Working With Azure Key Vault In Python Using a Service Principal
- Create a key vault
- Create an App Registration in Azure Active Directory
- Generate a secret for your App Registration
- Note the value for your client secret and save it in your .env file
- Note the value on the overview page for your app:
Application (client) ID
Directory (tenant) ID - Click on Subcrptions in the Azure portal and note the
Subscription ID - Back in the key vault click on Access policies click on create
- Select the permissions Get and List for reading secrets, and Set and Delete if you want your service principal to be able to do that
- After Clicking Next Type the name of your app registration (aka service principal) and add it.
- In your .env file add the following key value pairs
KEY_VAULT_NAME=""
AZURE_CLIENT_ID="<Your Appliction (client) ID>"
AZURE_CLIENT_SECRET="<Your Client Secret From Step 4>"
AZURE_SUBSCRIPTION_ID=""
AZURE_TENANT_ID=""
https://medium.com/@tophamcherie/using-environment-variables-in-python-66e9ca50f146
https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-python?tabs=azure-cli