| title | description | author | ms.author | ms.date | ms.service | ms.topic | ms.custom |
|---|---|---|---|---|---|---|---|
Quickstart – Azure SDK for .NET for Azure Managed Confidential Consortium Framework | Learn to use the Azure SDK for .NET for Azure Managed Confidential Consortium Framework | msftsettiy | settiy | 09/11/2023 | azure-confidential-ledger | quickstart | mode-api, devx-track-dotnet |
Azure Managed CCF (Managed CCF) is a new and highly secure service for deploying confidential applications. For more information on Managed CCF, and for examples use cases, see About Azure Managed Confidential Consortium Framework.
In this quickstart, you learn how to create a Managed CCF resource using the .NET client management library.
[!INCLUDE quickstarts-free-trial-note]
API reference documentation | Library source code | Package (NuGet)
- An Azure subscription - create one for free.
- .NET versions supported by the Azure SDK for .NET.
- OpenSSL on a computer running Windows or Linux.
In a command shell, run the following command to create a project named
managedccf-app:dotnet new console --name managedccf-appChange to the newly created managedccf-app directory, and run the following command to build the project:
dotnet buildThe build output should contain no warnings or errors.
Build succeeded. 0 Warning(s) 0 Error(s)
Install the Azure Managed CCF client library for .NET with NuGet:
dotnet add package Azure.ResourceManager.ConfidentialLedger --version 1.1.0-beta.2 For this quickstart, you also need to install the Azure SDK client library for Azure Identity:
dotnet add package Azure.Identity [!INCLUDE Create resource group]
[!INCLUDE Register the resource provider]
[!INCLUDE Create members]
The Azure SDK for .NET (azure/arm-confidentialledger) allows operations on Managed CCF resources, such as creation and deletion, listing the resources associated with a subscription, and viewing the details of a specific resource. The following piece of code creates and views the properties of a Managed CCF resource.
Add the following directives to the top of Program.cs:
usingSystem;usingSystem.Collections.Generic;usingSystem.Threading.Tasks;usingAzure;usingAzure.Core;usingAzure.Identity;usingAzure.ResourceManager;usingAzure.ResourceManager.ConfidentialLedger;usingAzure.ResourceManager.ConfidentialLedger.Models;usingAzure.ResourceManager.Resources;In this quickstart, logged in user is used to authenticate to Azure Managed CCF, which is the preferred method for local development. This example uses 'DefaultAzureCredential()' class from Azure Identity Library, which allows to use the same code across different environments with different options to provide identity.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-lineTokenCredentialcred=newDefaultAzureCredential();Create an Azure Resource Manager client and authenticate using the token credential.
// authenticate your clientArmClientclient=newArmClient(cred);// this example assumes you already have this ResourceGroupResource created on azure// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResourcestringsubscriptionId="0000000-0000-0000-0000-000000000001";stringresourceGroupName="myResourceGroup";ResourceIdentifierresourceGroupResourceId=ResourceGroupResource.CreateResourceIdentifier(subscriptionId,resourceGroupName);ResourceGroupResourceresourceGroupResource=client.GetResourceGroupResource(resourceGroupResourceId);// get the collection of this ManagedCcfResourceManagedCcfCollectioncollection=resourceGroupResource.GetManagedCcfs();// invoke the operationstringappName="confidentialbillingapp";ManagedCcfDatadata=newManagedCcfData(newAzureLocation("SouthCentralUS")){Properties=newManagedCcfProperties(){MemberIdentityCertificates={newConfidentialLedgerMemberIdentityCertificate(){Certificate="-----BEGIN CERTIFICATE-----MIIBsjCCATigA...LjYAGDSGi7NJnSkA-----END CERTIFICATE-----",Encryptionkey="",Tags=BinaryData.FromObjectAsJson(newDictionary<string,object>(){["additionalProps1"]="additional properties"}),}},DeploymentType=newConfidentialLedgerDeploymentType(){LanguageRuntime=ConfidentialLedgerLanguageRuntime.JS,AppSourceUri=newUri(""),},NodeCount=3,},Tags={["additionalProps1"]="additional properties",},};ArmOperation<ManagedCcfResource>lro=awaitcollection.CreateOrUpdateAsync(WaitUntil.Completed,appName,data);ManagedCcfResourceresult=lro.Value;// the variable result is a resource, you could call other operations on this instance as well// but just for demo, we get its data from this resource instanceManagedCcfDataresourceData=result.Data;// for demo we just print out the idConsole.WriteLine($"Succeeded on id: {resourceData.Id}");The following piece of code retrieves the Managed CCF resource and prints its properties.
