StackSpot.Secrets
1.0.2
dotnet add package StackSpot.Secrets --version 1.0.2
NuGet\Install-Package StackSpot.Secrets -Version 1.0.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="StackSpot.Secrets" Version="1.0.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add StackSpot.Secrets --version 1.0.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: StackSpot.Secrets, 1.0.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install StackSpot.Secrets as a Cake Addin #addin nuget:?package=StackSpot.Secrets&version=1.0.2 // Install StackSpot.Secrets as a Cake Tool #tool nuget:?package=StackSpot.Secrets&version=1.0.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
StackSpot secrets
Este componente foi projetado para padronizar a comunicação com a possibilidade de cacheamento de segredos da AWS Secrets Manager para aplicações .NET.
Versões suportadas
- net5.0
- net6.0
Uso
1. Adicione o pacote NuGet StackSpot.Secrets ao seu projeto.
dotnet add package StackSpot.Secrets
2. Configure as variáveis.
- CacheItemTTL - TTL do cache em milliseconds - Valor default: 3600000.
- MaxCacheSize - Quantidade máxima de items a serem cacheados antes de executar o LRU - Valor default: 1024.
- VersionStage - Versão que o cache irá requisitar ao recuperar o segredo do Secrets Manager - Valor default: AWSCURRENT.
- RegionEndpoint - Endpoint regional que será utilizado para requisitar o Secrets Manager - Campo Obrigatório.
Você pode sobrescrever a configuração padrão do cache adicionando a seção SecretsCache em seu appsettings.json.
"SecretsCache": {
"CacheItemTTL": 3700000,
"MaxCacheSize": 1024,
"VersionStage": "AWSCURRENT",
"RegionEndpoint": "us-east-1"
}
3. Adicione ao seu IServiceCollection via services.AddSecretsManager() no Startup da aplicação ou Program tendo como parametro de entrada IConfiguration e IWebHostEnvironment.
services.AddSecretsManager(Configuration, Env);
Implementação
[ApiController]
[Route("[controller]")]
public class SampleController : ControllerBase
{
private readonly ISecretsManagerCache _cache;
public SampleController(ISecretsManagerCache cache)
{
_cache = cache;
}
[HttpGet]
public async Task<IActionResult> Get()
{
var someEntity = await _cache.GetSecretString("Poc");
return Ok(someEntity);
}
}
Sobrecargas disponíveis.
- Em recuperações bem sucedidas, o cache irá retornar uma cópia cacheada do seu segredo.
var secret = await ISecretsRepository.GetSecret<T>(secretKey);
- É possível utilizar a interface ISecretsRepository com tratamento de erros e API para deserializar o seu segredo.
Exceptions
- SecretsRepositoryException, acontece quando:
- Secret não encontrada, retorna a mensagem
No secret was found for key {secretKey}. - Erro inesperado, retorna a mensagem
An error occurred while getting the secret for key {secretKey}., contendo a exception do erro.
- Secret não encontrada, retorna a mensagem
4. Ambiente local
- Esta etapa não é obrigatória.
- Recomendamos, para o desenvolvimento local, a criação de um contâiner com a imagem do Localstack.
- Para o funcionamento local você deve preencher a variável de ambiente
LOCALSTACK_CUSTOM_SERVICE_URLcom o valor da url do serviço. O valor padrão do localstack é http://localhost:4566. - Abaixo um exemplo de arquivo
docker-composecom a criação do contâiner:
version: '2.1'
services:
localstack:
image: localstack/localstack
ports:
- "4566:4566"
environment:
- SERVICES=secretsmanager
- AWS_DEFAULT_OUTPUT=json
- DEFAULT_REGION=us-east-1
Após a criação do contâiner, crie uma secret para realizar os testes com o componente. Recomendamos que você tenha instalado o AWS CLI. Abaixo um exemplo de comando para criação de uma secret:
aws --endpoint-url=http://localhost:4566 --region=us-east-1 secretsmanager create-secret --name [NOME DA SUA SECRET] --description [DESCRIÇÃO DA SUA SECRET] --secret-string [VALOR DA SUA SECRET]
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 is compatible. net5.0-windows was computed. net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net5.0
- AWSSDK.SecretsManager (>= 3.7.1.65)
- Microsoft.Extensions.Caching.Memory (>= 6.0.0)
- Microsoft.Extensions.Configuration (>= 6.0.0)
- Microsoft.Extensions.Configuration.Binder (>= 6.0.0)
- Microsoft.Extensions.DependencyInjection (>= 6.0.0)
- Microsoft.Extensions.Hosting (>= 6.0.0)
-
net6.0
- AWSSDK.SecretsManager (>= 3.7.1.65)
- Microsoft.Extensions.Caching.Memory (>= 6.0.0)
- Microsoft.Extensions.Configuration (>= 6.0.0)
- Microsoft.Extensions.Configuration.Binder (>= 6.0.0)
- Microsoft.Extensions.DependencyInjection (>= 6.0.0)
- Microsoft.Extensions.Hosting (>= 6.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.