R: Azure Key Vault client

key_vault {AzureKeyVault}

R Documentation

Azure Key Vault client

Description

Azure Key Vault client

Usage

key_vault(
  url,
  tenant = "common",
  app = .az_cli_app_id,
  ...,
  domain = "vault.azure.net",
  as_managed_identity = FALSE,
  token = NULL
)

Arguments

`url`	The location of the vault. This can be a full URL, or the vault name alone; in the latter case, the `domain` argument is appended to obtain the URL.
`tenant`, `app`	Authentication arguments that will be passed to `AzureAuth::get_azure_token`. The default is to authenticate interactively.
`...`	Further arguments that will be passed to either `get_azure_token` or `AzureAuth::get_managed_token`, depending on whether `as_managed_identity` is TRUE.
`domain`	The domain of the vault; for the public Azure cloud, this is `vault.azure.net`. Also the resource for OAuth authentication.
`as_managed_identity`	Whether to authenticate as a managed identity. Use this if your R session is taking place inside an Azure VM or container that has a system- or user-assigned managed identity assigned to it.
`token`	An OAuth token obtained via `get_azure_token` or `get_managed_token`. If provided, this overrides the other authentication arguments.

Details

This function creates a new Key Vault client object. It includes the following component objects for working with data in the vault:

keys: A sub-object for working with encryption keys stored in the vault. See keys.
secrets: A sub-object for working with secrets stored in the vault. See secrets.
certificates: A sub-object for working with certificates stored in the vault. See certificates.
storage: A sub-object for working with storage accounts managed by the vault. See storage.

Examples

## Not run: 

key_vault("mykeyvault")
key_vault("https://mykeyvault.vault.azure.net")

# authenticating as a service principal
key_vault("mykeyvault", tenant="myaadtenant", app="app_id", password="password")

# authenticating with an existing token
token <- AzureAuth::get_azure_token("https://vault.azure.net", "myaadtenant",
                                    app="app_id", password="password")
key_vault("mykeyvault", token=token)

# authenticating with a system-assigned managed identity
key_vault("mykeyvault", as_managed_identity=TRUE)

# authenticating with a user-assigned managed identity:
# - supply one of the identity's object ID, client ID or resource ID
key_vault("mykeyvault", as_managed_identity=TRUE,
    token_args=list(mi_res_id="/subscriptions/xxxx/resourceGroups/resgrpname/..."))


## End(Not run)

[Package AzureKeyVault version 1.0.5 Index]

Azure Key Vault client

Description

Usage

Arguments

Details

See Also

Examples