azure.keyvault package¶
Module contents¶
-
azure.keyvault.
KeyVaultClient
¶ alias of
azure.keyvault.custom.key_vault_client.CustomKeyVaultClient
-
class
azure.keyvault.
KeyVaultId
(collection, vault, name, version)[source]¶ Bases:
object
An identifier for an Azure Key Vault resource.
Parameters: - collection (str) – The resource collection type.
- vault (str) – The vault URI.
- name (str) – The resource name.
- version (str) – The resource version.
-
base_id
¶
-
static
create_certificate_id
(vault, name, version=None)[source]¶ Parameters: - vault (str) – The vault uri.
- name (str) – The certificate name.
- version (str) – The certificate version.
Return type:
-
static
create_certificate_issuer_id
(vault, name)[source]¶ Parameters: - vault (str) – The vault uri.
- name (str) – The certificate name.
Return type:
-
static
create_certificate_operation_id
(vault, name)[source]¶ Parameters: - vault (str) – The vault uri.
- name (str) – The certificate name.
Return type:
-
static
create_key_id
(vault, name, version=None)[source]¶ Parameters: - vault (str) – The vault uri.
- name (str) – The key name.
- version (str) – The key version.
Return type:
-
static
create_object_id
(collection, vault, name, version)[source]¶ Parameters: - collection (str) – The resource collection type.
- vault (str) – The vault URI.
- name (str) – The resource name.
- version (str) – The resource version.
Return type:
-
static
create_secret_id
(vault, name, version=None)[source]¶ Parameters: - vault (str) – The vault uri.
- name (str) – The secret name.
- version (str) – The secret version.
Return type:
-
id
¶
-
static
parse_certificate_id
(id)[source]¶ Parameters: id (str) – The resource collection type. Return type: KeyVaultId
-
static
parse_certificate_issuer_id
(id)[source]¶ Parameters: id (str) – The resource collection type. Return type: KeyVaultId
-
static
parse_certificate_operation_id
(id)[source]¶ Parameters: id (str) – The resource collection type. Return type: KeyVaultId
-
static
parse_key_id
(id)[source]¶ Parameters: id (str) – The key uri. Return type: KeyVaultId
-
static
parse_object_id
(collection, id)[source]¶ Parameters: - collection (str) – The resource collection type.
- id (str) – The resource uri.
Return type:
-
static
parse_secret_id
(id)[source]¶ Parameters: id (str) – The secret uri. Return type: KeyVaultId
-
version_none
= ''¶
-
class
azure.keyvault.
KeyId
(uri=None, vault=None, name=None, version=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault key id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault, name and version. :param uri: The uri of the key vault key :param vault: The vault uri :param name: The key name :param version: The key version
-
class
azure.keyvault.
SecretId
(uri=None, vault=None, name=None, version=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault secret id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault, name and version. :param uri: The uri of the key vault secret :param vault: The vault uri :param name: The secret name :param version: The secret version
-
class
azure.keyvault.
CertificateId
(uri=None, vault=None, name=None, version=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault certificate id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault, name and version. :param uri: The uri of the key vault certificate :param vault: The vault uri :param name: The certificate name :param version: The certificate version
-
class
azure.keyvault.
CertificateIssuerId
(uri=None, vault=None, name=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault certificate issuer id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault and name. :param uri: The uri of the key vault certificate issuer :param vault: The vault uri :param name: The certificate issuer name
-
class
azure.keyvault.
CertificateOperationId
(uri=None, vault=None, name=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault certificate operation id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault and name. :param uri: The uri of the key vault certificate operation :param vault: The vault uri :param name: The certificate name
-
class
azure.keyvault.
StorageAccountId
(uri=None, vault=None, name=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault storage account id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault and name. :param uri: The uri of the key vault storage account :param vault: The vault uri :param name: The storage account name
-
class
azure.keyvault.
StorageSasDefinitionId
(uri=None, vault=None, account_name=None, sas_definition=None)[source]¶ Bases:
azure.keyvault.custom.key_vault_id.KeyVaultIdentifier
Creates a key vault storage account sas definition id. If uri is specified the id properties are parsed from the uri, otherwise builds the id from the specified vault, account_name, and sas_definition. :param uri: The uri of the key vault storage account sas definition :param vault: The vault uri :param account_name: The storage account name :param sas_definition: The sas definition name
-
class
azure.keyvault.
HttpBearerChallenge
(request_uri, challenge)[source]¶ Bases:
object
Parses an HTTP WWW-Authentication Bearer challenge from a server.
Returns the URI for the authorization server if present, otherwise empty string.
-
class
azure.keyvault.
HttpChallenge
(request_uri, challenge, response_headers=None)[source]¶ Bases:
object
Parses an HTTP WWW-Authentication Bearer challenge from a server.
Returns the URI for the authorization server if present, otherwise empty string.
-
class
azure.keyvault.
KeyVaultAuthentication
(authorization_callback=None, credentials=None)[source]¶ Bases:
msrest.authentication.OAuthTokenAuthentication
Authentication class to be used as credentials for the KeyVaultClient. :Example Usage:
- def auth_callack(server, resource, scope):
- self.data_creds = self.data_creds or ServicePrincipalCredentials(client_id=self.config.client_id,
- secret=self.config.client_secret, tenant=self.config.tenant_id, resource=resource)
token = self.data_creds.token return token[‘token_type’], token[‘access_token’]
self.keyvault_data_client = KeyVaultClient(KeyVaultAuthentication(auth_callack))
Creates a new KeyVaultAuthentication instance used for authentication in the KeyVaultClient :param authorization_callback: A callback used to provide authentication credentials to the key vault data service. This callback should take three str arguments: authorization uri, resource, and scope, and return a tuple of (token type, access token). :param credentials:: Credentials needed for the client to connect to Azure. :type credentials: :mod:`A msrestazure Credentials
object<msrestazure.azure_active_directory>`-
refresh_session
()[source]¶ Return updated session if token has expired, attempts to refresh using refresh token.
Return type: requests.Session.
-
signed_session
(session=None)[source]¶ Create requests session with any required auth headers applied.
If a session object is provided, configure it directly. Otherwise, create a new session and return it.
Parameters: session (requests.Session) – The session to configure for authentication Return type: requests.Session
-
class
azure.keyvault.
KeyVaultAuthBase
(authorization_callback)[source]¶ Bases:
requests.auth.AuthBase
Used for handling authentication challenges, by hooking into the request AuthBase extension model.
Creates a new KeyVaultAuthBase instance used for handling authentication challenges, by hooking into the request AuthBase extension model. :param authorization_callback: A callback used to provide authentication credentials to the key vault data service. This callback should take four str arguments: authorization uri, resource, scope, and scheme, and return an AccessToken
return AccessToken(scheme=token[‘token_type’], token=token[‘access_token’])- Note: for backward compatibility a tuple of the scheme and token can also be returned.
- return token[‘token_type’], token[‘access_token’]