Skip to content

Databricks Secret Scope

AzureKeyVaultSecrets

Bases: SecretsInterface

Reads secrets from Azure Key Vault. For more information about Azure Key Vaults, see here.

Parameters:

Name Type Description Default
vault str

Azure Key Vault URL

 required
key str

Key for the secret

 required
secret str

Secret or Password to be set in the Azure Key Vault

 None
credential str

Credential for authenticating with Azure Key Vault

 None
kwargs dict

List of additional parameters to be passed when creating a Azure Key Vault Client. Please see here for more details on parameters that can be provided to the client

 None
Source code in src/sdk/python/rtdip_sdk/pipelines/secrets/azure_key_vault.py 
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
class AzureKeyVaultSecrets(SecretsInterface):
    """
    Reads secrets from Azure Key Vault. For more information about Azure Key Vaults, see [here.](https://learn.microsoft.com/en-gb/azure/key-vault/general/overview)

    Args:
        vault (str): Azure Key Vault URL
        key (str): Key for the secret
        secret (str): Secret or Password to be set in the Azure Key Vault
        credential (str): Credential for authenticating with Azure Key Vault
        kwargs (dict): List of additional parameters to be passed when creating a Azure Key Vault Client. Please see [here](https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/keyvault/azure-keyvault-secrets) for more details on parameters that can be provided to the client
    """

    vault: str
    key: str
    secret: str
    credential: str
    kwargs: dict

    def __init__(
        self,
        vault: str,
        key: str,
        secret: str = None,
        credential=None,
        kwargs: dict = None,
    ):
        self.vault = vault
        self.key = key
        self.secret = secret
        self.credential = credential
        self.kwargs = {} if kwargs is None else kwargs
        self.client = self._get_akv_client()

    @staticmethod
    def system_type():
        """
        Attributes:
            SystemType (Environment): Requires PYTHON
        """
        return SystemType.PYTHON

    @staticmethod
    def libraries():
        libraries = Libraries()
        libraries.add_pypi_library(get_default_package("azure_key_vault_secret"))
        return libraries

    @staticmethod
    def settings() -> dict:
        return {}

    def _get_akv_client(self):
        return SecretClient(
            vault_url="https://{}.vault.azure.net".format(self.vault),
            credential=self.credential,
            **self.kwargs
        )

    def get(self):
        """
        Retrieves the secret from the Azure Key Vault
        """
        response = self.client.get_secret(name=self.key)
        return response.value

    def set(self):
        """
        Creates or updates a secret in the Azure Key Vault
        """
        self.client.set_secret(name=self.key, value=self.secret)
        return True

get()

Retrieves the secret from the Azure Key Vault

Source code in src/sdk/python/rtdip_sdk/pipelines/secrets/azure_key_vault.py 
79
80
81
82
83
84
def get(self):
    """
    Retrieves the secret from the Azure Key Vault
    """
    response = self.client.get_secret(name=self.key)
    return response.value

set()

Creates or updates a secret in the Azure Key Vault

Source code in src/sdk/python/rtdip_sdk/pipelines/secrets/azure_key_vault.py 
86
87
88
89
90
91
def set(self):
    """
    Creates or updates a secret in the Azure Key Vault
    """
    self.client.set_secret(name=self.key, value=self.secret)
    return True

system_type() staticmethod

Attributes:

Name Type Description
SystemType Environment

Requires PYTHON
Source code in src/sdk/python/rtdip_sdk/pipelines/secrets/azure_key_vault.py 
54
55
56
57
58
59
60
@staticmethod
def system_type():
    """
    Attributes:
        SystemType (Environment): Requires PYTHON
    """
    return SystemType.PYTHON