azure-keyvault

问题 I am having trouble accessing a secret from an Azure key vault. I suspect the problem is that I don't adequately understand the terminology, so the arguments I'm supplying to various API calls are wrong. Here's the basic code I'm using: protected async Task<string> GetCommunityKeyAsync( UserConfiguration user ) { var client = new KeyVaultClient( new KeyVaultClient.AuthenticationCallback( GetAccessTokenAsync ), new HttpClient() ); // user.VaultUrl is the address of my key vault // e.g., https:

问题 I am attempting to put some output from a service I am running in a Key Vault in Azure. The output of my service will be user credentials which is why I want to use Key Vault for this purpose. So far, I have tried the KeyVaultClient's SetSecretAsync method, but it's not working for me, I am not getting any error messages however I'm also not seeing a new secret created in my targetted KeyVault. I have not been able to find a KeyVaultClient Add Secret method as it does not exist, am I using

问题 The following is in a console application and ClientID, RedirectUri is from the created native app in azure active directory. var authContext = new AuthenticationContext(string.Format("https://login.windows.net/{0}","common"),new FileCache()); var token = authContext.AcquireToken("https://management.core.windows.net/", ClientID, RedirectUri, PromptBehavior.Auto); I now have the token for talking with management api. using (var client = new KeyVaultManagementClient(new TokenCloudCredentials

问题 I have the following code, which retrieves the Secrets from KeyVault. var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken)); var sec = await kv.GetSecretAsync(ConfigurationManager.AppSettings["SomeURI"]); secretValue = sec.Value ; GetToken method : async Task<string> GetToken(string authority, string resource, string scope) { var authContext = new AuthenticationContext(authority); ClientCredential clientCred = new ClientCredential(ConfigurationManager.AppSettings[

问题 If I have an Azure ARM template that can create: Azure Container Registry Azure Key Vault Is there a way for the username and password for the Azure Container Registry to be automatically be added to the Azure Key Vault using ARM templates? Is there some way to refer to the Azure Container Registry username and password secrets in ARM templates for this purpose? UPDATE @EdBoykin's answer is correct, this is what I ended up with: { "type": "Microsoft.KeyVault/vaults/secrets", "name": "[concat

问题 I think Managed Service Identity is a great concept and I love keyvault. However: When I use the script using an incremental resource group deployment: Sample is modified for brevity { "type": "Microsoft.KeyVault/vaults", "name": "[parameters('keyvaultName')]", "apiVersion": "2015-06-01", "properties": { "accessPolicies": [ { "objectId": "[reference(parameters('functionAppName'), '2016-08-01', 'Full').identity.principalId]", "permissions": { "keys": [], "secrets": [ "Get" ] } } ] },

问题 All of the data encryption/decryption examples I have seen with Azure key Vault do the encryption locally and decryption within Azure itself by using the keyVaultClient.DecryptAsync() method. I understand that this is more secure as the private key never leaves Azure and leaks into your application code, but what if I want to do the decryption locally as well, how do i get the private key out? I am using keyVaultClient.GetKeyAsync() but it only seems to contain the public key. One of the

问题 I'm attempting to create a self signed certificate in KeyVault using the "Self" issuer. $policy = New-AzureKeyVaultCertificatePolicy -SubjectName "CN=$($certificateName)" -IssuerName "Self" -ValidityInMonths 12 $policy.Exportable = $true Add-AzureKeyVaultCertificate -VaultName $vaultName -Name $certificateName -CertificatePolicy $policy However, when getting the certificate back it doesn't appear to have a private key. Creating certificates directly in KeyVault doesn't seem hugely covered

问题 I am working on a Java web application deployed on an Azure App Service instance. And I need to make a call to a REST API that is secured by requiring mutual authentication over SSL. Since this is an app service, I don't have the luxury of adding the certificate and public key to the keystore and truststore respectively, and it has to all be done via code. Although with JCE and SSL, I managed to write the following console application that accesses the secure API successfully (with the help

问题 We have an Azure-based ASP.NET Web Service that accesses an Azure KeyVault. We are seeing two instances in which a method "hangs" on a first try, and then works a minute or so later. In both instances, a KeyVault access occurs. In both instances the problem started when we started using the KeyVault in these methods. We have done very careful logging in the first instance, and cannot see anything else in our code that could cause the hang. The KeyVault access is the primary suspect. In