I recently was tasked with building a boilerplate application to serve as a starting point for new applications for the University of Wisconsin - Superior. Since working with the application development team, I've learned so much about development in C# and using the .NET framework, as well as getting to work more with Microsoft Azure.
I plan to write more tutorials as I progress and learn more, but I wanted to quickly share this info since I really struggled with it, and I did not find any helpful resources online that were straightforward.
The application referenced in this tutorial is an ASP.NET Web Forms Application (.NET Framework).
What you’ll need:
- Key vault created in Azure
- Vault URI
(https://<your-key-vault-name>.vault.azure.net/) - The connection string for your database added as a secret in your key vault
- Name of the Secret that stores your connection string
Prerequisites:
- Ensure you are logged into Visual Studio with the same user account that is used for the database connection.
- Ensure there are no other database connections active (i.e. under connected services, etc.)
- Install the following packages:
- Azure.Core
- Azure.Identity
- Azure.Security.KeyVault.Keys
- Azure.Security.KeyVault.Secrets
Depending on your individual project needs you may need other packages installed as well, but these are the ones required to integrate Azure Key Vault.
Add your Azure Key Vault URI in Web.config file
In the web.config file under <appSettings> you’ll need to add the following code:
<add key="KeyVaultUrl" value="<https://your-keyvault-name.vault.azure.net/>" />
Feel free to change the key to whatever you like, and replace the value with your specific Key Vault URI.
You do have the option to skip this step and just use the URI in your code each time, but I find this is less hassle to save it here and just use the key in the rest of your code where you need it.
Using your secret in the code:
In the boilerplate code, you can see two examples of secret integration in the Contact.aspx.cs file. These are implemented in the btnSend_Click() and btnRetrieve_Click() methods.
In this case, the key value in <appSettings> is the same as the variable name created here.
Example code:
Step 1. In your method, create a variable of type string to store your key vault URI:
string KeyVaultUrl = ConfigurationManager.AppSettings["<your-appsettings-key-name>"];
Step 2. Create another variable of type string to store the name of your secret containing the connection string:
string secretName = "<your-secret-name>";
Step 3. Create a new SecretClient that takes your Key Vault URI and a new DefaultAzureCredential() as parameters. For the new URI() enter your KeyVaultUrl variable from step 1. Create a variable of type KeyVaultSecret and assign to your SecretClient calling GetSecret() on your secretName from step 2.
Step 4. Finally, create a variable of type string to store your connection string by grabbing the value of your KeyVaultSecret from step 3.
That's it! The rest of the code would be tailored to your specific project needs.
Thank you for reading! Hope this was helpful. Please feel free to leave any feedback or questions in the comments.
Connect with me:
Twitter: @sarah_schlueter
Discord: sarahmariedev
Top comments (0)