Skip to content
/ Delinea.Extensions.Provider Public

DevOps Secret Vault configuration provider implementation for Microsoft.Extensions.Configuration. This library enables you to read your application's settings from a Delinea DevOps Secret Vault API. You can use ".AddDelineaSecretVault" extension method on IConfigurationBuilder to add the DSV configuration provider to the configuration builder.

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

newtonCD/Delinea.Extensions.Provider

BranchesTags

Repository files navigation

Leia isto em Português

Delinea.Extensions.Provider

Delinea Secret Vault configuration provider implementation for Microsoft.Extensions.Configuration. This library enables you to read your application's settings directly from Delinea API.

How to use

Check the example project Delinea.Example.Api

To use this library, first you need to have the ClientId and ClientSecret of your application created in the Delinea Secret Vault.

Configuration

  • Edit the Delinea settings (DelineaSecretVaultSettings) in the appsettings.json file.
  • The basic and mandatory configuration items are: BaseAddress, ClientId, ClientSecret e SecretsBasePath.
  • The SecretsBasePath configuration item should contain the path of your application within Delinea, separating the path with colons ( : ). For example: apps:company:app_name:sit

Secrets Storage

  • In the Delinea environment, you should store your application's secrets in JSON format, identical to what is used in the .NET User Secrets. For example, if you have something like this in your application's appsettings.json:
{
 "AzureAdB2E": {
    "Domain": "company.onmicrosoft.com",
    "Instance": "https://login.microsoftonline.com/",
    "TenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  }
}

In the User Secrets format, it will look like this:

{
  "AzureAdB2E:Domain": "company.onmicrosoft.com",
  "AzureAdB2E:Instance": "https://login.microsoftonline.com/",
  "AzureAdB2E:TenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

Or you can also use it in the AKS secrets format like this:

{
  "AzureAdB2E__Domain": "company.onmicrosoft.com",
  "AzureAdB2E__Instance": "https://login.microsoftonline.com/",
  "AzureAdB2E__TenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

Using the Extension in Your Application

To use the Delinea extension into your application, just use the configuration provider "AddDelineaSecretVault" passing the current service collection (builder.Services) as a parameter. See usage example in the Program.cs file of the example API Delinea.Example.Api. Example: builder.Configuration.AddDelineaSecretVault(builder.Services);

Automatic Configuration Update

Internally, the component will instantiate a thread that will periodically (default is 300 seconds) consult the Delinea vault and update the configuration item values, without the need to restart the application. The interval of this polling can be adjusted through the configuration item DelineaSecretVaultSettings:PollingIntervalSeconds.

Exceptions

A DelineaServiceException will be thrown when the configuration items for accessing the Delinea API are not provided, are provided incorrectly, or when there are communication problems with the Delinea API.

About

DevOps Secret Vault configuration provider implementation for Microsoft.Extensions.Configuration. This library enables you to read your application's settings from a Delinea DevOps Secret Vault API. You can use ".AddDelineaSecretVault" extension method on IConfigurationBuilder to add the DSV configuration provider to the configuration builder.

Topics

config library csharp dotnet vault configuration secret-management configuration-management dotnet-core config-server class-library background-service secrets-management secret-vault

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Dec 19, 2023
+ 1 release

Packages

No packages published

Languages