View Source ExAzureKeyVault.Client (ex_azure_key_vault v2.2.0)
Client for creating or getting Azure Key Vault.
Link to this section Summary
Functions
Connects to Azure Key Vault using client assertion.
Connects to Azure Key Vault.
Creates a new secret.
Deletes a secret.
Returns secret value.
Returns list of secrets.
Returns next page of secrets in the pagination.
Creates %ExAzureKeyVault.Client{} struct with connection information.
Link to this section Types
Link to this section Functions
Link to this function
cert_connect(vault_name \\ nil, tenant_id \\ nil, client_id \\ nil, cert_base64_thumbprint \\ nil, cert_private_key_pem \\ nil)
View Source@spec cert_connect( String.t() | nil, String.t() | nil, String.t() | nil, String.t() | nil, String.t() | nil ) :: t() | {:error, any()}
Connects to Azure Key Vault using client assertion.
examples
Examples
When defining environment variables and/or adding to configuration.
$ export AZURE_CLIENT_ID="14e79d90-9abf..."
$ export AZURE_TENANT_ID="14e7a376-9abf..."
$ export AZURE_VAULT_NAME="my-vault"
$ export AZURE_CERT_BASE64_THUMBPRINT="Dss7v2YI3GgCGfl..."
$ export AZURE_CERT_PRIVATE_KEY_PEM="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEF..."
# Config.exs
config :ex_azure_key_vault,
azure_client_id: {:system, "AZURE_CLIENT_ID"},
azure_tenant_id: {:system, "AZURE_TENANT_ID"},
azure_vault_name: {:system, "AZURE_VAULT_NAME"}
azure_cert_base64_thumbprint: {:system, "AZURE_CERT_BASE64_THUMBPRINT"},
azure_cert_private_key_pem: {:system, "AZURE_CERT_PRIVATE_KEY_PEM"}
iex(1)> ExAzureKeyVault.Client.cert_connect()
%ExAzureKeyVault.Client{
api_version: "7.3",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}
Passing custom parameters.
iex(1)> ExAzureKeyVault.Client.cert_connect("custom-vault", "14e7a376-9abf...", "14e79d90-9abf...", "Dss7v2YI3GgCGfl...", "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEF...")
%ExAzureKeyVault.Client{
api_version: "7.3",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "custom-vault"
}
Link to this function
connect(vault_name \\ nil, tenant_id \\ nil, client_id \\ nil, client_secret \\ nil)
View Source@spec connect(String.t() | nil, String.t() | nil, String.t() | nil, String.t() | nil) :: t() | {:error, any()}
Connects to Azure Key Vault.
examples
Examples
When defining environment variables and/or adding to configuration.
$ export AZURE_CLIENT_ID="14e79d90-9abf..."
$ export AZURE_CLIENT_SECRET="14e7a11e-9abf..."
$ export AZURE_TENANT_ID="14e7a376-9abf..."
$ export AZURE_VAULT_NAME="my-vault"
# Config.exs
config :ex_azure_key_vault,
azure_client_id: {:system, "AZURE_CLIENT_ID"},
azure_client_secret: {:system, "AZURE_CLIENT_SECRET"},
azure_tenant_id: {:system, "AZURE_TENANT_ID"},
azure_vault_name: {:system, "AZURE_VAULT_NAME"}
iex(1)> ExAzureKeyVault.Client.connect()
%ExAzureKeyVault.Client{
api_version: "7.3",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}
Passing custom parameters.
iex(1)> ExAzureKeyVault.Client.connect("custom-vault", "14e7a376-9abf...", "14e79d90-9abf...", "14e7a11e-9abf...")
%ExAzureKeyVault.Client{
api_version: "7.3",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "custom-vault"
}Creates a new secret.
examples
Examples
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.create_secret("my-new-secret", "my-new-value")
:okDeletes a secret.
examples
Examples
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.delete_secret("my-secret")
:okReturns secret value.
examples
Examples
Ignoring secret version.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secret("my-secret")
{:ok, "my-value"}Passing secret version.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secret("my-secret", "03b424a49ac3...")
{:ok, "my-other-value"}Returns list of secrets.
examples
Examples
Passing a maximum number of 2 results in a page.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secrets(2)
{:ok,
%{
"nextLink" => "https://my-vault.vault.azure.net:443/secrets?api-version=7.3&$skiptoken=eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6...&maxresults=2",
"value" => [
%{
"attributes" => %{
"created" => 1533704004,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1533704004
},
"id" => "https://my-vault.vault.azure.net/secrets/my-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/another-secret"
}
]
}}Ignoring maximum number of results.
iex(1)> ExAzureKeyVault.Client.connect() |> ExAzureKeyVault.Client.get_secrets()
{:ok,
%{
"nextLink" => nil,
"value" => [
%{
"attributes" => %{
"created" => 1533704004,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1533704004
},
"id" => "https://my-vault.vault.azure.net/secrets/my-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/another-secret"
},
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/test-secret"
}
]
}}Returns next page of secrets in the pagination.
examples
Examples
iex(1)> client = ExAzureKeyVault.Client.connect()
...
iex(1)> {_, secrets} = client |> ExAzureKeyVault.Client.get_secrets(2)
...
iex(1)> {_, next_secrets} = client |> ExAzureKeyVault.Client.get_secrets_next(secrets["nextLink"])
{:ok,
%{
"nextLink" => nil,
"value" => [
%{
"attributes" => %{
"created" => 1532633078,
"enabled" => true,
"recoveryLevel" => "Purgeable",
"updated" => 1532633078
},
"id" => "https://my-vault.vault.azure.net/secrets/test-secret"
}
]
}}Creates %ExAzureKeyVault.Client{} struct with connection information.
examples
Examples
Using default API version.
iex(1)> ExAzureKeyVault.Client.new("Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "my-vault")
%ExAzureKeyVault.Client{
api_version: "7.3",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}Passing custom API version.
iex(1)> ExAzureKeyVault.Client.new("Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "my-vault", "2015-06-01")
%ExAzureKeyVault.Client{
api_version: "2015-06-01",
bearer_token: "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
vault_name: "my-vault"
}