I believe I am following Microsoft recommended methodology and that I have the components required but can't figure out how to pull it together.
My am using Azure App Configuration service to store a key vault key (along with other configuration settings) and the Key Vault service to supply a database connection string that contains Azure SQL Server username/password)
I have separate working project/solutions (ASP.NET Core MVC) for the following:
- A working Azure web app with Azure SQL DB functionality that outputs CRUD & table data
- A working Azure web app that outputs a string 'secret' using Azure App Configuration for the key & Key Vault for the secret
- I have used Managed ID to access all Azure resources
Using a test app I can output the dummy configuration data from my Azure App Configuration & Key Vault services using code from 3 project files:
- Program.cs
webBuilder.ConfigureAppConfiguration((context, config) - appsettings.json
"AzureAppConfigurationEndpoint": "https://xxxxxxxxxx.azconfig.io" - /Views/~/razor page
@Configuration["TestApp:Settings:KeyVaultDbString"]
My db app accesses the db connection string using code in these files:
- Startup.cs
public void ConfigureServices(IServiceCollection services) - appsettings.json
"DefaultConnection":"Server=tcp:xxxx.database.windows.net,1433;XXXXXXX"
I want to upgrade my db app to use the connection string configuration value supplied by the test app. Therefore the plan is:
Incorporate code from test app Program.cs into db app Program.cs. I don't see a problem with this.
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureAppConfiguration((context, config) =>
{
var settings = config.Build();
var appConfigurationEndpoint = settings["AzureAppConfigurationEndpoint"];
config.AddAzureAppConfiguration(options =>
{
options.Connect(new Uri(appConfigurationEndpoint), new DefaultAzureCredential());
options.ConfigureKeyVault(kv =>
{
kv.SetCredential(new DefaultAzureCredential());
});
});
webBuilder.UseStartup<Startup>();
});
});
But. At this point I don't know how to access the ["TestApp:Settings:KeyVaultDbString"] configuration data in Startup.cs. To supply the "KeyVaultDbString" as a substitute for my "DefaultConnection".
This is the existing code:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddControllersWithViews();
// this code is responsible for login-intercept required for solution
services.AddAuthorization(options =>
{
options.FallbackPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
});
}
While accessing the Azure configuration data from a view page is easy using @Configuration["TestApp:Settings:KeyVaultMessage"] How do I access when I configure services in my Startup.cs?
I have read Configuration in ASP.NET Core. I understand the following:
- Azure App Configuration & Key Vault are configuration providers (like appsettings, environment variables & those supplied on the command line)
- The section under 'Connection string prefixes' is relevant but there are no code examples
- The section under Custom configuration provider details options building which may be required for my situation
- The sections under 'Access configuration in Startup' & 'Access configuration in Razor Pages' seems to relate directly to the syntax I am using. But still leaves me wondering how to separate my string from it's label for using as "DefaultConnection" for my db app.
Any suggestions would be appreciated.
