是否可以向用户分配的身份授予对 Key Vault 的访问权限?
在 azure 门户的 Managed Identities 中,我创建了一个新的身份“KeyVaultIdentity”,我将其分配给了一个 Web 应用程序(在身份中,用户分配的身份选项卡)。在来自密钥保管库的访问策略中,我添加了新创建的“KeyVaultIdentity”身份并提供了访问机密的权限。
我正在使用以下代码访问密钥保管库:
try
{
/* The below 4 lines of code shows you how to use AppAuthentication library to fetch secrets from your Key Vault*/
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
var secret = await keyVaultClient.GetSecretAsync("https://play9VaultDemo.vault.azure.net/secrets/AppSecret")
.ConfigureAwait(false);
Message = secret.Value;
/* The below do while logic is to handle throttling errors thrown by Azure Key Vault. It shows how to do exponential backoff which …