AspNetCore.HealthChecks.Azure.KeyVault.Secrets 8.0.1

.NET 6.0 .NET Standard 2.0 
dotnet add package AspNetCore.HealthChecks.Azure.KeyVault.Secrets --version 8.0.1
NuGet\Install-Package AspNetCore.HealthChecks.Azure.KeyVault.Secrets -Version 8.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="AspNetCore.HealthChecks.Azure.KeyVault.Secrets" Version="8.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add AspNetCore.HealthChecks.Azure.KeyVault.Secrets --version 8.0.1
#r "nuget: AspNetCore.HealthChecks.Azure.KeyVault.Secrets, 8.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install AspNetCore.HealthChecks.Azure.KeyVault.Secrets as a Cake Addin
#addin nuget:?package=AspNetCore.HealthChecks.Azure.KeyVault.Secrets&version=8.0.1

// Install AspNetCore.HealthChecks.Azure.KeyVault.Secrets as a Cake Tool
#tool nuget:?package=AspNetCore.HealthChecks.Azure.KeyVault.Secrets&version=8.0.1

Azure KeyVault Secrets Health Check

This health check verifies the ability to communicate with Azure Key Vault Secrets. It uses the provided SecretClient to get configured secret. When the connection to the service itself can be made, but secret is not found, it returns HealthStatus.Healthy status.

Defaults

By default, the SecretClient instance is resolved from service provider. AzureKeyVaultSecretsHealthCheckOptions by default uses "AzureKeyVaultSecretsHealthCheck" secret name and does not try to create the secret when it's not found.

void Configure(IHealthChecksBuilder builder)
{
    builder.Services.AddSingleton(sp => new SecretClient(new Uri("azure-key-vault-uri"), new DefaultAzureCredential()));
    builder.AddHealthChecks().AddAzureKeyVaultSecrets();
}

Customization

You can additionally add the following parameters:

  • clientFactory: A factory method to provide SecretClient instance.
  • optionsFactory: A factory method to provide AzureKeyVaultSecretsHealthCheckOptions instance. It allows to specify the secret name and whether the secret should be created when it's not found.
  • name: The health check name. The default is azure_key_vault_secret.
  • failureStatus: The HealthStatus that should be reported when the health check fails. Default is HealthStatus.Unhealthy.
  • tags: A list of tags that can be used to filter sets of health checks.
  • timeout: A System.TimeSpan representing the timeout of the check.
void Configure(IHealthChecksBuilder builder)
{
    builder.Services.AddSingleton(sp => new SecretClient(new Uri("azure-key-vault-uri"), new DefaultAzureCredential()));
    builder.AddHealthChecks().AddAzureKeyVaultSecrets(
        optionsFactory: sp => new AzureKeyVaultSecretsHealthCheckOptions()
        {
            SecretName = "demo"
        });
}

Performance

When the secret is not found, the secret client throws RequestFailedException. The health check catches it, but it's expensive in terms of performance.

That is why it's recommended to create the secret before using the health check. It can be done by using AzureKeyVaultSecretsHealthCheckOptions.CreateWhenNotFound, but it requires secret set permissions. Such permissions should not be assigned just for the purpose of using this health check!

For more information about credentials types please see Azure TokenCredentials

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on AspNetCore.HealthChecks.Azure.KeyVault.Secrets:

Package Downloads
Aspire.Azure.Security.KeyVault The ID prefix of this package has been reserved for one of the owners of this package by NuGet.org.

A client for Azure Key Vault that integrates with Aspire, including health checks, logging and telemetry.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on AspNetCore.HealthChecks.Azure.KeyVault.Secrets:

Repository Stars
dotnet/aspire
An opinionated, cloud ready stack for building observable, production ready, distributed applications in .NET
Version Downloads Last updated
8.0.1 1,629 4/2/2024
8.0.0 6,049 12/15/2023
7.0.0-rc1.1 1,357 9/14/2023
1.0.0 99 12/15/2023
1.0.0-rc1.1.3 60 9/21/2023