[FEATURE REQ] New ProtectKeysWithAzureKeyVault Extension Method #37903
Comments
github-actions
bot
added
Client
|
Hi @nquandt. Thank you for reaching out and for your suggestion. Can you help us understand the end-to-end scenario? Since DI and data projection registrations both operate on the same |
jsquire
added
needs-author-feedback
|
Hi @nquandt. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
|
I get my identifier from a config map in kubernetes.. and currently the way I load that setting into my app is via an "Options" object in my DI container. I currently have a work around where I BuildServiceProvider() before I do the DataProtection setup, but this seems weird. |
github-actions
bot
added
needs-team-attention
|
Thank you for the additional context, @nquandt. Forgive me, but I'm not sure that I'm following the flow of what that looks like. Would you be able to share a code snippet showing how you're initializing DI and registering data protection? |
jsquire
added
needs-author-feedback
|
Hi @nquandt. Thank you for opening this issue and giving us the opportunity to assist. To help our team better understand your issue and the details of your scenario please provide a response to the question asked above or the information requested above. This will help us more accurately address your issue. |
|
Hi @nquandt, we're sending this friendly reminder because we haven't heard back from you in 7 days. We need more information about this issue to help address it. Please be sure to give us your input. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you! |
github-actions
bot
added
the
no-recent-activity
|
Sorry I've been slow to respond. I have an object injected into my DI container that holds my key vault information. (this gets injected based on some environment variables set in a kube deploy).. So basically I am just looking for a simple way of setting the services.AddDataProtection()
.ProtectKeysWithAzureKeyVault((sp) => $"{sp.GetRequiredService<MyKVOptions>().Url}/keys/dataprotection/",
(sp) => {
var kvOptions = sp.GetRequiredService<MyKVOptions>();
return new ClientSecretCredential(kvOptions.TenantId, kvOptions.ClientId, kvOptions.ClientSecret);
}); Also some extra context, I use AzureKeyVault in other ways throughout my application, just not for DataProtection.. so thats why I have that object with my settings I can pass around to other services. |
github-actions
bot
added
needs-team-attention
jsquire
removed
the
needs-team-attention
github-actions
bot
added
the
needs-team-attention
|
@JoshLove-msft : Please include this in the discussion of the use of factories in our extensions packages. Thanks! |
|
@AlexanderSher: Since you're looking into Extension package feature requests, please include this one as well. |
|
Evaluating whether this can be addressed as part of #46671 |
annelo-msft
removed
the
needs-team-attention
Library name
Azure.Extensions.AspNetCore.DataProtection.Keys
Please describe the feature.
Requiring an extensions method to configure the
keyIdentifiervia ServiceProvider. I inject the key identifier into DI and require a way to retrieve it in order to setupProtectKeysWithAzureKeyVaultazure-sdk-for-net/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Keys/src/AzureDataProtectionKeyVaultKeyBuilderExtensions.cs
Line 30 in 8a3d98d
The text was updated successfully, but these errors were encountered: