pvNugsSecretManagerNc9Abstractions 9.0.0

.NET 9.0 This package targets .NET 9.0. The package is compatible with this framework or higher. 
dotnet add package pvNugsSecretManagerNc9Abstractions --version 9.0.0
                    


                    

                
NuGet\Install-Package pvNugsSecretManagerNc9Abstractions -Version 9.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="pvNugsSecretManagerNc9Abstractions" Version="9.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="pvNugsSecretManagerNc9Abstractions" Version="9.0.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="pvNugsSecretManagerNc9Abstractions" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add pvNugsSecretManagerNc9Abstractions --version 9.0.0
                    


                    

                
#r "nuget: pvNugsSecretManagerNc9Abstractions, 9.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package pvNugsSecretManagerNc9Abstractions@9.0.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=pvNugsSecretManagerNc9Abstractions&version=9.0.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=pvNugsSecretManagerNc9Abstractions&version=9.0.0
                    


                            Install as a Cake Tool

pvNugs Secret Manager NC9 Abstractions

NuGet Version .NET License: MIT

A comprehensive .NET 9.0 abstraction library for secure secret management with support for both static and dynamic credentials. This package provides interfaces and contracts for integrating with various secret management systems including Azure Key Vault, AWS Secrets Manager, and HashiCorp Vault.

🔐 Features

  • Static Secret Management: Retrieve persistent secrets like API keys, connection strings, and passwords
  • Dynamic Credential Management: Generate temporary, time-limited database credentials with automatic expiration
  • Multiple Provider Support: Designed for Azure Key Vault, AWS Secrets Manager, HashiCorp Vault, and more
  • Thread-Safe Operations: Full support for concurrent access across multiple application threads
  • Cancellation Support: Proper cancellation token handling for graceful shutdowns
  • Comprehensive Documentation: Extensive XML documentation with examples and best practices

📦 Installation

dotnet add package pvNugsSecretManagerNc9Abstractions



Or via Package Manager Console:

```textmate
Install-Package pvNugsSecretManagerNc9Abstractions

🚀 Quick Start

Static Secret Management

public class DatabaseService
{
    private readonly IPvNugsStaticSecretManager _secretManager;

    public DatabaseService(IPvNugsStaticSecretManager secretManager)
    {
        _secretManager = secretManager;
    }

    public async Task<string> GetConnectionStringAsync()
    {
        var password = await _secretManager.GetStaticSecretAsync("database-password");
        return $"Server=myserver;Database=mydb;Password={password};";
    }
}

Dynamic Credential Management

public class SecureDataService
{
    private readonly IPvNugsDynamicSecretManager _secretManager;

    public SecureDataService(IPvNugsDynamicSecretManager secretManager)
    {
        _secretManager = secretManager;
    }

    public async Task<List<User>> GetUsersAsync()
    {
        var credential = await _secretManager.GetDynamicSecretAsync("app-database");
        
        if (credential == null || DateTime.UtcNow >= credential.ExpirationDateUtc)
            throw new InvalidOperationException("Unable to obtain valid credentials");

        var connectionString = $"Server=myserver;Username={credential.Username};Password={credential.Password};";
        
        // Use connection for database operations...
        return users;
    }
}

🏗️ Core Interfaces

IPvNugsStaticSecretManager

Provides access to persistent secrets stored in external secret management systems.

Key Features:

  • Retrieve static secrets by name
  • Thread-safe operations
  • Caching support
  • Proper error handling

IPvNugsDynamicSecretManager

Extends static secret management with dynamic credential generation capabilities.

Key Features:

  • Time-limited credentials
  • Automatic credential rotation
  • Enhanced security through temporary access
  • Zero persistent storage

IPvNugsDynamicCredential

Represents a temporary credential with automatic expiration.

Properties:

  • Username: Dynamically generated username
  • Password: Cryptographically secure password
  • ExpirationDateUtc: Precise expiration timestamp

🔧 Dependency Injection Setup

// Program.cs or Startup.cs
services.AddSingleton<IPvNugsStaticSecretManager, YourSecretManagerImplementation>();
services.AddSingleton<IPvNugsDynamicSecretManager, YourDynamicSecretManagerImplementation>();

🛡️ Security Best Practices

Static Secrets

  • Never log secret values in plain text
  • Use secure communication channels (HTTPS/TLS)
  • Implement proper caching with security considerations
  • Use managed identities or service accounts for authentication

Dynamic Credentials

  • Monitor expiration times and renew proactively
  • Implement credential renewal before expiration (recommended: 10-25% of lifetime)
  • Handle concurrent renewal operations safely
  • Clear credentials from memory when no longer needed

📋 Use Cases

Static Secret Management

  • Database passwords and connection strings
  • API keys for external services
  • Encryption keys and certificates
  • Third-party service credentials
  • Sensitive configuration values

Dynamic Credentials

  • Production database access with temporary users
  • Multi-tenant applications requiring credential isolation
  • Compliance environments with mandatory credential rotation
  • Cloud-native applications using managed database services
  • Zero-trust security architectures

🔄 Integration Examples

With Configuration System

services.Configure<DatabaseOptions>(async options =>
{
    var secretManager = serviceProvider.GetRequiredService<IPvNugsStaticSecretManager>();
    options.Password = await secretManager.GetStaticSecretAsync("db-password");
});

Error Handling

public async Task<ApiClient> CreateApiClientAsync(CancellationToken cancellationToken)
{
    try
    {
        var apiKey = await _secretManager.GetStaticSecretAsync("external-api-key", cancellationToken);
        if (apiKey == null)
            throw new InvalidOperationException("API key not found");
            
        return new ApiClient(apiKey);
    }
    catch (OperationCanceledException)
    {
        _logger.LogInformation("Secret retrieval was cancelled");
        throw;
    }
    catch (Exception ex)
    {
        _logger.LogError(ex, "Failed to retrieve API key");
        throw;
    }
}

🎯 Target Framework

  • .NET 9.0: Built specifically for the latest .NET platform with modern language features

📚 Documentation

The package includes comprehensive XML documentation with:

  • Detailed interface descriptions
  • Method parameter explanations
  • Usage examples and best practices
  • Security considerations and guidelines
  • Integration patterns and common use cases

🤝 Contributing

This package is part of the pvWayNugs ecosystem. For issues, suggestions, or contributions, please visit the GitHub repository.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🏢 About pvWay Ltd

pvWay Ltd specializes in secure, enterprise-grade .NET solutions with a focus on security, reliability, and developer experience.

Keywords: Secret Management, Security, Azure Key Vault, AWS Secrets Manager, HashiCorp Vault, Dynamic Credentials, .NET 9, Abstractions, pvWayNugs

Product Compatible and additional computed target framework versions.
.NET net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

  • net9.0

    • No dependencies.

NuGet packages (4)

Showing the top 4 NuGet packages that depend on pvNugsSecretManagerNc9Abstractions:

Package Downloads
pvNugsCsProviderNc9PgSql

Secure, production-ready PostgreSQL connection string provider for .NET 9.0+ with advanced credential management, role-based access, and automatic secret rotation.
pvNugsSecretManagerNc9EnvVariables

Package Description
pvNugsCsProviderNc9MsSql

Package Description
pvNugsSecretManagerNc9Azure

Package Description

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
9.0.0 274 8/28/2025

Initial