public static SecretStoreBuilder AddAzureKeyVaultProvider( this SecretStoreBuilder builder, IKeyVaultAuthentication authentication, IKeyVaultConfiguration configuration) { return(builder.AddProvider(new KeyVaultSecretProvider(authentication, configuration))); }
/// <summary> /// Creates an Azure Key Vault Secret provider, connected to a specific Azure Key Vault /// </summary> /// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance</param> /// <param name="vaultConfiguration">Configuration related to the Azure Key Vault instance to use</param> /// <exception cref="ArgumentNullException">The <paramref name="authentication"/> cannot be <c>null</c>.</exception> /// <exception cref="ArgumentNullException">The <paramref name="vaultConfiguration"/> cannot be <c>null</c>.</exception> public KeyVaultSecretProvider(IKeyVaultAuthentication authentication, IKeyVaultConfiguration vaultConfiguration) { Guard.NotNull(vaultConfiguration, nameof(vaultConfiguration)); Guard.NotNull(authentication, nameof(authentication)); VaultUri = $"{vaultConfiguration.VaultUri.Scheme}://{vaultConfiguration.VaultUri.Host}"; _authentication = authentication; }
/// <summary> /// Adds Azure Key Vault as a secret source. /// </summary> /// <param name="builder">The builder to create the secret store.</param> /// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param> /// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param> /// <param name="allowCaching">The flag to indicate whether to include caching during secret retrieval in Azure key vault.</param> public static SecretStoreBuilder AddAzureKeyVault( this SecretStoreBuilder builder, IKeyVaultAuthentication authentication, IKeyVaultConfiguration configuration, bool allowCaching = false) { Guard.NotNull(builder, nameof(builder)); Guard.NotNull(authentication, nameof(authentication)); Guard.NotNull(configuration, nameof(configuration)); return(AddAzureKeyVault(builder, authentication, configuration, allowCaching ? new CacheConfiguration() : null)); }
public KeyVaultSecretProvider(IKeyVaultAuthentication authentication, IKeyVaultConfiguration vaultConfiguration, KeyVaultOptions options, ILogger <KeyVaultSecretProvider> logger) { Guard.NotNull(vaultConfiguration, nameof(vaultConfiguration), "Requires a Azure Key Vault configuration to setup the secret provider"); Guard.NotNull(authentication, nameof(authentication), "Requires an Azure Key Vault authentication instance to authenticate with the vault"); VaultUri = $"{vaultConfiguration.VaultUri.Scheme}://{vaultConfiguration.VaultUri.Host}"; _authentication = authentication; _options = options; _isUsingAzureSdk = false; Logger = logger ?? NullLogger <KeyVaultSecretProvider> .Instance; }
/// <summary> /// Initializes a new instance of the <see cref="KeyVaultSecretProvider"/> class. /// </summary> /// <param name="tokenCredential">The requested authentication type for connecting to the Azure Key Vault instance</param> /// <param name="vaultConfiguration">Configuration related to the Azure Key Vault instance to use</param> /// <param name="options">The additional options to configure the provider.</param> /// <param name="logger">The logger to write diagnostic trace messages during the interaction with the Azure Key Vault.</param> /// <exception cref="ArgumentNullException">The <paramref name="tokenCredential"/> cannot be <c>null</c>.</exception> /// <exception cref="ArgumentNullException">The <paramref name="vaultConfiguration"/> cannot be <c>null</c>.</exception> public KeyVaultSecretProvider(TokenCredential tokenCredential, IKeyVaultConfiguration vaultConfiguration, KeyVaultOptions options, ILogger <KeyVaultSecretProvider> logger) { Guard.NotNull(vaultConfiguration, nameof(vaultConfiguration), "Requires a Azure Key Vault configuration to setup the secret provider"); Guard.NotNull(tokenCredential, nameof(tokenCredential), "Requires an Azure Key Vault authentication instance to authenticate with the vault"); VaultUri = $"{vaultConfiguration.VaultUri.Scheme}://{vaultConfiguration.VaultUri.Host}"; _secretClient = new SecretClient(vaultConfiguration.VaultUri, tokenCredential); _options = options; _isUsingAzureSdk = true; Logger = logger ?? NullLogger <KeyVaultSecretProvider> .Instance; }
public KeyVaultSecretProvider(IKeyVaultAuthentication authentication, IKeyVaultConfiguration vaultConfiguration, KeyVaultOptions options, ILogger <KeyVaultSecretProvider> logger) { Guard.NotNull(vaultConfiguration, nameof(vaultConfiguration), "Requires a Azure Key Vault configuration to setup the secret provider"); Guard.NotNull(authentication, nameof(authentication), "Requires an Azure Key Vault authentication instance to authenticate with the vault"); VaultUri = $"{vaultConfiguration.VaultUri.Scheme}://{vaultConfiguration.VaultUri.Host}"; Guard.For <UriFormatException>( () => !VaultUriRegex.IsMatch(VaultUri), "Requires the Azure Key Vault host to be in the right format, see https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#objects-identifiers-and-versioning"); _authentication = authentication; _options = options; _isUsingAzureSdk = false; Logger = logger ?? NullLogger <KeyVaultSecretProvider> .Instance; }
