How to get Azure Key Vault to work with .Net Framework 4.7.2 Web App (non-MVC) with web.config in VS 2019 or VS 2022?
I've scoured the internet and have seen this issue many times with most of the result leading to skipping AzureKeyVault at the local dev, requiring manual secret storage/setup.
This used to work on one of our older sites running .Net Framework 4.7.2, but lately it hasn't worked. We haven't tried to diagnose it too much until now that we need to implement Azure Key Vault into another .Net Framework 4.7.2 site.
I've followed many tutorials and version of doing this. I'll link this article from MS Add Key Vault to your web application by using Visual Studio Connected Services.
Here's what I've done:
- Followed the tutorial; current web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="configBuilders" type="System.Configuration.ConfigurationBuildersSection, System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" restartOnExternalChanges="false" requirePermission="false" />
</configSections>
<configBuilders>
<builders>
<add name="AzureKeyVault" vaultName="TestVault" type="Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder, Microsoft.Configuration.ConfigurationBuilders.Azure, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</builders>
</configBuilders>
<connectionStrings configSource="ConnectionStrings.config" />
<appSettings configBuilders="AzureKeyVault">
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<!-- Site Settings -->
<add key="TestSecret" value="" />
</appSettings>
...
</configuration>
- I've update all packages to latest:
- Azure.Core 1.28.2
- Azure.Identity 1.8.2
- Azure.Security.KeyVault.Keys 4.4.0
- Azure.Security.KeyVault.Secrets 4.4.0
- Created an Azure Key Vault
- Gave my personal account full access to the Key Vault (same access as before when it worked), which is the same account I use to log into Visual Studios 2019 and 2022.
In the end, I always end up with this error:
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: The configBuilder 'AzureKeyVault' failed while processing the configuration section 'appSettings'.: Error in Configuration Builder 'AzureKeyVault'::GetValue(webpages:Version)
Source Error:
An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Source File: E:\source\repos\local.webadmin.barry.edu\webadmin\web.config Line: 27
Click here to show additional error information:
Exception Details: Azure.Identity.AuthenticationFailedException: Azure CLI authentication failed due to an unknown error. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/azclicredential/troubleshoot Traceback (most recent call last): File "runpy.py", line 196, in _run_module_as_main File "runpy.py", line 86, in _run_code File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/main.py", line 39, in File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/init.py", line 895, in get_default_cli File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/azlogging.py", line 30, in File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 25, in File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/extension/init.py", line 18, in File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/config.py", line 40, in init File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/util.py", line 115, in ensure_dir File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/util.py", line 112, in ensure_dir File "os.py", line 225, in makedirs PermissionError: [WinError 5] Access is denied: 'C:\WINDOWS\system32\config\systemprofile\.azure'
