无法使用.net sdk保护azure密钥保险库 [英] Unable to secure azure key vault using .net sdk
问题描述
我正在写一个.net脚本,我希望在Azure Key Vault资源上提供访问权限。您可以按如下方式引用我的代码:
public void SecureKeyVault()
{
var vaultName =" CTGAIN-ProdKeyVault" ;;
var accessPolicy = new AccessPolicyEntry
{
TenantId = new Guid(<我正在使用Azure的托管身份租户>),
ObjectId =" v- sivish@microsoft.com" ;,
ApplicationId = new Guid<我正在使用Azure的托管身份应用程序ID>),
//Guid..Parse("CTGainDevPipeline"),
权限=新权限
{
Keys = {" backup"," create" },
Secrets = {" backup"," create" }
}
};
VaultProperties vaultProperties = new VaultProperties()
{
EnabledForTemplateDeployment = true,
AccessPolicies = new List< AccessPolicyEntry>
{
accessPolicy
}
};
VaultCreateOrUpdateParameters vaultParameters = new VaultCreateOrUpdateParameters(" west us",vaultProperties);
KeyVaultManagementClient managementClient = new KeyVaultManagementClient(client.Credentials);
managementClient.Vaults.CreateOrUpdate(pipeline.datafactoryConfig.resourceGroup,vaultName,vaultParameters);
}
我已经在AccessPolicyEntry函数中定义了所有属性,但是它给出了一个错误:
Guid应包含32个数字,包含4个短划线(xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)。
tenantId和applicationId都有32位数字,其中包括4个虚线。
你们能帮助我吗?我在这里做错了什么。
提前致谢
嗨 Ramandeep123 ,
我认为这个例外" Guid应该包含32位数字和4个短划线(xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)。""与AzureKeyVault无关
。此错误即将发生,因为Guid未在以下代码中正确设置:
TenantId = new Guid(<我正在使用来自Azure的托管身份租户>),
ApplicationId =新Guid<我正在使用来自Azure的托管身份应用程序ID>),
您只需在普通代码/控制台应用程序中获取异常。假设我们的代码类似于
var gid = new Guid(" 0d221cd3-4699-442c-8840-edf98f58a416");
if i更改我的guid格式会破坏。
因此,在您的情况下,请检查您的guid("来自Azure的托管身份租户"和"来自Azure的托管身份应用程序ID" ;)并再次替换它们的值。
我希望这会有所帮助。
Hi,
I am writing a .net script where i want to give access on Azure Key Vault resource. You can refer my code as below :
public void SecureKeyVault()
{
var vaultName = "CTGAIN-ProdKeyVault";
var accessPolicy = new AccessPolicyEntry
{
TenantId = new Guid(<I am using Managed Identity tenant from Azure>),
ObjectId = "v-sivish@microsoft.com",
ApplicationId = new Guid<I am using Managed Identity Application Id from Azure>),
//Guid..Parse("CTGainDevPipeline"),
Permissions = new Permissions
{
Keys = { "backup", "create" },
Secrets = { "backup", "create" }
}
};
VaultProperties vaultProperties = new VaultProperties()
{
EnabledForTemplateDeployment = true,
AccessPolicies = new List<AccessPolicyEntry>
{
accessPolicy
}
};
VaultCreateOrUpdateParameters vaultParameters = new VaultCreateOrUpdateParameters("west us", vaultProperties);
KeyVaultManagementClient managementClient = new KeyVaultManagementClient(client.Credentials);
managementClient.Vaults.CreateOrUpdate(pipeline.datafactoryConfig.resourceGroup, vaultName, vaultParameters);
}I have defined all properties in AccessPolicyEntry function but it is giving an error :
Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).'Both tenantId and applicationId have 32 digits with 4 dashed.
Can you guys please help me here what am I doing wrong here.
Thanks in advance
Hi Ramandeep123,
I think this exception "Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).'" is not related to AzureKeyVault. This error is coming because Guid is not proper set in the below code:
TenantId = new Guid(<I am using Managed Identity tenant from Azure>),
ApplicationId = new Guid<I am using Managed Identity Application Id from Azure>),you can simply get the exception in normal code/console app. Let's say we have code like
var gid = new Guid("0d221cd3-4699-442c-8840-edf98f58a416");
If i change the format of my guid it will break.
So, in your case could you please check your guid("Managed Identity tenant from Azure" and "Managed Identity Application Id from Azure") and replace their values again.
I hope this helps.
这篇关于无法使用.net sdk保护azure密钥保险库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
