Consuming secrets
Every provider implements ISecretProvider
which makes it easy to use a consistent flow, regardless of the provider.
You can easily retrieve secrets as following:
var secret = await secretProvider.GetSecretAsync("EventGrid-AuthKey");
Caching Secrets
Some secret providers recommend to cache secrets for a while to avoid hitting the service limitations.
We provide a CachedSecretProvider
which allows them to be cached in memory for a certain amount of time.
var cachedSecretProvider = new CachedSecretProvider(secretProvider);var secret = await cachedSecretProvider.GetSecretAsync("EventGrid-AuthKey");
If you prefer a more fluent approach you can also use our WithCaching
extension.
var cachedSecretProvider = new KeyVaultSecretProvider(vaultAuthenticator, vaultConfiguration) .WithCaching();var secret = await cachedSecretProvider.GetSecretAsync("EventGrid-AuthKey");
#
Configuring the cacheBy default we only keep them around for 5 minutes, but you can configure this yourself.
var cacheConfiguration = new CacheConfiguration(TimeSpan.FromMinutes(10)); // Optional: Default is 5 minvar cachedSecretProvider = new CachedSecretProvider(secretProvider, cacheConfiguration);var secret = await cachedSecretProvider.GetSecretAsync("EventGrid-AuthKey");
#
Bypassing cached secretsIn some scenarios you'd like to skip the cache and retrieve the secret by looking it up in the secret-store, instead of retrieving it from the cache.
This is important because in certain scenarios your secrets can be rolled and thus you will be revoked access.
var secret = await cachedSecretProvider.GetSecretAsync("EventGrid-AuthKey", ignoreCache: true);