// this example assumes you already have this ResourceGroupResource created on azure// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResourcestringsubscriptionId="0000000-0000-0000-0000-000000000001";stringresourceGroupName="myResourceGroup";ResourceIdentifierresourceGroupResourceId=ResourceGroupResource.CreateResourceIdentifier(subscriptionId,resourceGroupName);ResourceGroupResourceresourceGroupResource=client.GetResourceGroupResource(resourceGroupResourceId);// get the collection of this ManagedCcfResourceManagedCcfCollectioncollection=resourceGroupResource.GetManagedCcfs();// invoke the operationstringappName="confidentialbillingapp";ManagedCcfResourceresult=awaitcollection.GetAsync(appName);// the variable result is a resource, you could call other operations on this instance as well// but just for demo, we get its data from this resource instanceManagedCcfDataresourceData=result.Data;// for demo we just print out the idConsole.WriteLine($"Succeeded on id: {resourceData.Id}");The following piece of code retrieves the Managed CCF resources in a resource group.
// this example assumes you already have this ResourceGroupResource created on azure// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResourcestringsubscriptionId="0000000-0000-0000-0000-000000000001";stringresourceGroupName="myResourceGroup";ResourceIdentifierresourceGroupResourceId=ResourceGroupResource.CreateResourceIdentifier(subscriptionId,resourceGroupName);ResourceGroupResourceresourceGroupResource=client.GetResourceGroupResource(resourceGroupResourceId);// get the collection of this ManagedCcfResourceManagedCcfCollectioncollection=resourceGroupResource.GetManagedCcfs();// invoke the operation and iterate over the resultawaitforeach(ManagedCcfResourceitemincollection.GetAllAsync()){// the variable item is a resource, you could call other operations on this instance as well// but just for demo, we get its data from this resource instanceManagedCcfDataresourceData=item.Data;// for demo we just print out the idConsole.WriteLine($"Succeeded on id: {resourceData.Id}");}Console.WriteLine($"Succeeded");The following piece of code retrieves the Managed CCF resources in a subscription.
// this example assumes you already have this SubscriptionResource created on azure// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResourcestringsubscriptionId="0000000-0000-0000-0000-000000000001";ResourceIdentifiersubscriptionResourceId=SubscriptionResource.CreateResourceIdentifier(subscriptionId);SubscriptionResourcesubscriptionResource=client.GetSubscriptionResource(subscriptionResourceId);// invoke the operation and iterate over the resultawaitforeach(ManagedCcfResourceiteminsubscriptionResource.GetManagedCcfsAsync()){// the variable item is a resource, you could call other operations on this instance as well// but just for demo, we get its data from this resource instanceManagedCcfDataresourceData=item.Data;// for demo we just print out the idConsole.WriteLine($"Succeeded on id: {resourceData.Id}");}Console.WriteLine($"Succeeded");Other Managed CCF articles can build upon this quickstart. If you plan to continue on to work with subsequent quickstarts and tutorials, you might wish to leave these resources in place.
Otherwise, when you're finished with the resources created in this article, use the Azure CLI az group delete command to delete the resource group and all its contained resources.
az group delete --resource-group myResourceGroup In this quickstart, you created a Managed CCF resource by using the Azure Python SDK for Confidential Ledger. To learn more about Azure Managed CCF and how to integrate it with your applications, continue on to these articles:
