通过Java中的MSI读取Azure密钥库机密 [英] Read Azure key vault secret through MSI in Java

问题描述

我正在尝试通过Java中的托管服务身份(MSI)读取Azure Key Vault中的机密.我希望令牌通过MSI访问密钥库.

I am trying to read secret in Azure Key Vault through Managed Service Identity (MSI) in Java. I want token to access the key vault through MSI.

.net有可用的引用来实现此目的 但没有在Java中找到任何东西.我不想通过客户端ID/秘密密钥或证书来做到这一点.

There are references available for .net to do this but did not find anything in Java. I don't want to do this through Client id/secret key or certificates.

我想要Java中与以下.net代码接近的东西

I want something in Java that is close to following .net code

using Microsoft.Azure.KeyVault;
using Microsoft.Azure.Services.AppAuthentication;

AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
try
{
    var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
    var secret = await keyVaultClient.GetSecretAsync("https://abcded.vault.azure.net/secrets/secretname/").ConfigureAwait(false);
    ViewBag.Secret = $"Secret: {secret.Value}"; 
}
catch (Exception exp)
{
    ViewBag.Error = $"Something went wrong: {exp.Message}";
}

推荐答案

import com.microsoft.azure.credentials.MSICredentials;

MSICredentials credentials = new MSICredentials(AzureEnvironment.AZURE);
KeyVaultClient keyVaultClient = new KeyVaultClient(credentials);
SecretBundle secret = keyVaultClient.getSecret("vaultbaseurl","secretName","secretversion");

这篇关于通过Java中的MSI读取Azure密钥库机密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！