public class KeyVaultSecretProvider : ISecretProvider,
IAsyncDisposable| Setting | Purpose |
|---|---|
| keyVaultTenantId | The Azure tenant ID to use by default |
| keyVaultUrl | The Azure Key Vault URL to use by default |
| keyVaultSecretProviderThrowExceptions | If true, the class will throw exceptions on all failures. Default is false. Use only for debugging. |
| keyVaultSecretProviderTrace | If true, this will turn on native Key Vault tracing. Default is false. |
// appSettings.json
{
"keyVaultUrl": "https://{your-key-vault-name}.vault.azure.net/",
"keyVaultTenantId": "{your-tenant-id}",
"KeyVaultSecretProviderCacheExpirationSeconds": "120",
"keyVaultSecretProviderThrowExceptions": "true",
"keyVaultSecretProviderTrace": "true"
}| KeyVaultSecretProvider | Creates a new instance of KeyVaultSecretProvider |
| Configuration | Gets the IConfiguration provider used by this class. |
| KeyVaultTenantId | Gets the Azure tenant ID to use connecting to the Azure Key Vault identified by KeyVaultUrl |
| KeyVaultUrl | The URL of the Azure Key Vault to use |
| ThrowOnFailure | If true, exceptions thrown during the normal course of operations will be re-thrown |
| ThrowOnNotFound | If true, the provider will throw a SecretNotFoundException if the secret is not found |
| TraceKeyVaultActivity | If true, turns on tracing in the DefaultAzureCredentialOptions used to connect to Azure Key Vault. |
| DisposeAsync | Asynchronously disposes resources held by this instance. |
| DisposeAsyncCore | Override point for async disposal in derived classes. |
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object) |
| Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object) |
| GetHashCode | Serves as the default hash function. (Inherited from Object) |
| GetSecretAsync | Gets a secret configuration value |
| GetType | Gets the Type of the current instance. (Inherited from Object) |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object) |
| SetSecretAsync | Gets a secret configuration value |
| ToString | Returns a string that represents the current object. (Inherited from Object) |
| CacheExpirationSetting | The Configuration setting containing the length of time in seconds to hold a secret in the internal cache |
| DefaultCacheExpirationSeconds | The length of time in seconds to hold a secret in the internal cache if CacheExpirationSetting is not set |
| KeyVaultTenantIdSettingName | Gets the name of the Azure Key Vault Tenant ID setting in appSettings.config |
| KeyVaultUrlSettingName | Gets the name of the Azure Key Vault URL setting in appSettings.config |
| ThrowExceptionsSettingName | The name of the appSettings.config setting that, if true, will cause the KeyVaultSecretProvider to throw exceptions instead of failing silently. |
| TraceKeyVaultSettingName | The name of the appSettings.config setting that, if true, will turn on tracing in the DefaultAzureCredentialOptions used to connect to Azure Key Vault. |