Skip to content

Instantly share code, notes, and snippets.

@manoj-choudhari-git

manoj-choudhari-git/Program.cs

Created June 13, 2020 13:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save manoj-choudhari-git/7ae3f418102b2d2105df8dc63f3c9b35 to your computer and use it in GitHub Desktop.
Save manoj-choudhari-git/7ae3f418102b2d2105df8dc63f3c9b35 to your computer and use it in GitHub Desktop.
Download ZIP
User assigned managed identity for accessing key vault
Raw
Program.cs
public class Program
{
public static void Main(string[] args)
{
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureAppConfiguration((context, config) =>
{
var keyVaultEndpoint = GetKeyVaultEndpoint();
if (!string.IsNullOrEmpty(keyVaultEndpoint))
{
// Get clientId of the user assigned managed identity
// Use it as AppId in below string
var connectionString = "RunAs=App;AppId=43b276c5-9441-4643-87e4-3807b9c3933e";
var azureServiceTokenProvider = new AzureServiceTokenProvider(connectionString);
var keyVaultClient = new KeyVaultClient(
new KeyVaultClient.AuthenticationCallback(
azureServiceTokenProvider.KeyVaultTokenCallback));
config.AddAzureKeyVault(keyVaultEndpoint, keyVaultClient, new DefaultKeyVaultSecretManager());
}
})
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
});
private static string GetKeyVaultEndpoint() => "https://<<your-key-vault>>.vault.azure.net";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment