This is a sample console application written in .NET 5.0 that uses Microsoft Data Encryption packages to encrypt and decrypt columns within data files.
Be sure your environment meets the following conditions:
- You have completed the deployment and configuration steps for Azure Key Vault and a Service Principal within your Azure Environment
- .NET 5.0 SDK installed
- Visual Studio Code with the Azure Functions extension configured
For additional security when running in Azure, the code for this sample application is designed to run under the context of a system-assigned Managed Identity. To replicate the use of a Managed Identity for local development and debugging, an environment variable must be set using the applicaitonId and secret of a regular service principal. In Windows 10, this is done via the following command:
set AzureServicesAuthConnectionString=RunAs=App;AppId={appId};TenantId={tenant};AppKey={password}For MacOS users, update your .zshrc file as following:
export AzureServicesAuthConnectionString="RunAs=App;AppId={appId};TenantId={tenant};AppKey={password}"In either case, replace the value of {appId}, {tenant}, and {password} with the output from the Service Principal creation steps documented earlier.
Place a copy of the YAML configuraiton file you defined previously in the project root directory and ensure it is named TestConfig.yaml. This will ensure the configuration is included as part of the applicaiton build output.
Use the Visual Studio debugger to as shown here to build and launch the sample application:
By default, you will see the output file named TestData_output.csv placed at the project root directory. Open the file and you should see encrypted values for the columns you configured.