/// <summary> /// Initializes a new instance of the <see cref="AzureServiceBusKeyRotation"/> class. /// </summary> /// <param name="serviceBusClient">The client to interact with the Azure Service Bus.</param> /// <param name="authentication">The instance to authenticate with the Azure Key Vault.</param> /// <param name="configuration">The instance containing the necessary configuration to interact with the Azure Key Vault.</param> /// <param name="logger">The instance to write diagnostic messages during rotation and interaction with the Azure Service Bus and Azure Key Vault.</param> /// <exception cref="ArgumentNullException"> /// Thrown when the <paramref name="serviceBusClient"/>, <paramref name="authentication"/>, <paramref name="configuration"/>, or <paramref name="logger"/> is <c>null</c>. /// </exception> public AzureServiceBusKeyRotation( AzureServiceBusClient serviceBusClient, IKeyVaultAuthentication authentication, IKeyVaultConfiguration configuration, ILogger logger) { Guard.NotNull(serviceBusClient, nameof(serviceBusClient), "Requires an Azure Service Bus client to interact with the Service Bus when rotating the connection string keys"); Guard.NotNull(authentication, nameof(authentication), "Requires an authentication instance to authenticate with the Azure Key Vault resource to set the new connection string keys"); Guard.NotNull(configuration, nameof(configuration), "Requires an KeyVault configuration instance to locate the Key Vault resource on Azure"); Guard.NotNull(logger, nameof(logger), "Requires an logger instance to write diagnostic trace messages when interacting with the Azure Service Bus and Azure Key Vault instances"); _serviceBusClient = serviceBusClient; _authentication = authentication; _configuration = configuration; _logger = logger; }
/// <summary> /// Adds Azure Key Vault as a secret source. /// </summary> /// <param name="builder">The builder to create the secret store.</param> /// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param> /// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param> /// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param> public static SecretStoreBuilder AddAzureKeyVault( this SecretStoreBuilder builder, IKeyVaultAuthentication authentication, IKeyVaultConfiguration configuration, ICacheConfiguration cacheConfiguration) { Guard.NotNull(builder, nameof(builder)); Guard.NotNull(authentication, nameof(authentication)); Guard.NotNull(configuration, nameof(configuration)); var keyVaultSecretProvider = new KeyVaultSecretProvider(authentication, configuration); if (cacheConfiguration != null) { var cachedSecretProvider = new CachedSecretProvider(keyVaultSecretProvider, cacheConfiguration); return(builder.AddProvider(cachedSecretProvider)); } return(builder.AddProvider(keyVaultSecretProvider)); }
public KeyVaultSecretProvider(IKeyVaultAuthentication authentication, IKeyVaultConfiguration vaultConfiguration) : this(authentication, vaultConfiguration, new KeyVaultOptions(), NullLogger <KeyVaultSecretProvider> .Instance) { }
/// <summary> /// Initializes a new instance of the <see cref="KeyVaultSecretProvider"/> class. /// </summary> /// <param name="tokenCredential">The requested authentication type for connecting to the Azure Key Vault instance</param> /// <param name="vaultConfiguration">Configuration related to the Azure Key Vault instance to use</param> /// <exception cref="ArgumentNullException">The <paramref name="tokenCredential"/> cannot be <c>null</c>.</exception> /// <exception cref="ArgumentNullException">The <paramref name="vaultConfiguration"/> cannot be <c>null</c>.</exception> public KeyVaultSecretProvider(TokenCredential tokenCredential, IKeyVaultConfiguration vaultConfiguration) : this(tokenCredential, vaultConfiguration, new KeyVaultOptions(), NullLogger <KeyVaultSecretProvider> .Instance) { }
/// <summary> /// Initializes a new instance of the <see cref="KeyVaultSecretProvider"/> class. /// </summary> /// <param name="tokenCredential">The requested authentication type for connecting to the Azure Key Vault instance</param> /// <param name="vaultConfiguration">Configuration related to the Azure Key Vault instance to use</param> /// <exception cref="System.ArgumentNullException">The <paramref name="tokenCredential"/> cannot be <c>null</c>.</exception> /// <exception cref="System.ArgumentNullException">The <paramref name="vaultConfiguration"/> cannot be <c>null</c>.</exception> public SpyKeyVaultSecretProvider(TokenCredential tokenCredential, IKeyVaultConfiguration vaultConfiguration) : base(tokenCredential, vaultConfiguration) { }
#pragma warning disable 618 public KeyVaultSecretProvider(IKeyVaultAuthenticator authenticator, IKeyVaultConfiguration vaultConfiguration) : this(new CompatibleKeyVaultAuthentication(authenticator), vaultConfiguration) { }