2

我正在尝试创建新的密钥/秘密并使用 C# API 将它们添加到 Azure Key Vault。我真的找不到任何有用的文档或说明如何做到这一点,我一直在尝试类似

keyVaultClient.SetSecretAsync("myKeyVaultUrl", "My test secret", "12345");

这似乎没有做任何事情,但这就是我所拥有的。

对于钥匙,我看到我可以做到

KeyBundle keyBundle = await keyVaultClient.CreateKeyAsync("myKeyVaultUrl", "My Test Key", "RSA");

但同样,我不知道如何处理这个密钥包。

4

4 回答 4

1

此示例应用程序包含可能对您的旅程有所帮助的代码:
https ://www.microsoft.com/en-us/download/details.aspx?id=45343

您还可以使用RESTAzure CliPowerShell来管理 Azure Key Vault 。我相信这是推荐的方式。

于 2016-12-08T20:46:29.423 回答
0

VaultClient.ImportKeyAsync在指定的 Key-Vault 中创建一个新密钥。

    public static void Import()
    {
        KeyVaultClient vaultClient = new KeyVaultClient(GetAccessToken);

        RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(2048);

        var keyBundle = Task.Run(() => vaultClient.ImportKeyAsync("<YOUR BASE VAULT ID>", "ImportedKey", new KeyBundle(new JsonWebKey(rsaProvider, true)), true)).
           ConfigureAwait(false).GetAwaiter().GetResult();
     }

    public static async Task<string> GetAccessToken(string authority, string resource, string scope)
    {
        string AppId = "<YOUR APP ID GUID>";
        string AppSecret = "<YOUR APP SECRET>";

        var authContext = new AuthenticationContext(authority);
        ClientCredential clientCred = new ClientCredential(AppId, AppSecret);
        AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);

        if (result == null)
            throw new InvalidOperationException("Failed to obtain the JWT token");

        return result.AccessToken;
    }

在此处输入图像描述

于 2019-11-18T04:07:40.137 回答
0

您可以使用 CLI 像这样创建它:

az keyvault secret set --vault-name (vaultName) --name (Secretname) --value (actualvalue)

例如:az keyvault secret set --vault-name "MyVault" --name "FBPassword" --value "123"

在此处查看更多信息: https ://docs.microsoft.com/en-us/azure/azure-app-configuration/cli-samples

这里的代码是方法签名:

public static Task<SecretBundle> SetSecretAsync(this IKeyVaultClient operations, string vaultBaseUrl, string secretName, string value, IDictionary<string, string> tags = null, string contentType = null, SecretAttributes secretAttributes = null, CancellationToken cancellationToken = default);

在代码中,您可以:首先设置这些然后

contentType = null; 
SecretAttributes secretAttributes = null;
CancellationToken cancellationToken = default;

SecretBundle secretBundle = await _keyVaultClient.SetSecretAsync(("myKeyVaultUrl", "My test secret", "12345", null, null, cancellationToken);
于 2019-08-06T22:14:37.383 回答
0

在此处查看 Microsoft 示例代码:https ://github.com/Azure-Samples/key-vault-dotnet-authentication

具体来说,KeyVaultAuthSample.cs 的第 80 行创建一个新 Secret 并将其推送到 Azure:https ://github.com/Azure-Samples/key-vault-dotnet-authentication/blob/master/KeyVaultAuthSample.cs#L80

要将密钥包推送到 Azure,请查看 KeyVaultClient.ImportKeyAsync 方法:https ://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.keyvault.keyvaultclientextensions.importkeyasync

于 2018-05-18T17:23:33.353 回答