.NET Web API Clean Architecture - Key Features

  • Fluent Validation

  • Nswag With .NET Core

  • Call an external WCF Sevice

  • Consume RESTFull API

  • Integration test cases

  • Automation test cases

  • Functional Test cases

  • Performance and Load Testing

  • Redis caching

  • Azure Cosmos DB

  • JWT Token Authentication

  • JWT Refresh Token

  • JWT Authorization

  • Azure Blob storage

  • Azure Portal Access

  • Azure DevOps Access

  • Unit Testing and Code Coverage

  • Source Code Analysis

Lab-4: Azure Key Vault configuration in ASP.NET Core REST API


Introduction

This article explains how to use the Azure Key Vault configuration provider to load app configuration values from Azure Key Vault secrets.

Azure Key Vault is a cloud-based service that helps safeguard cryptographic keys and secrets used by apps and services. Common scenarios for using Azure Key Vault with ASP.NET Core apps include:

  • Controlling access to sensitive configuration data.
  • Secretes
  • Certificates

Managed identity : Demonstrates how to use Azure's managed identity to authenticate the app to Azure Key Vault with Azure AD authentication without credentials in the app's code or configuration. An Azure AD Client ID and Secret aren't required for the app to authenticate with Azure Key Vault.

Add package references for the following packages:

  • Azure.Extensions.AspNetCore.Configuration.Secrets
  • Azure.Identity
  • Azure.Security.KeyVault.Secrets
  • Microsoft.Azure.KeyVault
  • Microsoft.Azure.Services.AppAuthentication

Agenda

In this Lab we will accomplish following:

  • Create Azure Key vault service (aklab-kv-dev)

  • Configure Access policies (feedbackservice-kv)

  • Use managed identities for Azure resources

  • Create Keys in the Azure Key vault

  • Install Key vault Nuget packages in the project

  • Configure Key vault in program.cs

  • Read key vault values from API.

  • Cache Key Vault values

  • Configuration Options

  • Use of DefaultAzureCredential method

  • Use of ClientSecretCredential method

  • How to bypasss Key vault locally?

  • Use a key name prefix

  • Configure Key vault name in AppSettings

  • Register a new Azure AD App with a secret

  • keyvault-connector | Certificates & secrets

  • keyvault-connector | API permissions

  • Troubleshooting & fixing following errors

    • Access denied
    • User does not have secrets list permission on key vault

References

An error has occurred. This application may no longer respond until reloaded. Reload 🗙