key_vault {AzureKeyVault} | R Documentation |
Azure Key Vault client
Description
Azure Key Vault client
Usage
key_vault(
url,
tenant = "common",
app = .az_cli_app_id,
...,
domain = "vault.azure.net",
as_managed_identity = FALSE,
token = NULL
)
Arguments
url |
The location of the vault. This can be a full URL, or the vault name alone; in the latter case, the |
tenant , app |
Authentication arguments that will be passed to |
... |
Further arguments that will be passed to either |
domain |
The domain of the vault; for the public Azure cloud, this is |
as_managed_identity |
Whether to authenticate as a managed identity. Use this if your R session is taking place inside an Azure VM or container that has a system- or user-assigned managed identity assigned to it. |
token |
An OAuth token obtained via |
Details
This function creates a new Key Vault client object. It includes the following component objects for working with data in the vault:
-
keys
: A sub-object for working with encryption keys stored in the vault. See keys. -
secrets
: A sub-object for working with secrets stored in the vault. See secrets. -
certificates
: A sub-object for working with certificates stored in the vault. See certificates. -
storage
: A sub-object for working with storage accounts managed by the vault. See storage.
See Also
keys
, secrets
, certificates
, storage
Azure Key Vault documentation, Azure Key Vault API reference
Examples
## Not run:
key_vault("mykeyvault")
key_vault("https://mykeyvault.vault.azure.net")
# authenticating as a service principal
key_vault("mykeyvault", tenant="myaadtenant", app="app_id", password="password")
# authenticating with an existing token
token <- AzureAuth::get_azure_token("https://vault.azure.net", "myaadtenant",
app="app_id", password="password")
key_vault("mykeyvault", token=token)
# authenticating with a system-assigned managed identity
key_vault("mykeyvault", as_managed_identity=TRUE)
# authenticating with a user-assigned managed identity:
# - supply one of the identity's object ID, client ID or resource ID
key_vault("mykeyvault", as_managed_identity=TRUE,
token_args=list(mi_res_id="/subscriptions/xxxx/resourceGroups/resgrpname/..."))
## End(Not run)