The 10-Day .Net Aspire Challenge - Day 9: Azure Key Vault
Introduction
.Net Aspire framework is used to develop cloud and production-ready distributed applications. It consists of components to handle cloud-native concerns such as Redis, Postgres etc.
Prerequisites
Install .Net 8
Install Visual Studio 2022 version 17 or higher
.Net Aspire Workload
Container runtime such as Docker Desktop
10 Day .Net Aspire Challenge
Objectives
Learn how to create a starter project using .Net Aspire with the Azure Key Vault.
Github Sample: The solution structure is divided into the following projects
DotnetAspireChallenge.ApiService
DotnetAspireChallenge.AppHost
DotnetAspireChallenge.ServiceDefaults
DotnetAspireChallenge.Web
Getting Started
Step 1: Install the following NuGet package
Install the following Nuget package into the subsequent project “DotnetAspireChallenge.AppHost”
dotnet add package Aspire.Hosting.Azure.KeyVault
In the above project, register the Azure Key Vault
var secrets = builder.ExecutionContext.IsPublishMode
? builder.AddAzureKeyVault("secrets")
: builder.AddConnectionString("secrets");
Note: A keyVault connection string is required, which means an Azure KeyVault service should be UP and RUNNING on the Azure cloud.
Step 2: Install another NuGet package
Install the following Nuget package into the subsequent project “DotnetAspireChallenge.ApiService”
dotnet add package Aspire.Azure.Security.KeyVault
There are two ways to use Azure KeyVault
Using Configuration
Using SecretClient
For Configuration
Register the context of the Program.cs file as follows
builder.Configuration.AddAzureKeyVaultSecrets("secrets")
then retrieve the secrets using the IConfiguration class as follows
public class ExampleService(IConfiguration configuration)
{
string secretValue = configuration["secretKey"];
// Use secretValue ...
}
For SecretClient
Create an extension class and register a minimal API GET method to demonstrate the SecretClient usage in the API Service
public static class AspireKeyVaultExtension
{
public static void MapKeyVaultEndpoint(this WebApplication app)
{
app.MapGet("/vault", async (SecretClient secretClient) =>
{
try
{
// Define the secret name and value
string secretName = "mySecret";
string secretValue = "This is a secret value";
// Set the secret
KeyVaultSecret secret = new KeyVaultSecret(secretName, secretValue);
await secretClient.SetSecretAsync(secret);
return Results.Ok(await secretClient.GetSecretAsync(secretName));
}
catch (RequestFailedException e)
{
Console.WriteLine("HTTP error code {0}: {1}", e.Status, e.ErrorCode);
Console.WriteLine(e.Message);
return Results.Problem($"HTTP error code {e.Status}: {e.Message}");
}
});
}
}
and finally, register in the Program.cs file
app.MapKeyVaultEndpoint();
Add additional connection string properties using the JSON syntax
{
"Aspire": {
"Azure": {
"Security": {
"KeyVault": {
"VaultUri": "YOUR_VAULT_URI",
"DisableHealthChecks": false,
"DisableTracing": true,
"ClientOptions": {
"DisableChallengeResourceVerification": true
}
}
}
}
}
}
Congratulations..!! You’ve successfully integrated the Azure KeyVault component into the .Net Aspire project.
Github Project
GitHub - ssukhpinder/DotnetAspireChallenge: 10 Day .Net Aspire Challenge
More Cheatsheets
Cheat Sheets — .Net
C# Programming🚀
Thank you for being a part of the C# community! Before you leave:
Follow us: Youtube | X | LinkedIn | Dev.to
Visit our other platforms: GitHub
More content at C# Programming
Welcome to Billionaire Club Co LLC, your gateway to a brand-new social media experience! Sign up today and dive into over 10,000 fresh daily articles and videos curated just for your enjoyment. Enjoy the ad free experience, unlimited content interactions, and get that coveted blue check verification—all for just $1 a month!
Account Frozen
Your account is frozen. You can still view content but cannot interact with it.
Please go to your settings to update your account status.
Open Profile Settings