Skip to content

Sample showing how to use an HttpPipelinePolicy to proxy secrets, keys, and certificates from Azure Key Vault.

License

Notifications You must be signed in to change notification settings

heaths/KeyVaultProxy

Repository files navigation

Azure Key Vault Proxy

ci

This is a sample showing how to use an HttpPipelinePolicy to cache and proxy secrets, keys, and certificates from Azure Key Vault. The Azure.Core packages provides a number of useful HTTP pipeline policies like configurable retries, logging, and more; and, you can add your own policies.

Getting started

To use this sample, you will need to install the Azure.Core package, which is installed automatically when installing any of the Azure Key Vault packages:

Once you build this project, you can reference this sample in your own project by either:

  • Adding a <ProjectReference> to this sample project in your own project, or
  • Running dotnet pack on this sample project, publish it to a private NuGet source, and add a <PackageReference> to AzureSamples.Security.KeyVault.Proxy.

After you reference this sample, in your own project source, add the following:

using AzureSamples.Security.KeyVault.Proxy;

Examples

All HTTP clients for Azure.* packages allow you to customize the HTTP pipeline using their respective client options classes, such as the SecretClientOptions class below:

SecretClientOptions options = new SecretClientOptions();
options.AddPolicy(new KeyVaultProxy(), HttpPipelinePosition.PerCall);

SecretClient client = new SecretClient(
    new Uri("https://myvault.vault.azure.net"),
    new DefaultAzureCredential(),
    options);

Whenever you make a call to a resource with given a unique URI, it will be cached, by default, for 1 hour. You can change the default time-to-live (TTL) like so:

SecretClientOptions options = new SecretClientOptions();
options.AddPolicy(new KeyVaultProxy(TimeSpan.FromSeconds(30)), HttpPipelinePosition.PerCall);

When the resource has expired, the next request will go to the server and a successful GET response for certificates, keys, or secrets will be cached.

Feedback

Please leave feedback, ask questions, and file issues in our Issues page.

License

This project is licensed under the MIT license.

About

Sample showing how to use an HttpPipelinePolicy to proxy secrets, keys, and certificates from Azure Key Vault.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published