All Products
Search

This Product

    Key Management Service:Sample code for retrieving the secret value

    Document Center

    Key Management Service:Sample code for retrieving the secret value

    Last Updated:Feb 12, 2025

    After initializing the KMS instance SDK client, you can use it to call the GetSecretValue API for retrieving the secret value. This topic provides code examples for this.

    Complete example

    using System;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;

using Tea;
using Tea.Utils;


namespace AlibabaCloud.Dkms.Gcs.Sdk.Example
{
    public class GetSecretValueSample 
    {

        public static AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config CreateKmsInstanceConfig(string clientKeyFile, string password, string endpoint, string caFilePath)
        {
            AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config config = new AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config();
            config.ClientKeyFile = clientKeyFile;
            config.Password = password;
            config.Endpoint = endpoint;
            config.CaFilePath = caFilePath;
            return config;
        }

        public static async Task<AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config> CreateKmsInstanceConfigAsync(string clientKeyFile, string password, string endpoint, string caFilePath)
        {
            AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config config = new AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config();
            config.ClientKeyFile = clientKeyFile;
            config.Password = password;
            config.Endpoint = endpoint;
            config.CaFilePath = caFilePath;
            return config;
        }

        public static AlibabaCloud.Dkms.Gcs.Sdk.Client CreateClient(AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config kmsInstanceConfig)
        {
            return new AlibabaCloud.Dkms.Gcs.Sdk.Client(kmsInstanceConfig);
        }

        public static async Task<AlibabaCloud.Dkms.Gcs.Sdk.Client> CreateClientAsync(AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config kmsInstanceConfig)
        {
            return new AlibabaCloud.Dkms.Gcs.Sdk.Client(kmsInstanceConfig);
        }

        public static AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueResponse GetSecretValue(AlibabaCloud.Dkms.Gcs.Sdk.Client client, string secretName, string versionStage, bool? fetchExtendedConfig)
        {
            AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest request = new AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest
            {
                SecretName = secretName,
                VersionStage = versionStage,
                FetchExtendedConfig = fetchExtendedConfig,
            };
            //Ignore CA certificate authentication.
            //AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions runtime = new AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions();
            //runtime.IgnoreSSL = true;
            //return client.GetSecretValueWithOptions(request,runtime);
            return client.GetSecretValue(request);
        }

        public static async Task<AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueResponse> GetSecretValueAsync(AlibabaCloud.Dkms.Gcs.Sdk.Client client, string secretName, string versionStage, bool? fetchExtendedConfig)
        {
            AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest request = new AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest
            {
                SecretName = secretName,
                VersionStage = versionStage,
                FetchExtendedConfig = fetchExtendedConfig,
            };
            //Ignore CA certificate authentication.
            //AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions runtime = new AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions();
            //runtime.IgnoreSSL = true;
            //return await client.GetSecretValueWithOptionsAsync(request,runtime);
            return await client.GetSecretValueAsync(request);
        }

        public static void Main(string[] args)
        {
            string regionId = "REGION_ID";
            // CA certificate of the KMS instance.
            string caFilePath = "CA_FILE_PATH";
            // Set the endpoint to <KMS_INSTANCE_ID>.cryptoservice.kms.aliyuncs.com.
            string endpoint = "ENDPOINT";
            // Set the Client Key and Client Key security token.
            AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config kmsInstanceConfig = CreateKmsInstanceConfig(AlibabaCloud.DarabonbaEnv.Client.GetEnv("ClientKeyFile"), AlibabaCloud.DarabonbaEnv.Client.GetEnv("Password"), endpoint, caFilePath);
            AlibabaCloud.Dkms.Gcs.Sdk.Client client = CreateClient(kmsInstanceConfig);
            //getSecretValue.
            string secretName = "SECRET_NAME";
            string versionStage = "VERSION_STAGE";
            bool? fetchExtendedConfig = true;
            AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueResponse getSecretValueRes = GetSecretValue(client, secretName, versionStage, fetchExtendedConfig);
            string getSecretValueResJson = AlibabaCloud.TeaUtil.Common.ToJSONString(AlibabaCloud.TeaUtil.Common.ToMap(getSecretValueRes));
            AlibabaCloud.TeaConsole.Client.Log("getSecretValueRes:" + getSecretValueResJson);
        }


    }
}

    Example walkthrough

    Initialize client

    using System;

string regionId = "<REGION_ID>";

// The CA certificate of the KMS instance.
string caFilePath = "<CA_CERTIFICATE>";

// Set the endpoint to <your KMS Instance Id>.cryptoservice.kms.aliyuncs.com.
string endpoint = "<ENDPOINT>";

// Set the Client Key and the security token of the Client Key.
AlibabaCloud.Dkms.Gcs.OpenApi.Models.Config kmsInstanceConfig = CreateKmsInstanceConfig(AlibabaCloud.DarabonbaEnv.Client.GetEnv("ClientKeyFile"), AlibabaCloud.DarabonbaEnv.Client.GetEnv("Password"), endpoint, caFilePath);
AlibabaCloud.Dkms.Gcs.Sdk.Client client = CreateClient(kmsInstanceConfig);

    Call the GetSecretValue API

      public static AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueResponse GetSecretValue(AlibabaCloud.Dkms.Gcs.Sdk.Client client, string secretName, string versionStage, bool? fetchExtendedConfig)
        {
            AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest request = new AlibabaCloud.Dkms.Gcs.Sdk.Models.GetSecretValueRequest
            {
                SecretName = secretName,
                VersionStage = versionStage,
                FetchExtendedConfig = fetchExtendedConfig,
            };
            //Ignore CA certificate authentication.
            //AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions runtime = new AlibabaCloud.Dkms.Gcs.OpenApiUtil.Models.RuntimeOptions();
            //runtime.IgnoreSSL = true;
            //return client.GetSecretValueWithOptions(request,runtime);
            return client.GetSecretValue(request);
        }