« SecretsManager » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
Ligne 26 : Ligne 26 :
</kode>
</kode>


= [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load .NET configuration from Secrets Manager] =
= [https://aws.amazon.com/blogs/modernizing-with-aws/how-to-load-net-configuration-from-aws-secrets-manager/ Load configuration from Secrets Manager using a ConfigurationProvider] =
<filebox fn='AmazonSecretsManagerConfigurationProvider.cs' collapsed>
<filebox fn='AmazonSecretsManagerConfigurationProvider.cs' collapsed>
public class AmazonSecretsManagerConfigurationProvider : ConfigurationProvider
public class AmazonSecretsManagerConfigurationProvider(string secretName) : ConfigurationProvider
{
{
    private readonly string secretName;
    public AmazonSecretsManagerConfigurationProvider(string secretName)
    {
        this.secretName = secretName;
    }
     public override void Load()
     public override void Load()
     {
     {
Ligne 50 : Ligne 43 :
         };
         };


         using (var client = new AmazonSecretsManagerClient())
         using var client = new AmazonSecretsManagerClient()
         {
         var response = client.GetSecretValueAsync(request).Result;
            var response = client.GetSecretValueAsync(request).Result;
        return response.SecretString;
            return response.SecretString;
        }
     }
     }
}
}
</filebox>
</filebox>


<filebox fn='AmazonSecretsManagerConfigurationSource.cs' collapsed>
<filebox fn='AmazonSecretsManagerConfigurationSource.cs'>
public class AmazonSecretsManagerConfigurationSource : IConfigurationSource
public class AmazonSecretsManagerConfigurationSource(string secretName) : IConfigurationSource
{
{
    private readonly string secretName;
    public AmazonSecretsManagerConfigurationSource(string secretName)
    {
        this.secretName = secretName;
    }
     public IConfigurationProvider Build(IConfigurationBuilder builder)
     public IConfigurationProvider Build(IConfigurationBuilder builder)
    {
         => new AmazonSecretsManagerConfigurationProvider(this.secretName);
         return new AmazonSecretsManagerConfigurationProvider(this.secretName);
    }
}
}
</filebox>
</filebox>


<filebox fn='ConfigurationBuilderExtensions.cs' collapsed>
<filebox fn='ConfigurationBuilderExtensions.cs'>
public static class ConfigurationBuilderExtensions
public static class ConfigurationBuilderExtensions
{
{
     public static void AddAmazonSecretsManager(
     public static void AddAmazonSecretsManager(this IConfigurationBuilder configurationBuilder, string secretName)
        this IConfigurationBuilder configurationBuilder, string secretName)
     {
     {
         var configurationSource = new AmazonSecretsManagerConfigurationSource(secretName);
         var configurationSource = new AmazonSecretsManagerConfigurationSource(secretName);
Ligne 91 : Ligne 72 :
builder.Configuration.AddAmazonSecretsManager("Secret name");
builder.Configuration.AddAmazonSecretsManager("Secret name");


// inject an object which contains the secrets
builder.Services.Configure<MySecrets>(builder.Configuration);
// load the secrets from the configuration into the MySecret object
var mySecrets = configuration.Get<MaiaSecrets>();
// get a secret from a configuration key
var secretValue = builder.Configuration["Secret key"];
var secretValue = builder.Configuration["Secret key"];
</filebox>
</filebox>

Version du 12 juillet 2024 à 13:12

Links

Load all the secrets into a dictionary

Nuget packages: AWSSDK.SecretsManager AWSSDK.SSO AWSSDK.SSOOIDC

Cs.svg
var secretsManagerConfig = new AmazonSecretsManagerConfig()
{
    Profile = new Profile("MyProfile"),
    RegionEndpoint = RegionEndpoint.EUCentral1
};
var secretsManager = new AmazonSecretsManagerClient(secretsManagerConfig);

var request = new GetSecretValueRequest
{
    SecretId = "MySecretName"
};

var response = await secretsManager.GetSecretValueAsync(request);

var secret = JsonConvert.DeserializeObject<Dictionary<string, string>>(response.SecretString);

return secret;

Load configuration from Secrets Manager using a ConfigurationProvider

AmazonSecretsManagerConfigurationProvider.cs
public class AmazonSecretsManagerConfigurationProvider(string secretName) : ConfigurationProvider
{
    public override void Load()
    {
        var secret = GetSecret();
        Data = JsonSerializer.Deserialize<Dictionary<string, string>>(secret)!;
    }

    private string GetSecret()
    {
        var request = new GetSecretValueRequest
        {
            SecretId = this.secretName
        };

        using var client = new AmazonSecretsManagerClient()
        var response = client.GetSecretValueAsync(request).Result;
        return response.SecretString;
    }
}
AmazonSecretsManagerConfigurationSource.cs
public class AmazonSecretsManagerConfigurationSource(string secretName) : IConfigurationSource
{
    public IConfigurationProvider Build(IConfigurationBuilder builder)
        => new AmazonSecretsManagerConfigurationProvider(this.secretName);
}
ConfigurationBuilderExtensions.cs
public static class ConfigurationBuilderExtensions
{
    public static void AddAmazonSecretsManager(this IConfigurationBuilder configurationBuilder, string secretName)
    {
        var configurationSource = new AmazonSecretsManagerConfigurationSource(secretName);
        configurationBuilder.Add(configurationSource);
    }
}
Program.cs
builder.Configuration.AddAmazonSecretsManager("Secret name");

// inject an object which contains the secrets
builder.Services.Configure<MySecrets>(builder.Configuration);

// load the secrets from the configuration into the MySecret object
var mySecrets = configuration.Get<MaiaSecrets>();

// get a secret from a configuration key
var secretValue = builder.Configuration["Secret key"];