Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ReadOnly DataProtection keys /8 #32549

Closed
wants to merge 13 commits into from
3 changes: 3 additions & 0 deletions aspnetcore/security/data-protection/includes/introduction7.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
:::moniker range="< aspnetcore-8.0"

> [!WARNING]
Rick-Anderson marked this conversation as resolved.
Show resolved Hide resolved
> Data configuration keys in this version of .NET can ***NOT*** maintain data consistency in web farms and [Azure Container Apps](/azure/container-apps/overview). See the the [.NET 8 version or later of this document](/aspnet/core/security/data-protection/introduction?view=aspnetcore-800.0&preserve-view=true) for information on how to maintain data consistency in web farms and Azure Container Apps.

ASP.NET Core provides a cryptographic API to protect data, including key management and rotation.

Web apps often need to store sensitive data. The Windows data protection API ([DPAPI](/dotnet/standard/security/how-to-use-data-protection)) isn't intended for use in web apps.
Expand Down
17 changes: 14 additions & 3 deletions aspnetcore/security/data-protection/introduction.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,18 @@ Web apps often need to store sensitive data. The Windows data protection API ([D

The ASP.NET Core data protection stack was designed to:

* Provide a built in solution for most Web scenarios.
* Address many of the deficiencies of the previous encryption system.
* Serve as the replacement for the `<machineKey>` element in ASP.NET 1.x - 4.x.
* Provide a built in solution for most Web scenarios, including web farms and Azure Container Apps.
* Address many of the deficiencies of the previous encryption system.

## Key consistency in web farms and Azure Container Apps

If the developer has not configured data protection in ASP.NET Core, the environment variable `autoConfigureDataProtection` is set to `true`. When `autoConfigureDataProtection` is set to `true`, the data protection keys are read only. Setting the data configuration keys to read only is designed to maintain data consistency in web farms and [Azure Container Apps](/azure/container-apps/overview).
Rick-Anderson marked this conversation as resolved.
Show resolved Hide resolved

The `ReadOnlyDataProtectionKeyDirectory`, `DOTNET_ReadOnlyDataProtectionKeyDirectory` and `DataProtectionKeyDirectory` configuration values:
Rick-Anderson marked this conversation as resolved.
Show resolved Hide resolved

* Can be set to specify the key path.
* Have descending order of precedence. `ReadOnlyDataProtectionKeyDirectory` is the highest precedence and `DataProtectionKeyDirectory` is the lowest precedence.
* Are set to a read-only path to prevent key rotation.
Rick-Anderson marked this conversation as resolved.
Show resolved Hide resolved

## Problem statement

Expand Down Expand Up @@ -103,6 +112,8 @@ The data protection stack consists of five packages:

## Additional resources

* [An introduction to the Data Protection system by Andrew Lock](https://andrewlock.net/an-introduction-to-the-data-protection-system-in-asp-net-core/)
amcasey marked this conversation as resolved.
Show resolved Hide resolved
* Data protection serves as the replacement for the `<machineKey>` element in ASP.NET 1.x - 4.x.
* <xref:security/data-protection/using-data-protection>
* <xref:host-and-deploy/web-farm>

Expand Down
Loading