Example #1
0
        private async Task <string> GetKeyVaultValue(ConfigurationSetting setting)
        {
            // The key vault reference will be in the form of a Uri wrapped in JSON, like so:
            // {"uri":"https://vaultName.vault.azure.net/secrets/secretName"}

            // Content validation - will throw JsonReaderException on failure
            KeyVaultSecretReference secretRef = JsonConvert.DeserializeObject <KeyVaultSecretReference>(setting.Value, KeyVaultSecretReference.s_SerializationSettings);

            // Uri validation - will throw UriFormatException upon failure
            Uri secretUri = new Uri(secretRef.Uri);
            Uri vaultUri  = new Uri(secretUri.GetLeftPart(UriPartial.Authority));

            // TODO: Check to see if SecretClient can take the full uri instead of requiring us to parse out the secretID.
            SecretClient kvClient = GetSecretClient(vaultUri);

            if (kvClient == null && !Optional)
            {
                throw new ConfigurationErrorsException("Could not connect to Azure Key Vault while retrieving secret. Connection is not optional.");
            }

            // Retrieve Value
            KeyVaultSecret kvSecret = await kvClient.GetSecretAsync(secretUri.Segments[2].TrimEnd(new char[] { '/' }));  // ['/', 'secrets/', '{secretID}/']

            if (kvSecret != null && kvSecret.Properties.Enabled.GetValueOrDefault())
            {
                return(kvSecret.Value);
            }

            return(null);
        }
Example #2
0
        ///GENMHASH:AB0BF9D0BEA18CD334AAF69A466D74DB:244EAB58A02E8C0EA8858C0AA028A77B
        public BatchAIJobImpl WithEnvironmentVariableSecretValue(string name, string keyVaultId, string secretUrl)
        {
            KeyVaultSecretReference secretReference = new KeyVaultSecretReference(new Models.ResourceId(keyVaultId), secretUrl);

            EnsureEnvironmentVariablesWithSecrets().Add(new EnvironmentVariableWithSecretValue(name, valueSecretReference: secretReference));
            return(this);
        }
Example #3
0
 internal DiskEncryptionSettings(KeyVaultSecretReference diskEncryptionKey, KeyVaultKeyReference keyEncryptionKey, bool?enabled)
 {
     DiskEncryptionKey = diskEncryptionKey;
     KeyEncryptionKey  = keyEncryptionKey;
     Enabled           = enabled;
 }
Example #4
0
 AzureFileShare.Definition.IWithAttach <BatchAICluster.Definition.IWithCreate> AzureFileShare.Definition.IWithAzureStorageCredentials <BatchAICluster.Definition.IWithCreate> .WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference)
 {
     return(this.WithKeyVaultSecretReference(keyVaultSecretReference) as AzureFileShare.Definition.IWithAttach <BatchAICluster.Definition.IWithCreate>);
 }
Example #5
0
 AzureBlobFileSystem.Definition.IWithAttach <ParentT> AzureBlobFileSystem.Definition.IWithAzureStorageCredentials <ParentT> .WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference)
 {
     return(this.WithKeyVaultSecretReference(keyVaultSecretReference));
 }
Example #6
0
 public AzureFileShareImpl <ParentT> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference)
 {
     EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference;
     return(this);
 }
Example #7
0
 AzureBlobFileSystemImpl <ParentT> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference)
 {
     EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference;
     return(this);
 }
Example #8
0
 public IWithAttach <BatchAICluster.Definition.IWithCreate> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference)
 {
     EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference;
     return(this);
 }