Introduction

.Net Aspire framework is used to develop cloud and production-ready distributed applications. It consists of components to handle cloud-native concerns such as Redis, Postgres etc.

Prerequisites

• Install .Net 8
• Install Visual Studio 2022 version 17 or higher
• .Net Aspire Workload
• Container runtime such as Docker Desktop 10 Day .Net Aspire Challenge

Objectives

Learn how to create a starter project using .Net Aspire with the Azure Key Vault.

Github Sample: The solution structure is divided into the following projects

• DotnetAspireChallenge.ApiService
• DotnetAspireChallenge.AppHost
• DotnetAspireChallenge.ServiceDefaults
• DotnetAspireChallenge.Web

Getting Started

Step 1: Install the following NuGet package

Install the following Nuget package into the subsequent project “DotnetAspireChallenge.AppHost”

dotnet add package Aspire.Hosting.Azure.KeyVault

In the above project, register the Azure Key Vault

    var secrets = builder.ExecutionContext.IsPublishMode
        ? builder.AddAzureKeyVault("secrets")
        : builder.AddConnectionString("secrets");

Note: A keyVault connection string is required, which means an Azure KeyVault service should be UP and RUNNING on the Azure cloud.

Step 2: Install another NuGet package

Install the following Nuget package into the subsequent project “DotnetAspireChallenge.ApiService”

dotnet add package Aspire.Azure.Security.KeyVault

There are two ways to use Azure KeyVault

• Using Configuration
• Using SecretClient

For Configuration

Register the context of the Program.cs file as follows

    builder.Configuration.AddAzureKeyVaultSecrets("secrets")

then retrieve the secrets using the IConfiguration class as follows

    public class ExampleService(IConfiguration configuration)
    {
        string secretValue = configuration["secretKey"];
        // Use secretValue ...
    }

For SecretClient

Create an extension class and register a minimal API GET method to demonstrate the SecretClient usage in the API Service

    public static class AspireKeyVaultExtension
    {
    
        public static void MapKeyVaultEndpoint(this WebApplication app)
        {
            app.MapGet("/vault", async (SecretClient secretClient) =>
            {
    
                try
                {
                    // Define the secret name and value
                    string secretName = "mySecret";
                    string secretValue = "This is a secret value";
    
                    // Set the secret
                    KeyVaultSecret secret = new KeyVaultSecret(secretName, secretValue);
    
                    await secretClient.SetSecretAsync(secret);
                    return Results.Ok(await secretClient.GetSecretAsync(secretName));
    
                }
                catch (RequestFailedException e)
                {
                    Console.WriteLine("HTTP error code {0}: {1}", e.Status, e.ErrorCode);
                    Console.WriteLine(e.Message);
                    return Results.Problem($"HTTP error code {e.Status}: {e.Message}");
                }
            });
        }
    }

and finally, register in the Program.cs file

    app.MapKeyVaultEndpoint();

Add additional connection string properties using the JSON syntax

    {
      "Aspire": {
        "Azure": {
          "Security": {
            "KeyVault": {
              "VaultUri": "YOUR_VAULT_URI",
              "DisableHealthChecks": false,
              "DisableTracing": true,
              "ClientOptions": {
                "DisableChallengeResourceVerification": true
              }
            }
          }
        }
      }
    }

Congratulations..!! You’ve successfully integrated the Azure KeyVault component into the .Net Aspire project.

Github Project

GitHub - ssukhpinder/DotnetAspireChallenge: 10 Day .Net Aspire Challenge

More Cheatsheets

Cheat Sheets — .Net

C# Programming🚀

Thank you for being a part of the C# community! Before you leave:

Follow us: Youtube | X | LinkedIn | Dev.to Visit our other platforms: GitHub More content at C# Programming