This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import adal, uuid, time | |
from msrestazure.azure_active_directory import AADTokenCredentials | |
from azure.keyvault import KeyVaultClient | |
from msrestazure.azure_cloud import AZURE_PUBLIC_CLOUD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
secret_name = 'ExamplePassword' | |
vault_uri = '<replace this text and brackets>' | |
tenant_id='<replace this text and brackets>' | |
cloud=AZURE_PUBLIC_CLOUD | |
authority_host_uri = cloud.endpoints.active_directory + \ | |
'/' + tenant_id | |
keyvault_resource_uri = 'https://vault.azure.net' | |
client_id = '04b07795-8ddb-461a-bbee-02f9e1bf7b46' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
context = adal.AuthenticationContext(authority_host_uri, api_version=None) | |
code = context.acquire_user_code(keyvault_resource_uri, client_id) | |
print(code['message']) | |
kv_token = context.acquire_token_with_device_code(keyvault_resource_uri, code, client_id) | |
kv_credential = AADTokenCredentials(kv_token, client_id) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
keyvault_client = KeyVaultClient(kv_credential) | |
supersecret = keyvault_client.get_secret(vault_uri, secret_name, '') | |
print("The secret value is: "+ supersecret.value) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
!pip install azure-identity --no-cache-dir --upgrade | |
!pip install azure-keyvault-secrets --no-cache-dir --upgrade |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
secret_name = 'ExamplePassword' | |
vault_uri = '<replace this text and brackets>' | |
tenant_id='<replace this text and brackets>' | |
authority_host_uri = 'login.microsoftonline.com' | |
keyvault_resource_uri = 'https://vault.azure.net' | |
client_id = '04b07795-8ddb-461a-bbee-02f9e1bf7b46' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
credential = DeviceCodeCredential(client_id, authority=authority_host_uri, tenant=tenant_id) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
secret_client = SecretClient(vault_uri, credential) | |
supersecret = secret_client.get_secret(secret_name) | |
print("The secret value is: "+ supersecret.value) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
az group create --name "ContosoResourceGroup" --location eastus |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#we create a randomized name, the name of the keyvault has to be unique within the current cloud | |
#it will be publicly available using this name. | |
keyvaultName="keyvault-$(cat /proc/sys/kernel/random/uuid | cut -c-7)" | |
keyvaultURI=$(az keyvault create --name $keyvaultName --resource-group "ContosoResourceGroup" --location eastus --query "properties.vaultUri" --output tsv) | |
az keyvault secret set --vault-name $keyvaultName --name "ExamplePassword" --value "sampleSecretValueIn_plaintext" | |
tenantID=$(az account show --output tsv --query tenantId) |