app settings JSON file

{
    "Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft.AspNetCore": "Warning"
        }
    },
    "AllowedHosts": "*",
    "KeyVaultConfiguration": {
        "KeyVaultURL": "",
        "ClientId": "",
        "ClientSecret": ""
    }
}

Step 6

Next, register a service inside the Program class

using Microsoft.Extensions.Configuration.AzureKeyVault;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Host.ConfigureAppConfiguration((context, config) => {
    var settings = config.Build();
    var keyVaultURL = settings["KeyVaultConfiguration:KeyVaultURL"];
    var keyVaultClientId = settings["KeyVaultConfiguration:ClientId"];
    var keyVaultClientSecret = settings["KeyVaultConfiguration:ClientSecret"];
    config.AddAzureKeyVault(keyVaultURL, keyVaultClientId, keyVaultClientSecret, new DefaultKeyVaultSecretManager());
});
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment()) {
    app.UseSwagger();
    app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
app.Run();

Step 7

Create a secrets controller just for demo purposes to access a list of secrets we will create

using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
namespace AzureKeyVaultDemo.Controllers {
    [Route("api/[controller]")]
    [ApiController]
    public class SecretsController: ControllerBase {
        private readonly IConfiguration _configuration;
        public SecretsController(IConfiguration configuration) {
                _configuration = configuration;
            }
            [HttpGet]
        public List < string > Get() {
            List < string > result = new List < string > () {
                _configuration["DatabaseConnectionString"],
                    _configuration["RedisCache"]
            };
            return result;
        }
    }
}