Centralizing configurations can be useful for several reasons: security, consistency, deployment. In this article, we’ll use Azure App Configuration to centralize the configurations used in a .NET API application.
Table of Contents
Almost every application requires some kind of configuration: connection strings, default values, and so on.
It is not a good practice to keep all configurations in your code base: if your code is leaked on the Internet, all your connection strings, private settings, and API keys will be exposed on the Internet.
In previous articles, we learned how to set configurations in a .NET application, as well as how to access them in our code using the IOptions family.
In this article, we go Make our app more secure By moving our configurations to the cloud and using Azure App Configurations to securely use such configurations in our applications.
But first, as always, we need a dummy project to demonstrate such capabilities.
I created a simple .NET 7 API project with only one endpoint, /ConfigDemowhich returns the values from the settings.
In the appssettings.json file I have these values:
{
"MyNiceConfig": {
"PageSize": 6,
"Host": {
"BaseUrl": "https://www.mydummysite.com",
"Password": "123-go"
}
}
}
These values are mapped to a MyConfig status:
public class MyConfig
{
public int PageSize { get; set; }
public MyHost Host { get; set; }
}
public class MyHost
{
public Uri BaseUrl { get; set; }
public string Password { get; set; }
}
By using this instruction in Program status.
builder.Services.Configure<MyConfig>(builder.Configuration.GetSection("MyNiceConfig"));
Finally, the API controller simply returns the value
[ApiController]
[Route("[controller]")]
public class ConfigDemoController : ControllerBase
{
private readonly IOptions<MyConfig> _config;
public ConfigDemoController(IOptions<MyConfig> config)
=> _config = config;
[HttpGet()]
public IActionResult Get()
{
return Ok(_config.Value);
}
}
As you can see, everything is quite simple. We can call the endpoint and see exactly the same values that we have App settings file.
How to create an Azure App Configuration instance
Now we can move to the cloud ☁
First of all, contact Azure portal and Create a new application configuration instance.
You will be asked to specify the subscription and resource group, and also specify the location and name of the instance.
Finally, you can choose the best pricing tier for you:
- free: Well, it’s free, but with fewer capabilities;
- standard: You pay to get geo-replication and the ability to restore deleted configurations.
I will select the free tier, and complete the resource creation.
After some time, you will finally see the resource overview with its basic information:
Now we can Update our configurations. As you remember, the definition structure is:
{
"MyNiceConfig": {
"PageSize": 6,
"Host": {
"BaseUrl": "https://www.mydummysite.com",
"Password": "123-go"
}
}
}
We want to update the page size and password. locate Configuration Explorer In the left menu, click Create and add a new value for each configuration. Remember: Nested configurations can be defined using : sign: To update the password, the key must be MyNiceConfig:Host:Password. It is important: Do not set labels or tagsFor now: they are advanced topics, and require some additional settings that we will probably explore in future articles.
Once you’ve overridden both values, you should be able to see something like this:
How to integrate Azure App configuration into a .NET application
We are now ready to integrate the Azure application configuration with the .NET APIs.
First things first: we need to install the Microsoft.Azure.AppConfiguration.AspNetCore NuGet package:
Next, we need to find a way to connect to our app’s configuration instance. There are two ways: using Azure Active Directory (Azure AD) or simply using it Access key. We’re going to use the latter.
Return to Azure, and locate the Access Keys menu item. Then go to read-only keys, and copy the full connection string.
Do not store it in your repository! There are smarter and safer ways to store using connection strings like this:
- Environment Variables: For example, launch the application with
dotnet run --MYKEY=<your_connection_string>; - launchsettings.json key: You can use different configurations based on the current profile;
- A store of secrets: Hidden values are only available on your computer. can be set using
dotnet user-secrets set MyKey "<your_connection_string>"; - pipe configurations: you can set such values in your CI/CD pipelines;
But still, for the sake of this example, I’ll store the connection string in a local variable 😁
const string ConnectionString = "Endpoint=https://<my-host>.azconfig.io;Id=<Id>;Secret=<Secret>";
Now, combining the remote configurations is just a matter of adding one directive:
builder.Configuration.AddAzureAppConfiguration(ConnectionString);
You can now run the APIs and call the previous endpoint to see the new results
Why should you use Azure App Configuration?
In my opinion, a correct way to handle configurations is essential to the success of a project.
Centralizing configurations can be useful in three different ways:
- Your app is more secure Because you don’t risk exposing your credentials online;
- You can share configurations across different services: Say you have 4 services accessing the same external APIs that require a client secret. Centralizing the configuration helps maintain consistent values in the various services, and for example, updating the secret of all applications in only one place;
- to use Different configurations based on the environment: With Azure App Configuration you can use a set of tags and labels to determine which settings should be loaded in which environment. This greatly simplifies the management of configurations in different environments.
But note that with the basic approach we used in this article, the configurations coming from Azure are loaded when the application starts: The settings are static until you restart the application. You can set your application to Azure App Configuration survey There will always be the most updated values without the need to restart the application, but that will be the subject of a future article.
Additional readings
Configuration management is one of the keys to the success of a project: if settings are difficult to manage and difficult to configure locally for debugging, you will lose a lot of time (true story! 😩).
However, there are several ways to set configurations for a .NET application, such as environment variables, launchSettings and so on.
🔗 3 (and more) ways to set configuration values in .NET | Code4IT
This article first appeared on Code4IT 🐧
Also, managing the configuration in a smart way is easy, if you know what to do. You can follow some best practices.
🔗Best practices for configuring Azure applications | Microsoft Docs
finishing
In this article, we learned a smart way to handle configurations using Azure App Configuration.
This product can be used for free, but, of course, with limitations.
In a future article, we’ll learn how to make these configurations dynamic so you can apply updates without restarting the applications.
I hope you enjoyed this article! Let’s keep in touch Twitter or LinkedIn! 🤜🤛
Happy coding!
🐧
.
