2

Need a way to connect to Azure Keyvaluat Secret programatically using Python. Found existing doc from Azure which is pointing to usage of DefaultAzureCredential from azure.identity. Which explicitly seeks the enivironment to set up to have values link to git hub

enter image description here

enter image description here

Wanted those to be injected manually, instead setting them as Env Variable

Murugaraju Perumalla
  • 439
  • 2
  • 9

1 Answers1

1

One can use the below class from azure.identity i.e ClientSecretCredential, find the below code ex: snippet

from azure.identity import ClientSecretCredential
from azure.keyvault.secrets import SecretClient

TENANT= <TenantId-in-string>
CLIENT_ID = <ClientId-in-string>
CLIENT_SECRET= <ClientSecret-in-string>
credential = ClientSecretCredential(TENANT,CLIENT_ID,CLIENT_SECRET)
VAULT_URL= <AzureVault-url-in-string>
client = SecretClient(vault_url=VAULT_URL, credential=credential)

print(client)
example_secret = client.get_secret(<secret_name_in_string>)
print(example_secret.value)
Murugaraju Perumalla
  • 439
  • 2
  • 9
  • 1
    That's correct; you can use any credential from the [azure-identity](https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/identity/azure-identity) package to authenticate a Key Vault client. You can use the ClientSecretCredential here, but to avoid having secrets in your code it might be preferable to use environment variables or [Managed Identity](https://learn.microsoft.com/python/api/azure-identity/azure.identity.managedidentitycredential?view=azure-python). – mccoyp Nov 08 '21 at 19:58
  • Thanks, but I had requirement where, needed these values entered manually instead usage of DefaultAzureCredential. Thought help out others, if the similar requirement comes – Murugaraju Perumalla Nov 09 '21 at 14:53