sadukie · October 17, 2022 14:47
diff --git a/0-getPasswordsDefaultAzureCredential.py b/0-getPasswordsDefaultAzureCredential.py
 import os
 from azure.keyvault.secrets import SecretClient
 from azure.identity import DefaultAzureCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]
 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 # Breaking changes in 1.11.0
 credential = DefaultAzureCredential(additionally_allowed_tenants=[tenantId])
 client = SecretClient(vault_url=KVUri, credential=credential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/1-getPasswordsInteractiveBrowser.py b/1-getPasswordsInteractiveBrowser.py
 import os
 from azure.keyvault.secrets import SecretClient
 from azure.identity import InteractiveBrowserCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]

 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 interactiveBrowserCredential = InteractiveBrowserCredential(additionally_allowed_tenants=[tenantId])

 client = SecretClient(vault_url=KVUri, credential=interactiveBrowserCredential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/2-getPasswordsDeviceCode.py b/2-getPasswordsDeviceCode.py
 import os
 from azure.keyvault.secrets import SecretClient
 from azure.identity import DeviceCodeCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]

 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 deviceCodeCredential = DeviceCodeCredential(additionally_allowed_tenants=[tenantId])

 client = SecretClient(vault_url=KVUri, credential=deviceCodeCredential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/3-getPasswordsVSCode.py b/3-getPasswordsVSCode.py
 # Authenticating with VS Code Credential
 import os
 from azure.keyvault.secrets import SecretClient
 from azure.identity import VisualStudioCodeCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]
 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 # This is going to be removed in an upcoming update.
 # See https://github.com/Azure/azure-sdk-for-python/issues/26602#issuecomment-1266302720
 vsCodeCredential = VisualStudioCodeCredential(additionally_allowed_tenants=[tenantId])

 client = SecretClient(vault_url=KVUri, credential=vsCodeCredential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/4-getPasswordsX509.py b/4-getPasswordsX509.py
 import os
 from dotenv import load_dotenv
 from azure.keyvault.secrets import SecretClient
 from azure.identity import CertificateCredential

 load_dotenv()

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]
 clientId = os.environ["AZURE_CLIENT_ID"]
 certPath = os.environ["AZURE_CLIENT_CERTIFICATE_PATH_WITH_PASSWORD"]
 certPass = os.environ["CERTIFICATE_PASSWORD"]
 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 # Passworded certificate demo
 certCredential = CertificateCredential(tenant_id=tenantId,client_id=clientId,certificate_path=certPath,password=certPass)

 client = SecretClient(vault_url=KVUri, credential=certCredential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/5-getPasswordsChainedToken.py b/5-getPasswordsChainedToken.py
 import os
 from azure.keyvault.secrets import SecretClient
 from azure.identity import ChainedTokenCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 managedIdentityCredential = ManagedIdentityCredential()
 vsCodeCredential = VisualStudioCodeCredential()
 cliCredential = AzureCliCredential()
 credential = ChainedTokenCredential(managedIdentityCredential,vsCodeCredential, cliCredential)
 client = SecretClient(vault_url=KVUri, credential=credential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
diff --git a/6-getPasswordsChooseYourOwnAdventure.py b/6-getPasswordsChooseYourOwnAdventure.py
 import os
 from pydoc import cli
 from azure.keyvault.secrets import SecretClient
 from azure.identity import ChainedTokenCredential, DefaultAzureCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, InteractiveBrowserCredential, DeviceCodeCredential, EnvironmentCredential, AzurePowerShellCredential

 keyVaultName = os.environ["KEY_VAULT_NAME"]
 tenantId = os.environ["AZURE_TENANT_ID"]
 secretName = "SecretPassword"
 KVUri = f"https://{keyVaultName}.vault.azure.net"

 # All sorts of credentials to play with
 # Multi-tenant issues introduced in 1.11.0 - additionally_allowed_tenants param assists
 # See more details here: https://devblogs.microsoft.com/azure-sdk/guidance-for-multi-tenant-applications-using-the-azure-identity-libraries/

 defaultAzureCredential = DefaultAzureCredential(additionally_allowed_tenants=[tenantId])
 environmentCredential = EnvironmentCredential()
 managedIdentityCredential = ManagedIdentityCredential()
 cliCredential = AzureCliCredential()
 powershellCredential = AzurePowerShellCredential()
 interactiveBrowserCredential = InteractiveBrowserCredential(additionally_allowed_tenants=[tenantId])
 vsCodeCredential = VisualStudioCodeCredential(additionally_allowed_tenants=[tenantId])
 deviceCodeCredential = DeviceCodeCredential(additionally_allowed_tenants=[tenantId])


 manualDefaultAzureCredential = ChainedTokenCredential(environmentCredential, managedIdentityCredential,
                                     vsCodeCredential, cliCredential, powershellCredential, interactiveBrowserCredential)

 credential = ChainedTokenCredential(deviceCodeCredential)
 client = SecretClient(vault_url=KVUri, credential=credential)

 print(f"Retrieving your secret from {keyVaultName}.")

