Wednesday, 14 June 2023

Create, access and delete secrets in Azure Key Vault using C# console app

 In this article, I explained how to create, access and delete secrets in Azure Key Vault using C# console app.


  • Azure key Vault:

Azure Key Vault is a cloud service that provides a secure store for secrets. You can securely store keys, passwords, certificates, and other secrets. Azure key vaults may be created and managed through the Azure portal.

 

  • Advantage:

  1.          Using Azure Key Vault to store application secrets centrally, you can regulate how they’re distributed. Secrets are much less likely to be mistakenly revealed using Key Vault.
  2.        . When using Key Vault, application developers no longer need to store security information in their applications. The necessity to make security information part of the code is eliminated by not needing to store security information in apps.
  3.        . For example, an application would need to connect to a database. Instead of storing the connection string in the app’s code, you can safely save it in Key Vault. URIs allow your applications to safely access the data they require.

 

  • Define variables.

const string KEYVALUTNAME = "testkeyvault"; // Set this to the name of your key vault

static string keyVaultUri = $"https://{KEYVALUTNAME}.vault.azure.net";

static SecretClient secretClient = null;

 

 

  • Define a method to list all the secret you have in your azure key vault.

private static void ListAllSecrets()

        {

            Console.WriteLine("All Secrets:");

            var allSecrets = secretClient.GetPropertiesOfSecrets();

            foreach (var secret in allSecrets)

            {

                var secretValue = secretClient.GetSecret(secret.Name);

                Console.WriteLine($"{secret.Name} | {secretValue.Value.Value} | {secretValue.Value.Properties.ContentType}");

            }

            Console.WriteLine();

        }

 

  • Code to create secret:

            Console.Write("Input the Secret name to set (ENTER to skip):");

            var setSecretName = Console.ReadLine();

            if (setSecretName != "")

            {

                Console.Write("Input the Secret value to set:");

                var setSecretValue = Console.ReadLine();

 

                Console.WriteLine("Setting secret...");

                await secretClient.SetSecretAsync(setSecretName, setSecretValue);

                Console.WriteLine($"Secret {setSecretName} set to {setSecretValue}!");

 

                // Set content type

                var secret = secretClient.GetSecret(setSecretName);

                secret.Value.Properties.ContentType = "Demo Type";

                secretClient.UpdateSecretProperties(secret.Value.Properties);

            }

 

 

  • Code to soft delete the secrets:

            Console.Write("Input a Secret Name to soft delete (ENTER to skip):");

            var deleteSecretName = Console.ReadLine();

            if (deleteSecretName != "")

            {

                var operation = secretClient.StartDeleteSecret(deleteSecretName);

                Console.Write($"Deleting secret {deleteSecretName}...");

                while (!operation.HasCompleted)

                {

                    Thread.Sleep(1000);

                    Console.Write($".");

                    operation.UpdateStatus();

                }

                Console.WriteLine();

                Console.WriteLine($"Secret {deleteSecretName} deleted!");

            }

 

  • Code to permanently delete the secrets:

            Console.Write("Input a Secret Name to permanently delete (ENTER to skip):");

            var purgeSecretName = Console.ReadLine();

            if (purgeSecretName != "")

            {

                var operation = secretClient.StartDeleteSecret(purgeSecretName);

                Console.Write($"Soft deleting secret {purgeSecretName}...");

                while (!operation.HasCompleted)

                {

                    Thread.Sleep(1000);

                    Console.Write($".");

                    operation.UpdateStatus();

                }

                Console.WriteLine();

                Console.WriteLine($"Secret {purgeSecretName} deleted!");

                secretClient.PurgeDeletedSecret(purgeSecretName);

                Console.WriteLine($"Secret {purgeSecretName} purged!");

            }

 

  • Complete code example:

using System;

using System.Threading;

using System.Threading.Tasks;

using Azure.Identity;

using Azure.Security.KeyVault.Secrets;

 

namespace AzManageKeyVaultSecrets

{

    internal class Program

    {

        const string KEYVALUTNAME = "dgtestkeyvault"; // Set this to the name of your key vault

        static string keyVaultUri = $"https://{KEYVALUTNAME}.vault.azure.net";

        static SecretClient secretClient = null;

        static async Task Main(string[] args)

        {

            var credentials = new DefaultAzureCredential();

            secretClient = new SecretClient(new Uri(keyVaultUri), credentials);

 // First call the ListAllSecrets method to dislay all secrets

              ListAllSecrets();

            Console.Write("Input the Secret name to set (ENTER to skip):");

            var setSecretName = Console.ReadLine();

            if (setSecretName != "")

            {

                Console.Write("Input the Secret value to set:");

                var setSecretValue = Console.ReadLine();

 

                Console.WriteLine("Setting secret...");

                await secretClient.SetSecretAsync(setSecretName, setSecretValue);

                Console.WriteLine($"Secret {setSecretName} set to {setSecretValue}!");

 

                // Set content type

                var secret = secretClient.GetSecret(setSecretName);

                secret.Value.Properties.ContentType = "Demo Type";

                secretClient.UpdateSecretProperties(secret.Value.Properties);

            }

 

            Console.Write("Input a Secret Name to soft delete (ENTER to skip):");

            var deleteSecretName = Console.ReadLine();

            if (deleteSecretName != "")

            {

                var operation = secretClient.StartDeleteSecret(deleteSecretName);

                Console.Write($"Deleting secret {deleteSecretName}...");

                while (!operation.HasCompleted)

                {

                    Thread.Sleep(1000);

                    Console.Write($".");

                    operation.UpdateStatus();

                }

                Console.WriteLine();

