azure-keyvault

问题 Hi I am writing a nodejs code in Azure functions to capture the username saved in Azure key vault. Here is the code I have written module.exports = async function (context, req) { var msRestAzure = require('ms-rest-azure'); var KeyVault = require('azure-keyvault'); function getKeyVaultCredentials() { return msRestAzure.loginWithAppServiceMSI({ resource: 'https://vault.azure.net/' }); } function getKeyVaultSecret(credentials) { let keyVaultClient = new KeyVault.KeyVaultClient(credentials);

问题 I am unable to output the secret URI from my secret resource in my ARM template. Any ideas on how to do that? 回答1: If you mean you want to have it from the KeyVault, try this: "outputs":{ "mySecretUri": { "type": "string", "value": "[reference(resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), parameters('mySecretName'))).secretUri]" } } 回答2: In my case the secret is a generated value which changes with every ARM deployment. This requires the specification of the

问题 I am unable to output the secret URI from my secret resource in my ARM template. Any ideas on how to do that? 回答1: If you mean you want to have it from the KeyVault, try this: "outputs":{ "mySecretUri": { "type": "string", "value": "[reference(resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), parameters('mySecretName'))).secretUri]" } } 回答2: In my case the secret is a generated value which changes with every ARM deployment. This requires the specification of the

问题 I am unable to output the secret URI from my secret resource in my ARM template. Any ideas on how to do that? 回答1: If you mean you want to have it from the KeyVault, try this: "outputs":{ "mySecretUri": { "type": "string", "value": "[reference(resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), parameters('mySecretName'))).secretUri]" } } 回答2: In my case the secret is a generated value which changes with every ARM deployment. This requires the specification of the

问题 I have created an Azure Function app in Nodejs version 12. My hosting environment is windows. What is the easiest way to capture the username and password which are saved in Azure key vault inside my function. Also I am using Inline code Editor so how should be capture the credentials in code. Thanks 回答1: The node SDK used in above answer is going to be deprecated and won't have new feature and releases. Instead, the new versions are released here: https://www.npmjs.com/package/@azure

问题 I cannot add Microsoft.Azure.Cdn service principal to Key Vault access policies. I have run the following command in PowerShell. New-AzureRmADServicePrincipal -ApplicationId "xxxxxx-xxxx-xxxx-xxxx-xxxxxxx" I got the following result. Secret: System.Security.SecureString ServicePrincipalNames : {xxxxxx-xxxx-xxxx-xxxx-xxxxxxx, https://microsoft.onmicrosoft.com/yyyyyyy-yyyy-yyyy-yyyy-yyyyyyyy} ApplicationId: xxxxxx-xxxx-xxxx-xxxx-xxxxxxx DisplayName: Microsoft.Azure.Cdn Id: zzzzzzzz-zzzz-zzzz

问题 I cannot add Microsoft.Azure.Cdn service principal to Key Vault access policies. I have run the following command in PowerShell. New-AzureRmADServicePrincipal -ApplicationId "xxxxxx-xxxx-xxxx-xxxx-xxxxxxx" I got the following result. Secret: System.Security.SecureString ServicePrincipalNames : {xxxxxx-xxxx-xxxx-xxxx-xxxxxxx, https://microsoft.onmicrosoft.com/yyyyyyy-yyyy-yyyy-yyyy-yyyyyyyy} ApplicationId: xxxxxx-xxxx-xxxx-xxxx-xxxxxxx DisplayName: Microsoft.Azure.Cdn Id: zzzzzzzz-zzzz-zzzz

问题 I cannot add Microsoft.Azure.Cdn service principal to Key Vault access policies. I have run the following command in PowerShell. New-AzureRmADServicePrincipal -ApplicationId "xxxxxx-xxxx-xxxx-xxxx-xxxxxxx" I got the following result. Secret: System.Security.SecureString ServicePrincipalNames : {xxxxxx-xxxx-xxxx-xxxx-xxxxxxx, https://microsoft.onmicrosoft.com/yyyyyyy-yyyy-yyyy-yyyy-yyyyyyyy} ApplicationId: xxxxxx-xxxx-xxxx-xxxx-xxxxxxx DisplayName: Microsoft.Azure.Cdn Id: zzzzzzzz-zzzz-zzzz

问题 I asked previously how to do variable substitution with Azure KeyVault here, and was able to get it mostly working save one last issue. For some unknown reason, the substitution occurs perfectly but it adds one extra single quote at the end. Since these are connection strings in the web.config, that extra single quote breaks it. I have no idea what is adding that extra single quote. I did quadruple check KeyVault to ensure its not there as a typo. I have tried doing XML variable substitution

问题 I have a requirement where I need to store my secret name as fname_lname. But when I tried with underscore I got following error. For time being to bypass the error I wrote a utility to convert from underscore to hyphen and vice versa. Is there any reason why there is no support for basic special character like underscore? az keyvault secret set --vault-name 'my-kv' -n 'fname_lname' -v 'myvalue' parameter 'secret_name' must conform to the following pattern: '^[0-9a-zA-Z-]+$'. 回答1: It seems