如何在Node.js堆栈上的Azure Function App中从Azure密钥库提取秘密密钥 [英] How to extract Secret key from Azure key vault in Azure Function App on Nodejs stack

问题描述

我已经在Nodejs版本12中创建了一个Azure Function应用.我的托管环境是Windows.捕获保存在我的函数内部的Azure密钥保管库中的用户名和密码的最简单方法是什么. 另外，我正在使用内联代码编辑器，因此应如何捕获代码中的凭据.

I have created an Azure Function app in Nodejs version 12. My hosting environment is windows. What is the easiest way to capture the username and password which are saved in Azure key vault inside my function. Also I am using Inline code Editor so how should be capture the credentials in code.

谢谢

推荐答案

以上答案中使用的节点SDK将不推荐使用，并且不会具有新功能和发布.相反，新版本将在此处发布:

The node SDK used in above answer is going to be deprecated and won't have new feature and releases. Instead, the new versions are released here:

https://www.npmjs.com/package/@azure/keyvault -秘密

以下是检索秘密值以供参考的详细步骤.

Here are the detailed steps to retrieve the secret value for your reference.

1.在您的功能中启用系统分配的托管身份.

2.将此服务主体添加到密钥库的访问策略中.

3.将依赖项安装到您的函数中.

  "dependencies": {
    "@azure/identity": "^1.0.3",
    "@azure/keyvault-secrets": "^4.0.4"
  }

4.这是我的测试功能代码

module.exports = async function (context, req) {

const { DefaultAzureCredential } = require("@azure/identity");
const { SecretClient } = require("@azure/keyvault-secrets");
const keyVaultName = "tonykeyvault20190801";
const KVUri = "https://" + keyVaultName + ".vault.azure.net";

const credential = new DefaultAzureCredential();
const client = new SecretClient(KVUri, credential);

const retrievedSecret = await client.getSecret("username");
const username=retrievedSecret.value;
context.log(username);
  context.res = {
      body: username 
  };
}

5.执行结果.

这篇关于如何在Node.js堆栈上的Azure Function App中从Azure密钥库提取秘密密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！