                Console.WriteLine($"Secret {deleteSecretName} deleted!");

            }

 

            Console.Write("Input a Secret Name to permanently delete (ENTER to skip):");

            var purgeSecretName = Console.ReadLine();

            if (purgeSecretName != "")

            {

                var operation = secretClient.StartDeleteSecret(purgeSecretName);

                Console.Write($"Soft deleting secret {purgeSecretName}...");

                while (!operation.HasCompleted)

                {

                    Thread.Sleep(1000);

                    Console.Write($".");

                    operation.UpdateStatus();

                }

                Console.WriteLine();

                Console.WriteLine($"Secret {purgeSecretName} deleted!");

                secretClient.PurgeDeletedSecret(purgeSecretName);

                Console.WriteLine($"Secret {purgeSecretName} purged!");

            }

 

            ListAllSecrets();

 

            Console.WriteLine();

            Console.WriteLine("Done!");

        }

 

        private static void ListAllSecrets()

        {

            Console.WriteLine("All Secrets:");

            var allSecrets = secretClient.GetPropertiesOfSecrets();

            foreach (var secret in allSecrets)

            {

                var secretValue = secretClient.GetSecret(secret.Name);

                Console.WriteLine($"{secret.Name} | {secretValue.Value.Value} | {secretValue.Value.Properties.ContentType}");

            }

            Console.WriteLine();

 

        }

    }

}




Please feel free to ask if any doubts.

Thursday, 8 June 2023

Publish events to Azure Event Grid Topic using c# console app

In this aticle I explained how to publish events to Azure Event Grid Topic using C# console app.

 Steps to publish Events to Event Grid Topic

· Create a azure function using Azure Event Grid Trigger template.

· If you haven't previously used Event Grid in your Azure subscription, you may need to register the Event Grid resource provider.

· Create an event grid topic provides a user-defined endpoint that you post your events to.

· You subscribe to an event grid topic to tell Event Grid which events you want to track, and where (azure function) to send the events.

· Publish an event to Event Grid Topic using URL and KEY of the custom topic created (using postman or event publisher client console app).

 

Publish Events to EventGrid Topic

  • First if all install Azure and EventGrid packages and include the below ref.

        using Azure;

        using Azure.Messaging.EventGrid;

 

  • Declare and Event Grid Topic’s end point and public key:

        private const string topicEndpoint = "copy and paste here Topic end points";

        private const string topicKey = "Copay and paste here public key

 

  • Create Event Grid Publisher Client using credentials

        static Uri endpoint = new Uri(topicEndpoint);

        static AzureKeyCredential credential = new AzureKeyCredential(topicKey);

        static EventGridPublisherClient client = new EventGridPublisherClient(endpoint, credential);

 

  • Now create EventPublisher method to post events to Event Grid Topic

        private static async Task<string> EventPublisher()

        {

            List<EventGridEvent> eventsList = new List<EventGridEvent>

            {

                new EventGridEvent(

                subject: $"New Employee: Alba Sutton",

                eventType: "Employees.Registration.New",

                dataVersion: "1.0",

                 data: new{

                  Id = "108",

                   Description = "456 College Street, Bow, WA 98107",

                   isDone="true"}),

                new EventGridEvent(

                subject: $"New Employee: Alexandre Doyon",

                eventType: "Employees.Registration.New",

                dataVersion: "1.0",

                data: new{

                    Id = "109",

                   Description = "456 College Street, Bow, WA 98107",

                   isDone="true"})

            };

              await client.SendEventsAsync(eventsList);

              Console.WriteLine("All events have been published to the EventGrid Topic");

              return "All events have been published to the EventGrid Topic";

        }

 

  • Finally, call EventPublisher method from Manin method:

 

        static async Task Main()

            {

                try

                {

                await EventPublisher();

                Console.WriteLine("Press any key to exit");

                Console.ReadLine();

                }

               catch (Exception ex)

                {

                Console.WriteLine($"Exception: {ex.Message}");

                }

           }

 

  • The complete code example is here:

    using System;

    using Azure;

    using System.Threading.Tasks;

    using Azure.Messaging.EventGrid;

    namespace AzEventbasedSolution

    {

    internal class Program

    {

        private const string topicEndpoint = "copy and paste here Topic end points";

         private const string topicKey = "Copay and paste here public key

        static Uri endpoint = new Uri(topicEndpoint);

        static AzureKeyCredential credential = new AzureKeyCredential(topicKey);

        static EventGridPublisherClient client = new EventGridPublisherClient(endpoint, credential);

        static async Task Main()

        {

            try

            {

                await EventPublisher();

                Console.WriteLine("Press any key to exit");

                Console.ReadLine();

            }

            catch (Exception ex)

            {

                Console.WriteLine($"Exception: {ex.Message}");

            }

        }


        private static async Task<string> EventPublisher()

         {

            List<EventGridEvent> eventsList = new List<EventGridEvent>

            {

                new EventGridEvent(

                subject: $"New Employee: Alba Sutton",

                eventType: "Employees.Registration.New",

                dataVersion: "1.0",

                 data: new{

                  Id = "108",

                   Description = "456 College Street, Bow, WA 98107",

                   isDone="true"}),

                new EventGridEvent(

                subject: $"New Employee: Alexandre Doyon",

                eventType: "Employees.Registration.New",

                dataVersion: "1.0",

                data: new{

                    Id = "109",

                   Description = "456 College Street, Bow, WA 98107",

                   isDone="true"} )

            };

              await client.SendEventsAsync(eventsList);

              Console.WriteLine("All events have been published to the EventGrid Topic");

              return "All events have been published to the EventGrid Topic";

        }

      }

    }