AppConfiguration-JavaScriptProvider/src/keyvault/keyVaultOptions.ts at c8c1078f0527de07cff985f8d0fd41b4cf6fb389 · Azure/AppConfiguration-JavaScriptProvider · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.

import { TokenCredential } from "@azure/identity";
import { SecretClient, SecretClientOptions } from "@azure/keyvault-secrets";

export const MIN_SECRET_REFRESH_INTERVAL_IN_MS = 60_000;

/**
 * Options used to resolve Key Vault references.
 */
export interface KeyVaultOptions {
    /**
     * Specifies the Key Vault secret client used for resolving Key Vault references.
     */
    secretClients?: SecretClient[];

    /**
     * Specifies the credentials used to authenticate to key vaults that have no applied SecretClient.
     */
    credential?: TokenCredential;

    /**
     * * Configures the client options used when connecting to key vaults that have no registered SecretClient.
     *
     * @remarks
     * The client options will not affect the registered SecretClient instances.
     */
    clientOptions?: SecretClientOptions;

    /**
     * Specifies the callback used to resolve key vault references that have no applied SecretClient.
     * @param keyVaultReference The Key Vault reference to resolve.
     * @returns The secret value.
     */
    secretResolver?: (keyVaultReference: URL) => string | Promise<string>;

    /**
     * Specifies whether to resolve the secret value in parallel.
     *
     * @remarks
     * If not specified, the default value is false.
     */
    parallelSecretResolutionEnabled?: boolean;

    /**
     * Specifies the refresh interval in milliseconds for periodically reloading all secrets from Key Vault.
     *
     * @remarks
     * If specified, the value must be greater than 60 seconds.
     */
    secretRefreshIntervalInMs?: number;
}