Search in sources :

Example 1 with SecretClientBuilder

use of com.azure.security.keyvault.secrets.SecretClientBuilder in project ambry by linkedin.

the class CosmosDataAccessor method getCosmosKey.

/**
 * Fetch the key either directly from configs, or indirectly by looking for it in an Azure KeyVault.
 * @param azureCloudConfig the config
 * @return the CosmosDB key.
 */
private static String getCosmosKey(AzureCloudConfig azureCloudConfig) {
    if (!azureCloudConfig.cosmosKey.isEmpty()) {
        return azureCloudConfig.cosmosKey;
    }
    if (azureCloudConfig.cosmosKeySecretName.isEmpty() || azureCloudConfig.cosmosVaultUrl.isEmpty()) {
        throw new IllegalArgumentException(String.format("One of the required configs for fetching the cosmos key from a keyvault (%s, %s) missing", AzureCloudConfig.COSMOS_KEY_SECRET_NAME, AzureCloudConfig.COSMOS_VAULT_URL));
    }
    // check that all required azure identity configs are present if keyvault lookup is used.
    AzureUtils.validateAzureIdentityConfigs(azureCloudConfig);
    SecretClient secretClient = new SecretClientBuilder().vaultUrl(azureCloudConfig.cosmosVaultUrl).credential(AzureUtils.getClientSecretCredential(azureCloudConfig)).buildClient();
    return secretClient.getSecret(azureCloudConfig.cosmosKeySecretName).getValue();
}
Also used : SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) SecretClient(com.azure.security.keyvault.secrets.SecretClient)

Aggregations

SecretClient (com.azure.security.keyvault.secrets.SecretClient)1 SecretClientBuilder (com.azure.security.keyvault.secrets.SecretClientBuilder)1