diff --git a/application/CohortManager/src/Functions/CaasIntegration/RetrieveMeshFile/Program.cs b/application/CohortManager/src/Functions/CaasIntegration/RetrieveMeshFile/Program.cs index b708c4637..7e768799f 100644 --- a/application/CohortManager/src/Functions/CaasIntegration/RetrieveMeshFile/Program.cs +++ b/application/CohortManager/src/Functions/CaasIntegration/RetrieveMeshFile/Program.cs @@ -29,12 +29,12 @@ { // Get CohortManager private key logger.LogInformation("Pulling Mesh Certificate from KeyVault"); - var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential()); + var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new ManagedIdentityCredential ()); var certificate = await certClient.DownloadCertificateAsync(config.MeshKeyName); cohortManagerPrivateKey = certificate.Value; // Get MESH public certificates (CA chain) - var secretClient = new SecretClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential()); + var secretClient = new SecretClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new ManagedIdentityCredential ()); string base64Cert = (await secretClient.GetSecretAsync(config.MeshCertName)).Value.Value; meshCerts = CertificateHelper.GetCertificatesFromString(base64Cert); } @@ -82,4 +82,3 @@ logger.LogCritical(ex, "Failed to start up Function"); } - diff --git a/application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/Program.cs b/application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/Program.cs index 396764773..30ba26dc2 100644 --- a/application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/Program.cs +++ b/application/CohortManager/src/Functions/NemsSubscriptionService/NemsMeshRetrieval/Program.cs @@ -29,12 +29,12 @@ { // Get CohortManager private key logger.LogInformation("Pulling Mesh Certificate from KeyVault"); - var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential()); + var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new ManagedIdentityCredential ()); var certificate = await certClient.DownloadCertificateAsync(config.NemsMeshKeyName); cohortManagerPrivateKey = certificate.Value; // Get MESH public certificates (CA chain) - var secretClient = new SecretClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential()); + var secretClient = new SecretClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new ManagedIdentityCredential ()); string base64Cert = (await secretClient.GetSecretAsync(config.NemsMeshCertName)).Value.Value; meshCerts = CertificateHelper.GetCertificatesFromString(base64Cert); } diff --git a/application/CohortManager/src/Functions/Shared/Common/Extensions/AzureQueueExtension.cs b/application/CohortManager/src/Functions/Shared/Common/Extensions/AzureQueueExtension.cs index de343f748..635a782c6 100644 --- a/application/CohortManager/src/Functions/Shared/Common/Extensions/AzureQueueExtension.cs +++ b/application/CohortManager/src/Functions/Shared/Common/Extensions/AzureQueueExtension.cs @@ -27,7 +27,7 @@ public static IHostBuilder AddServiceBusClient(this IHostBuilder hostBuilder, st else { builder.AddServiceBusClientWithNamespace(serviceBusConnectionString) - .WithCredential(new DefaultAzureCredential()); + .WithCredential(new ManagedIdentityCredential ()); } }); _.AddSingleton(); @@ -68,7 +68,7 @@ public static IHostBuilder AddKeyedAzureQueues(this IHostBuilder hostBuilder, bo else { builder.AddServiceBusClientWithNamespace(serviceBusConnectionString) - .WithCredential(new DefaultAzureCredential()); + .WithCredential(new ManagedIdentityCredential ()); } }); _.AddKeyedSingleton(keyName); diff --git a/application/CohortManager/src/Functions/Shared/Common/Extensions/ConfigurationExtension.cs b/application/CohortManager/src/Functions/Shared/Common/Extensions/ConfigurationExtension.cs index c2bfa6776..508681a02 100644 --- a/application/CohortManager/src/Functions/Shared/Common/Extensions/ConfigurationExtension.cs +++ b/application/CohortManager/src/Functions/Shared/Common/Extensions/ConfigurationExtension.cs @@ -41,7 +41,7 @@ private static IConfiguration CreateConfiguration(string? keyVaultUrl = null, Li if(keyVaultUrl != null){ try { - configBuilder.AddAzureKeyVault(new Uri(keyVaultUrl), new DefaultAzureCredential(), new AzureKeyVaultConfigurationOptions()); + configBuilder.AddAzureKeyVault(new Uri(keyVaultUrl), new ManagedIdentityCredential (), new AzureKeyVaultConfigurationOptions()); } catch (Exception ex) { diff --git a/application/CohortManager/src/Functions/Shared/Common/Extensions/JwtTokenExtension.cs b/application/CohortManager/src/Functions/Shared/Common/Extensions/JwtTokenExtension.cs index 4019662f3..48ec9c6fb 100644 --- a/application/CohortManager/src/Functions/Shared/Common/Extensions/JwtTokenExtension.cs +++ b/application/CohortManager/src/Functions/Shared/Common/Extensions/JwtTokenExtension.cs @@ -28,11 +28,11 @@ public static IHostBuilder AddJwtTokenSigning(this IHostBuilder hostBuilder, boo JwtPrivateKey jwtPrivateKey; try { - // Azure + // Azure hostBuilder.AddConfiguration(out JwtTokenServiceConfig config); if (!string.IsNullOrEmpty(config.KeyVaultConnectionString)) { - var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new DefaultAzureCredential()); + var certClient = new CertificateClient(vaultUri: new Uri(config.KeyVaultConnectionString), credential: new ManagedIdentityCredential ()); Response certResponse = certClient.DownloadCertificate(config.KeyNamePrivateKey); logger.LogInformation("got certificate from key vault");