.NET 不在 Azure 上托管时,生产服务器上的核心机密
[英].NET Core secrets on a production server when not hosting on Azure
问题描述
I've been trying to understand how .NET Core handles sensitive information and I'm struggling to work out how to deploy on a production environment that isn't being hosted on Azure.
我一直在尝试了解 .NET Core 如何处理敏感信息,并且我正在努力研究如何在未托管在 Azure 上的生产环境中进行部署。
From what I understand I can use "secret storage" on my local development environment to store sensitive information, but this only works on the development environment.据我了解,我可以在本地开发环境中使用“秘密存储”来存储敏感信息,但这仅适用于开发环境。
If I want to access secret variables on the production environment it seems that Azure Key Vault is the recommended approach?如果我想在生产环境中访问秘密变量,Azure Key Vault 似乎是推荐的方法? However from what I'm reading I can't access these secrets unless I'm hosting on Azure too.但是,从我正在阅读的内容来看,除非我也在 Azure 上托管,否则我无法访问这些秘密。
In my situation we already have our hosting set up with a 3rd party hosting company, so I'm wondering if it's possible to somehow still use Azure's Key Vault when not hosting on Azure.在我的情况下,我们已经与第 3 方托管公司建立了托管,所以我想知道当不在 Azure 上托管时,是否有可能以某种方式仍然使用 Azure 的 Key Vault。 Failing that, what are the alternatives?做不到这一点,有什么替代方案?
Thanks谢谢
1 个解决方案
解决方案1
2 已采纳 2021-05-25 19:59:04
In my situation we already have our hosting set up with a 3rd party hosting company, so I'm wondering if it's possible to somehow still use Azure's Key Vault when not hosting on Azure.
You can still use fully On Premise alternative to securely host your secrets without putting them into the settings file.您仍然可以完全使用 On Premise 替代方案来安全地托管您的秘密,而无需将它们放入设置文件中。
What you need to know first is how settings are loading into ASP.Net Core applications.您首先需要了解的是如何将设置加载到 ASP.Net Core 应用程序中。 At the time of writing this answer this is the order that is used to load the configurations when you call CreateDefaultBuilder on the Program.cs file:在编写此答案时,这是在Program.cs文件上调用CreateDefaultBuilder时用于加载配置的顺序:
CreateDefaultBuilderprovides default configuration for the app in the following order:CreateDefaultBuilder按以下顺序为应用程序提供默认配置:
ChainedConfigurationProvider: Adds an existingIConfigurationas a source.ChainedConfigurationProvider:将现有的IConfiguration添加为源。 In the default configuration case, adds the host configuration and setting it as the first source for the app configuration.
appsettings.jsonusing the JSON configuration provider.appsettings.json使用 JSON 配置提供程序。
appsettings.Environment.jsonusing the JSON configuration provider.appsettings.Environment.json使用 JSON 配置提供程序。 For example,appsettings.Production.jsonand appsettings.Development.json.appsettings.Production.json和 appsettings.Development.json。App secrets when the app runs in the Development environment.
Environment variables using the Environment Variables configuration provider.
Command-line arguments using the Command-line configuration provider.
In your case, the step you need to look at is the step n°5.在您的情况下,您需要查看的步骤是第 5 步。 In Windows, environment variables are configured in two ways:在Windows中,环境变量的配置方式有两种:
- globally : machines environment variables.全局:机器环境变量。 So it means all users can see environment variables所以这意味着所有用户都可以看到环境变量
- per user : users only see environment variables belong to them.每个用户:用户只能看到属于他们的环境变量。 A user can't see other environment variables until he/she connected as that user using her/his login and password.用户在使用她/他的登录名和密码以该用户身份连接之前,无法看到其他环境变量。
So in your case you need to follow these steps:因此,在您的情况下,您需要执行以下步骤:
1. Create a specific user account 1.创建一个特定的用户帐户
You'll need to create a specific user account for running your application.您需要创建一个特定的用户帐户来运行您的应用程序。
It can be only a local user account.它只能是本地用户帐户。
2. Create environment variables for that user account 2. 为该用户帐户创建环境变量
Connect to the server with that newly created user account, set the environment variables and make sure it will remain in the scope of that user (it is the purpose of the thrid parameter in the PowerShell Command below).使用新创建的用户帐户连接到服务器,设置环境变量并确保它将保留在该用户的 scope 中(这是下面 PowerShell 命令中的第三个参数的目的)。 For example to set the connection string you'll run something like below:例如,要设置连接字符串,您将运行如下内容:
[Environment]::SetEnvironmentVariable("ConnectionStrings:MySuperDatabse", "my super database connection string", "User")
3. Configure the process that run your ASP.Net Core application 3. 配置运行 ASP.Net Core 应用程序的进程
You need to configure the IIS Application Pool to use that new account to run the application.您需要配置 IIS 应用程序池以使用该新帐户来运行应用程序。 So you need to go to the Advanced Settings of the application pool dedicated to your application and set the new account like below:因此,您需要 go 到专用于您的应用程序的应用程序池的高级设置,并设置新帐户,如下所示:
4. Configure the process to load the user profile 4.配置加载用户配置文件的流程
One last thinks is to configure again the IIS Application Pool to load the User Profile .最后一个想法是再次配置 IIS 应用程序池以加载用户配置文件。 In some IIS configuration it is set to false by default.在某些 IIS 配置中,默认设置为false 。 You need to set it to true so when loading the user profiles, the environment variables for that specific user will also be loaded.您需要将其设置为true ,以便在加载用户配置文件时,还将加载该特定用户的环境变量。 That can be configured in Advanced Settings of the application pool dedicated to your ASP.Net Core application like below:可以在专用于 ASP.Net Core 应用程序的应用程序池的高级设置中进行配置,如下所示:
And it is done.它已经完成了。 You'll be able to access to the secrets for the user account running your ASP.Net Core Application without modifying anything into your code base but only configurations on environment varaibles scoped to that user and configurations done on IIS, Beside the user account creation.您将能够访问运行 ASP.Net Core 应用程序的用户帐户的机密,而无需修改代码库中的任何内容,但只能在该用户范围内的环境变量上的配置以及在 IIS 上完成的配置,除了用户帐户创建。 all the remaining steps can be automated into your CD Pipelines without any difficulties.所有剩余的步骤都可以毫无困难地自动集成到您的 CD 管道中。
Because the secrets are set to the environment variables of the created account, make sure that not many people are aware about its password (threat that account as an admin account).由于机密设置为创建帐户的环境变量,因此请确保没有多少人知道其密码(威胁该帐户为管理员帐户)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.