private async Task <string> GetKeyVaultValue(ConfigurationSetting setting) { // The key vault reference will be in the form of a Uri wrapped in JSON, like so: // {"uri":"https://vaultName.vault.azure.net/secrets/secretName"} // Content validation - will throw JsonReaderException on failure KeyVaultSecretReference secretRef = JsonConvert.DeserializeObject <KeyVaultSecretReference>(setting.Value, KeyVaultSecretReference.s_SerializationSettings); // Uri validation - will throw UriFormatException upon failure Uri secretUri = new Uri(secretRef.Uri); Uri vaultUri = new Uri(secretUri.GetLeftPart(UriPartial.Authority)); // TODO: Check to see if SecretClient can take the full uri instead of requiring us to parse out the secretID. SecretClient kvClient = GetSecretClient(vaultUri); if (kvClient == null && !Optional) { throw new ConfigurationErrorsException("Could not connect to Azure Key Vault while retrieving secret. Connection is not optional."); } // Retrieve Value KeyVaultSecret kvSecret = await kvClient.GetSecretAsync(secretUri.Segments[2].TrimEnd(new char[] { '/' })); // ['/', 'secrets/', '{secretID}/'] if (kvSecret != null && kvSecret.Properties.Enabled.GetValueOrDefault()) { return(kvSecret.Value); } return(null); }
///GENMHASH:AB0BF9D0BEA18CD334AAF69A466D74DB:244EAB58A02E8C0EA8858C0AA028A77B public BatchAIJobImpl WithEnvironmentVariableSecretValue(string name, string keyVaultId, string secretUrl) { KeyVaultSecretReference secretReference = new KeyVaultSecretReference(new Models.ResourceId(keyVaultId), secretUrl); EnsureEnvironmentVariablesWithSecrets().Add(new EnvironmentVariableWithSecretValue(name, valueSecretReference: secretReference)); return(this); }
internal DiskEncryptionSettings(KeyVaultSecretReference diskEncryptionKey, KeyVaultKeyReference keyEncryptionKey, bool?enabled) { DiskEncryptionKey = diskEncryptionKey; KeyEncryptionKey = keyEncryptionKey; Enabled = enabled; }
AzureFileShare.Definition.IWithAttach <BatchAICluster.Definition.IWithCreate> AzureFileShare.Definition.IWithAzureStorageCredentials <BatchAICluster.Definition.IWithCreate> .WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference) { return(this.WithKeyVaultSecretReference(keyVaultSecretReference) as AzureFileShare.Definition.IWithAttach <BatchAICluster.Definition.IWithCreate>); }
AzureBlobFileSystem.Definition.IWithAttach <ParentT> AzureBlobFileSystem.Definition.IWithAzureStorageCredentials <ParentT> .WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference) { return(this.WithKeyVaultSecretReference(keyVaultSecretReference)); }
public AzureFileShareImpl <ParentT> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference) { EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference; return(this); }
AzureBlobFileSystemImpl <ParentT> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference) { EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference; return(this); }
public IWithAttach <BatchAICluster.Definition.IWithCreate> WithKeyVaultSecretReference(KeyVaultSecretReference keyVaultSecretReference) { EnsureCredentials().AccountKeySecretReference = keyVaultSecretReference; return(this); }