azure-keyvault

问题 I have the following code which I use to acquire a secret, use secret to log into portal and download a csv table. This works ok outside a function. import pandas as pd import pandas as pd from arcgis.gis import GIS from azure.identity import DefaultAzureCredential from azure.keyvault.secrets import SecretClient credential = DefaultAzureCredential() secret_client = SecretClient(vault_url="https://xxxx-dev-vault.vault.azure.net/", credential=credential) secret = secret_client.get_secret(

问题 I have the following code which I use to acquire a secret, use secret to log into portal and download a csv table. This works ok outside a function. import pandas as pd import pandas as pd from arcgis.gis import GIS from azure.identity import DefaultAzureCredential from azure.keyvault.secrets import SecretClient credential = DefaultAzureCredential() secret_client = SecretClient(vault_url="https://xxxx-dev-vault.vault.azure.net/", credential=credential) secret = secret_client.get_secret(

问题 I have the following code which I use to acquire a secret, use secret to log into portal and download a csv table. This works ok outside a function. import pandas as pd import pandas as pd from arcgis.gis import GIS from azure.identity import DefaultAzureCredential from azure.keyvault.secrets import SecretClient credential = DefaultAzureCredential() secret_client = SecretClient(vault_url="https://xxxx-dev-vault.vault.azure.net/", credential=credential) secret = secret_client.get_secret(

问题 I am trying to create a new Azure Key Vault secret using the Azure Cli v2.9.0 (we use this version in our pipelines and upgrading would be difficult at the moment.) via the command below, az keyvault secret set --vault-name $myKeyVaultName -n $mySecretName --value "abc^def" The command is accepted and a new secret is created but it drops the caret (^) from the string and results in a secret value of abcdef instead of the intended abc^def. During my testing I have seen the below message from

问题 I am trying to create a new Azure Key Vault secret using the Azure Cli v2.9.0 (we use this version in our pipelines and upgrading would be difficult at the moment.) via the command below, az keyvault secret set --vault-name $myKeyVaultName -n $mySecretName --value "abc^def" The command is accepted and a new secret is created but it drops the caret (^) from the string and results in a secret value of abcdef instead of the intended abc^def. During my testing I have seen the below message from

问题 I wanted my blob storage account keys to be managed by Key Vault. I am trying to auto regeneration process between 'key1' and 'key2' with a gap of 1 day. I have followed instructions on Microsoft website https://docs.microsoft.com/en-us/powershell/module/az.keyvault/add-azkeyvaultmanagedstorageaccount?view=azps-2.5.0 I have run the script below and there was no errors: $servicePrincipal = Get-AzADServicePrincipal -ServicePrincipalName cfa8b339-82a2-471a-a3c9-0fc0be7a4093 New-AzRoleAssignment

问题 I wanted my blob storage account keys to be managed by Key Vault. I am trying to auto regeneration process between 'key1' and 'key2' with a gap of 1 day. I have followed instructions on Microsoft website https://docs.microsoft.com/en-us/powershell/module/az.keyvault/add-azkeyvaultmanagedstorageaccount?view=azps-2.5.0 I have run the script below and there was no errors: $servicePrincipal = Get-AzADServicePrincipal -ServicePrincipalName cfa8b339-82a2-471a-a3c9-0fc0be7a4093 New-AzRoleAssignment

问题 I wanted my blob storage account keys to be managed by Key Vault. I am trying to auto regeneration process between 'key1' and 'key2' with a gap of 1 day. I have followed instructions on Microsoft website https://docs.microsoft.com/en-us/powershell/module/az.keyvault/add-azkeyvaultmanagedstorageaccount?view=azps-2.5.0 I have run the script below and there was no errors: $servicePrincipal = Get-AzADServicePrincipal -ServicePrincipalName cfa8b339-82a2-471a-a3c9-0fc0be7a4093 New-AzRoleAssignment

问题 How can I achieve the very basic CSR Signing HSM functionality with Azure Key Vault? I had found a very long and manual process to somehow achieve it: Create a private key in Key Vault Create a CSR, digest it with SHA256 Sign the digest with the previous private key using the Sign() method Create a local x.509 cert and append the signature Upload the new signed cert to Key Vault Problem is, it is manual, long (also, quite a bit of latency) and error prone. Also I haven't found a single C#

问题 Having asked a question about Removing Secrets from Azure Function Config this Microsoft approach was recommended for managing the rotation of keys for Azure Storage Accounts and the keeping of those keys secret in Azure KeyVault Note we are accessing Tables in an Azure Storage Account and Tables unlike Blobs and Queues do not support Managed Identity access controls. The recommendation comes with some Azure Deplyment templates that would not run for me so I decided to create the resources