这是我的代码,这是几天前工作的,现在它在尝试从保险库中取出秘密时抛出错误。我正在使用通过pip安装的最新版本的Azure SDK。
from azure.keyvault import KeyVaultClient
from azure.mgmt.keyvault import KeyVaultManagementClient
from msrestazure.azure_active_directory import ServicePrincipalCredentials
credentials = ServicePrincipalCredentials(
client_id = "a0824ce5-f6cf-4293-a7ad-************************",
secret = "5jqsgHYlLPrpY+yn6+0X8lMA9mE*********************",
tenant="fa7b1b5a-7b34-4387-**********************",
resource='https://vault.azure.net'
)
KEY_VAULT_URI = 'https://*********t.vault.azure.net'
client = KeyVaultClient(
credentials
)
# Create a secret
secret_bundle = client.set_secret(KEY_VAULT_URI, 'octo-prroton', '2412423424fdsadada***********')
print(client.get_secret(KEY_VAULT_URI, 'octo-prroton', 1))
通过以下追溯
创建一个秘密工作,但获取机密失败Traceback (most recent call last): File "driver.py", line 23, in <module>
print(client.get_secret(KEY_VAULT_URI, 'octo-prroton', 1)) File
"/Users/ddavtian/Code/.virtualenvs/demo-key/lib/python3.6/site-
packages/azure/keyvault/key_vault_client.py", line 1798, in get_secret raise
models.KeyVaultErrorException(self._deserialize, response)
azure.keyvault.models.key_vault_error.KeyVaultErrorException: Operation
returned an invalid status code 'Bad Request'
Herr是一个pip包列表
adal (0.4.5)
asn1crypto (0.22.0)
azure (2.0.0)
azure-batch (3.0.0)
azure-common (1.1.6)
azure-datalake-store (0.0.12)
azure-graphrbac (0.30.0)
azure-keyvault (0.3.5)
azure-mgmt (1.0.0)
azure-mgmt-authorization (0.30.0)
azure-mgmt-batch (4.0.0)
azure-mgmt-cdn (0.30.3)
azure-mgmt-cognitiveservices (1.0.0)
azure-mgmt-compute (1.0.0)
azure-mgmt-containerregistry (0.2.1)
azure-mgmt-datalake-analytics (0.1.6)
azure-mgmt-datalake-nspkg (2.0.0)
azure-mgmt-datalake-store (0.1.6)
azure-mgmt-devtestlabs (2.0.0)
azure-mgmt-dns (1.0.1)
azure-mgmt-documentdb (0.1.3)
azure-mgmt-iothub (0.2.2)
azure-mgmt-keyvault (0.31.0)
azure-mgmt-logic (2.1.0)
azure-mgmt-monitor (0.2.1)
azure-mgmt-network (1.0.0)
azure-mgmt-nspkg (2.0.0)
azure-mgmt-rdbms (0.1.0)
azure-mgmt-redis (4.1.0)
azure-mgmt-resource (1.1.0)
azure-mgmt-scheduler (1.1.2)
azure-mgmt-sql (0.5.3)
azure-mgmt-storage (1.0.0)
azure-mgmt-trafficmanager (0.30.0)
azure-mgmt-web (0.32.0)
azure-nspkg (2.0.0)
azure-servicebus (0.21.1)
azure-servicefabric (5.6.130)
azure-servicemanagement-legacy (0.20.6)
azure-storage (0.34.3)
certifi (2017.4.17)
cffi (1.10.0)
chardet (3.0.4)
cryptography (1.9)
idna (2.5)
isodate (0.5.4)
keyring (10.4.0)
msrest (0.4.11)
msrestazure (0.4.9)
oauthlib (2.0.2)
pip (9.0.1)
pycparser (2.17)
PyJWT (1.5.2)
python-dateutil (2.6.0)
requests (2.18.1)
requests-oauthlib (0.8.0)
setuptools (36.0.1)
six (1.10.0)
urllib3 (1.21.1)
wheel (0.29.0)
感谢任何帮助。
答案 0 :(得分:0)
Azure的Python SDK团队来帮助我,这是我提出的GitHub错误和解决方案:https://github.com/Azure/azure-sdk-for-python/issues/1263
答案 1 :(得分:0)
正如您在 GitHub 问题中所分享的那样,这是由于 get_secret
调用中的机密版本不正确造成的。现在有一个用于处理 Key Vault 机密的 azure-keyvault-secrets 包,当未指定版本时,get_secret
将获取最新的机密版本:
from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
KEY_VAULT_URI = 'https://*********t.vault.azure.net'
SECRET_NAME = 'octo-prroton'
credential = DefaultAzureCredential()
client = SecretClient(KEY_VAULT_URI, credential)
secret = client.get_secret(SECRET_NAME)
还有用于处理 Key Vault 证书和密钥的新包。以下是从 azure-keyvault
迁移的软件包文档和指南的链接:
(我使用 Python 开发 Azure SDK)