public void Configure(IWebJobsBuilder builder) { var tempProvider = builder.Services.BuildServiceProvider(); var config = tempProvider.GetRequiredService <IConfiguration>(); builder.AddAzureKeyVault(config["AzureKeyVault_Uri"]); }
public void Configure(IWebJobsBuilder builder) { var tempProvider = builder.Services.BuildServiceProvider(); var config = tempProvider.GetRequiredService <IConfiguration>(); // NOTE: This is *only* for local dev & demos - as we now have a secret in our code... again ;-( // For production use a MSI builder.AddAzureKeyVault(config["KeyVaultUrl"], config["KeyVaultClientId"], config["KeyVaultClientSecret"]); }
/// <summary> /// Adds an <see cref="T:Microsoft.Extensions.Configuration.IConfigurationProvider" /> that reads configuration values from the Azure KeyVault using Managed Service Identity. /// </summary> /// <param name="builder">The <see cref="IWebJobsBuilder" /> to add to.</param> /// <param name="vault">The Azure KeyVault uri.</param> /// <returns></returns> public static IWebJobsBuilder AddAzureKeyVault(this IWebJobsBuilder builder, string vault) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (String.IsNullOrWhiteSpace(vault)) { throw new ArgumentException("Vault can not be null or whitespace.", nameof(vault)); } return(builder.AddAzureKeyVault(configurationBuilder => { var azureServiceTokenProvider = new AzureServiceTokenProvider(); var callback = new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback); var keyVaultClient = new KeyVaultClient(callback, new HttpClient()); configurationBuilder.AddAzureKeyVault(vault, keyVaultClient, new DefaultKeyVaultSecretManager()); return keyVaultClient; })); }