 retrieved_secret = client.get_secret(secretName)

 print(f"Your secret is '{retrieved_secret.value}'.")

 print(" done.")
	import os
	from azure.keyvault.secrets import SecretClient
	from azure.identity import DefaultAzureCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]
	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	# Breaking changes in 1.11.0
	credential = DefaultAzureCredential(additionally_allowed_tenants=[tenantId])
	client = SecretClient(vault_url=KVUri, credential=credential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	import os
	from azure.keyvault.secrets import SecretClient
	from azure.identity import InteractiveBrowserCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]

	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	interactiveBrowserCredential = InteractiveBrowserCredential(additionally_allowed_tenants=[tenantId])

	client = SecretClient(vault_url=KVUri, credential=interactiveBrowserCredential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	import os
	from azure.keyvault.secrets import SecretClient
	from azure.identity import DeviceCodeCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]

	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	deviceCodeCredential = DeviceCodeCredential(additionally_allowed_tenants=[tenantId])

	client = SecretClient(vault_url=KVUri, credential=deviceCodeCredential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	# Authenticating with VS Code Credential
	import os
	from azure.keyvault.secrets import SecretClient
	from azure.identity import VisualStudioCodeCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]
	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	# This is going to be removed in an upcoming update.
	# See https://github.com/Azure/azure-sdk-for-python/issues/26602#issuecomment-1266302720
	vsCodeCredential = VisualStudioCodeCredential(additionally_allowed_tenants=[tenantId])

	client = SecretClient(vault_url=KVUri, credential=vsCodeCredential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	import os
	from dotenv import load_dotenv
	from azure.keyvault.secrets import SecretClient
	from azure.identity import CertificateCredential

	load_dotenv()

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]
	clientId = os.environ["AZURE_CLIENT_ID"]
	certPath = os.environ["AZURE_CLIENT_CERTIFICATE_PATH_WITH_PASSWORD"]
	certPass = os.environ["CERTIFICATE_PASSWORD"]
	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	# Passworded certificate demo
	certCredential = CertificateCredential(tenant_id=tenantId,client_id=clientId,certificate_path=certPath,password=certPass)

	client = SecretClient(vault_url=KVUri, credential=certCredential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	import os
	from azure.keyvault.secrets import SecretClient
	from azure.identity import ChainedTokenCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	managedIdentityCredential = ManagedIdentityCredential()
	vsCodeCredential = VisualStudioCodeCredential()
	cliCredential = AzureCliCredential()
	credential = ChainedTokenCredential(managedIdentityCredential,vsCodeCredential, cliCredential)
	client = SecretClient(vault_url=KVUri, credential=credential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")
	import os
	from pydoc import cli
	from azure.keyvault.secrets import SecretClient
	from azure.identity import ChainedTokenCredential, DefaultAzureCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, InteractiveBrowserCredential, DeviceCodeCredential, EnvironmentCredential, AzurePowerShellCredential

	keyVaultName = os.environ["KEY_VAULT_NAME"]
	tenantId = os.environ["AZURE_TENANT_ID"]
	secretName = "SecretPassword"
	KVUri = f"https://{keyVaultName}.vault.azure.net"

	# All sorts of credentials to play with
	# Multi-tenant issues introduced in 1.11.0 - additionally_allowed_tenants param assists
	# See more details here: https://devblogs.microsoft.com/azure-sdk/guidance-for-multi-tenant-applications-using-the-azure-identity-libraries/

	defaultAzureCredential = DefaultAzureCredential(additionally_allowed_tenants=[tenantId])
	environmentCredential = EnvironmentCredential()
	managedIdentityCredential = ManagedIdentityCredential()
	cliCredential = AzureCliCredential()
	powershellCredential = AzurePowerShellCredential()
	interactiveBrowserCredential = InteractiveBrowserCredential(additionally_allowed_tenants=[tenantId])
	vsCodeCredential = VisualStudioCodeCredential(additionally_allowed_tenants=[tenantId])
	deviceCodeCredential = DeviceCodeCredential(additionally_allowed_tenants=[tenantId])


	manualDefaultAzureCredential = ChainedTokenCredential(environmentCredential, managedIdentityCredential,
	vsCodeCredential, cliCredential, powershellCredential, interactiveBrowserCredential)

	credential = ChainedTokenCredential(deviceCodeCredential)
	client = SecretClient(vault_url=KVUri, credential=credential)

	print(f"Retrieving your secret from {keyVaultName}.")

	retrieved_secret = client.get_secret(secretName)

	print(f"Your secret is '{retrieved_secret.value}'.")

	print(" done.")