use of com.azure.security.keyvault.secrets.SecretClientBuilder in project ambry by linkedin.
the class CosmosDataAccessor method getCosmosKey.
/**
* Fetch the key either directly from configs, or indirectly by looking for it in an Azure KeyVault.
* @param azureCloudConfig the config
* @return the CosmosDB key.
*/
private static String getCosmosKey(AzureCloudConfig azureCloudConfig) {
if (!azureCloudConfig.cosmosKey.isEmpty()) {
return azureCloudConfig.cosmosKey;
}
if (azureCloudConfig.cosmosKeySecretName.isEmpty() || azureCloudConfig.cosmosVaultUrl.isEmpty()) {
throw new IllegalArgumentException(String.format("One of the required configs for fetching the cosmos key from a keyvault (%s, %s) missing", AzureCloudConfig.COSMOS_KEY_SECRET_NAME, AzureCloudConfig.COSMOS_VAULT_URL));
}
// check that all required azure identity configs are present if keyvault lookup is used.
AzureUtils.validateAzureIdentityConfigs(azureCloudConfig);
SecretClient secretClient = new SecretClientBuilder().vaultUrl(azureCloudConfig.cosmosVaultUrl).credential(AzureUtils.getClientSecretCredential(azureCloudConfig)).buildClient();
return secretClient.getSecret(azureCloudConfig.cosmosKeySecretName).getValue();
}
Aggregations