KeyVault获取秘密失败
KeyVault获取秘密失败
提问于 2017-06-28 11:42:21
这是我的代码,几天前它还在工作,现在它在试图从保险库中获取秘密时抛出了错误。我使用的是Azure的Python SDK的最新版本,它是通过pip安装的。
from azure.keyvault import KeyVaultClient
from azure.mgmt.keyvault import KeyVaultManagementClient
from msrestazure.azure_active_directory import ServicePrincipalCredentials
credentials = ServicePrincipalCredentials(
client_id = "a0824ce5-f6cf-4293-a7ad-************************",
secret = "5jqsgHYlLPrpY+yn6+0X8lMA9mE*********************",
tenant="fa7b1b5a-7b34-4387-**********************",
resource='https://vault.azure.net'
)
KEY_VAULT_URI = 'https://*********t.vault.azure.net'
client = KeyVaultClient(
credentials
)
# Create a secret
secret_bundle = client.set_secret(KEY_VAULT_URI, 'octo-prroton', '2412423424fdsadada***********')
print(client.get_secret(KEY_VAULT_URI, 'octo-prroton', 1))创建一个秘密是可行的,但是通过下面的回溯获取一个秘密失败
Traceback (most recent call last): File "driver.py", line 23, in <module>
print(client.get_secret(KEY_VAULT_URI, 'octo-prroton', 1)) File
"/Users/ddavtian/Code/.virtualenvs/demo-key/lib/python3.6/site-
packages/azure/keyvault/key_vault_client.py", line 1798, in get_secret raise
models.KeyVaultErrorException(self._deserialize, response)
azure.keyvault.models.key_vault_error.KeyVaultErrorException: Operation
returned an invalid status code 'Bad Request'Herr是pip包的列表。
adal (0.4.5)
asn1crypto (0.22.0)
azure (2.0.0)
azure-batch (3.0.0)
azure-common (1.1.6)
azure-datalake-store (0.0.12)
azure-graphrbac (0.30.0)
azure-keyvault (0.3.5)
azure-mgmt (1.0.0)
azure-mgmt-authorization (0.30.0)
azure-mgmt-batch (4.0.0)
azure-mgmt-cdn (0.30.3)
azure-mgmt-cognitiveservices (1.0.0)
azure-mgmt-compute (1.0.0)
azure-mgmt-containerregistry (0.2.1)
azure-mgmt-datalake-analytics (0.1.6)
azure-mgmt-datalake-nspkg (2.0.0)
azure-mgmt-datalake-store (0.1.6)
azure-mgmt-devtestlabs (2.0.0)
azure-mgmt-dns (1.0.1)
azure-mgmt-documentdb (0.1.3)
azure-mgmt-iothub (0.2.2)
azure-mgmt-keyvault (0.31.0)
azure-mgmt-logic (2.1.0)
azure-mgmt-monitor (0.2.1)
azure-mgmt-network (1.0.0)
azure-mgmt-nspkg (2.0.0)
azure-mgmt-rdbms (0.1.0)
azure-mgmt-redis (4.1.0)
azure-mgmt-resource (1.1.0)
azure-mgmt-scheduler (1.1.2)
azure-mgmt-sql (0.5.3)
azure-mgmt-storage (1.0.0)
azure-mgmt-trafficmanager (0.30.0)
azure-mgmt-web (0.32.0)
azure-nspkg (2.0.0)
azure-servicebus (0.21.1)
azure-servicefabric (5.6.130)
azure-servicemanagement-legacy (0.20.6)
azure-storage (0.34.3)
certifi (2017.4.17)
cffi (1.10.0)
chardet (3.0.4)
cryptography (1.9)
idna (2.5)
isodate (0.5.4)
keyring (10.4.0)
msrest (0.4.11)
msrestazure (0.4.9)
oauthlib (2.0.2)
pip (9.0.1)
pycparser (2.17)
PyJWT (1.5.2)
python-dateutil (2.6.0)
requests (2.18.1)
requests-oauthlib (0.8.0)
setuptools (36.0.1)
six (1.10.0)
urllib3 (1.21.1)
wheel (0.29.0)任何帮助都是非常感谢的。
回答 2
Stack Overflow用户
发布于 2017-06-29 04:12:18
Azure的Python SDK团队来帮助我,这是我提出的GitHub错误和解决方案:https://github.com/Azure/azure-sdk-for-python/issues/1263
Stack Overflow用户
发布于 2020-12-30 08:46:02
正如您在GitHub问题中所说的,这是由于get_secret调用中的一个不正确的秘密版本造成的。现在有了一个用于处理Key Vault secret的azure-keyvault-secrets包,当没有指定版本时,get_secret将获取最新的secret版本:
from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
KEY_VAULT_URI = 'https://*********t.vault.azure.net'
SECRET_NAME = 'octo-prroton'
credential = DefaultAzureCredential()
client = SecretClient(KEY_VAULT_URI, credential)
secret = client.get_secret(SECRET_NAME)还有一些用于处理Key Vault证书和密钥的新包。以下是从azure-keyvault迁移的软件包文档和指南的链接
- azure-keyvault-certificates (Migration guide)
- azure-keyvault-keys (Migration guide)
- azure-keyvault-secrets (Migration guide)
(我使用Python开发Azure SDK )
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/44793270
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号