Base solution for your next web application
Open Closed

Azure key vault on 6.8.0 #9544


User avatar
0
BobIngham created

dotnet core, angular, aspnet framework, Zero 6.8.0 I apologise for asking a question about such an old version of the product but an upgrade when we are so close to general market is out of the question! Having said this I would like to upgrade my Zero 6.8.0 system version to run with Azure's Key Vault. Am I correct that if I make the changes here: Added Azure Vault Configuration Provider support and follow the instructions here: Azure Key Vault Support and here: Using Azure Key Vault with ASP.NET Core that I should be able to implement? Is there any need for the plumbing outlined here: Azure Vault Configuration Provider or here: Azure Vault - Configuration Provider?

Any help, guidance or gotchas gratefully received.


8 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    hi @bobingham

    I think there is no problem, you can try it, if you encounter any problems, Please feel free to feedback. : )

  • User Avatar
    0
    BobIngham created

    @maliming, thanks. We are scripting to move to a new Azure tenant to give us front line support from Microsoft with support from ClearCloud. We have been advised to move to Azure Key Vault/Appconfig. We can't move to azure.appconfig because Volosoft have never updated from aspnet framework 4.6 and azure..appconfig requires a minimum of 4.7. I would very much appreciate any support you can give as we migrate from one Azure tenant to another and, at the same time, try to apply Key Vault. I will keep you updated and would appreciate your support whilst this migration is happening.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Thanks for the feedback @bobingham, we will do our best to help you :)

  • User Avatar
    0
    BobIngham created

    Hi Guys, Still banging my head against a wall with this one. I have a branch with all commits at [resolves #3217: Added Azure Vault Configuration Provider support](https://github.com/aspnetzero/aspnet-zero-core/commit/c9d3b3b8617d65a5a46e52740e97fe786f52bf6e). My infrastructure guys have set me up with a Key Vault with all sensitive information and supplied me with the ClientId and ClientSecret. My code hits AppAzureKeyVaultConfigurer early in the startup process and successfully hits the following code block:

                else if (azureKeyVaultConfiguration.UsesManagedIdentity())
                {
                    builder.AddAzureKeyVault(
                        azureKeyVaultUrl,
                        azureKeyVaultConfiguration.ClientId,
                        azureKeyVaultConfiguration.ClientSecret, new DefaultKeyVaultSecretManager());
                }
    

    However, the return from ProjectnameConnectionStringResolver.GetNameOrConnectionString() returns the value from appsettings.json and not from the Key Vault. I am currently in the development environment, would this make a difference? If so how do I test? Any advice on what I should do or look out for from here?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @bobingham,

    Do you use IConfiguration to access configuration in ProjectnameConnectionStringResolver ? Like this one https://github.com/aspnetzero/aspnet-zero-core/issues/3217#issuecomment-630731564 ?

  • User Avatar
    0
    BobIngham created

    Hi @ismcagdas, Thanks for getting back. I'm going to reach out to our partner and Zero customer, Synapsis Software. How do I add a second developer account to Zero's github pages and forum?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    For GitHub, you can add here. For, support website, you can send an email to [email protected].

    Thanks,

  • User Avatar
    0
    BobIngham created

    Hi @ismcagdas, I reached out to people how are better than me at this to no avail. Given my implementation of Zero (6.8.0) using aspnet framework 4.6 running dotnet core 2.2 I am concluding this is not possible. I understand your reluctance to support this framework so I'm closing this one. The solution is to upgrade my Zero version.