KeyVaultSecretProvider Class

Retrieves secrets from Azure Key Vault, failing over to ordinary configuration if not found.

Definition

Namespace: InnerDrive.Azure
Assembly: InnerDrive.Azure (in InnerDrive.Azure.dll) Version: 5.2.9417.0
C#
public class KeyVaultSecretProvider : ISecretProvider, 
	IAsyncDisposable
Inheritance
Object    KeyVaultSecretProvider
Implements
ISecretProvider, IAsyncDisposable

Remarks

The KeyVaultSecretProvider expects the following settings:
SettingPurpose
keyVaultTenantIdThe Azure tenant ID to use by default
keyVaultUrlThe Azure Key Vault URL to use by default
keyVaultSecretProviderThrowExceptionsIf true, the class will throw exceptions on all failures. Default is false. Use only for debugging.
keyVaultSecretProviderTraceIf true, this will turn on native Key Vault tracing. Default is false.
For example:
C#
// appSettings.json
{
   "keyVaultUrl": "https://{your-key-vault-name}.vault.azure.net/",
   "keyVaultTenantId": "{your-tenant-id}",
   "KeyVaultSecretProviderCacheExpirationSeconds": "120",
   "keyVaultSecretProviderThrowExceptions": "true",
   "keyVaultSecretProviderTrace": "true"
}

Constructors

KeyVaultSecretProvider Creates a new instance of KeyVaultSecretProvider

Properties

Configuration Gets the IConfiguration provider used by this class.
KeyVaultTenantId Gets the Azure tenant ID to use connecting to the Azure Key Vault identified by KeyVaultUrl
KeyVaultUrl The URL of the Azure Key Vault to use
ThrowOnFailure If true, exceptions thrown during the normal course of operations will be re-thrown
ThrowOnNotFound If true, the provider will throw a SecretNotFoundException if the secret is not found
TraceKeyVaultActivity If true, turns on tracing in the DefaultAzureCredentialOptions used to connect to Azure Key Vault.

Methods

DisposeAsync Asynchronously disposes resources held by this instance.
DisposeAsyncCore Override point for async disposal in derived classes.
EqualsDetermines whether the specified object is equal to the current object.
(Inherited from Object)
FinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.
(Inherited from Object)
GetHashCodeServes as the default hash function.
(Inherited from Object)
GetSecretAsyncGets a secret configuration value
GetTypeGets the Type of the current instance.
(Inherited from Object)
MemberwiseCloneCreates a shallow copy of the current Object.
(Inherited from Object)
SetSecretAsyncGets a secret configuration value
ToStringReturns a string that represents the current object.
(Inherited from Object)

Fields

CacheExpirationSetting The Configuration setting containing the length of time in seconds to hold a secret in the internal cache
DefaultCacheExpirationSeconds The length of time in seconds to hold a secret in the internal cache if CacheExpirationSetting is not set
KeyVaultTenantIdSettingName Gets the name of the Azure Key Vault Tenant ID setting in appSettings.config
KeyVaultUrlSettingName Gets the name of the Azure Key Vault URL setting in appSettings.config
ThrowExceptionsSettingName The name of the appSettings.config setting that, if true, will cause the KeyVaultSecretProvider to throw exceptions instead of failing silently.
TraceKeyVaultSettingName The name of the appSettings.config setting that, if true, will turn on tracing in the DefaultAzureCredentialOptions used to connect to Azure Key Vault.

See Also