Skip to main content
Version: Next

Getting started with Arcus Security

Welcome to Arcus Security! ๐ŸŽ‰

This page is dedicated to be used as a walkthrough on how to integrate Arcus Security in new and existing projects. Arcus Security is an umbrella term for a set of Arcus.Security.* NuGet packages that makes your application development more secure.

Used terms
  • Secret store: an alternative on Microsoft's application configuration (IConfiguration) that acts as a central place in your application to retrieve secrets.
  • Secret provider: a registration on the secret store that retrieves secrets on request from an external source.

The basics of the secret storeโ€‹

While the secret store is abstracted away in a Arcus.Security.Core package, consumers of Arcus Security rarely have to deal with this package directly. Instead, there exists a set of Arcus.Security.Providers.* packages that each represent a single secret provider. Application developers can pick and choose one or more of these provider packages to get started.

Instead of directly interact with Azure Key Vault or environment variables containing secret information, Arcus Security gives you a central interface called ISecretStore where all secret retrievals goes through.

using Arcus.Security;

var builder = Host.CreateDefaultBuilder(args);
builder.ConfigureServices(services =>
{
    services.AddSecretStore(store =>
    {
        store.AddAzureKeyVault(...);
    });

    services.AddDbContext<ContosoDbContext>((serviceProvider, options) =>
    {
        var store = serviceProvider.GetRequiredService<ISecretStore>();
        var connectionString = store.GetSecret("Contoso_Sql_ConnectionString");

        options.UseAzureSql(connectionString);
    });
});

Next steps in discovering the secret storeโ€‹

There is a lot more to discover on the secret store and how it can benefit your application development process.