Azure Key Vault Plugin

The plugin provides functionality to interact with Azure Key Vault.

Installation

Example 1. build.gradle
implementation(group: 'org.vividus', name: 'vividus-plugin-azure-key-vault', version: '0.4.9-SNAPSHOT')

Key Vault management

Configuration

Authentication

The authentication process relies on the configuration of the environment variables.

See the official "Azure identity" guide to get more details on what types of authentication could be used.

Azure environment selection

Azure environment could be optionally specified using either global property azure.environment (sets the environment for all Azure plugins) or plugin-specific property azure.key-vault.environment. The plugin-specific property takes precedence over the global one. The default value is AZURE.

The plugin-specific property azure.key-vault.environment is deprecated and will be removed in VIVIDUS 0.5.0. The global property must be used.

The supported environments are only:

  • AZURE

  • AZURE_CHINA

  • AZURE_GERMANY

  • AZURE_US_GOVERNMENT

Azure subscription selection

Azure subscription must be configured via AZURE_SUBSCRIPTION_ID environment variable.

Steps

Retrieve the Key Vault properties

Retrieves the properties of the specified Azure key vault and saves them as JSON to a variable. For more information, see the Azure Docs.

When I retrieve properties of key vault with name `$keyVaultName` from resource group `$resourceGroupName` and save them as JSON to $scopes variable `$variableName`
  • $keyVaultName - The name of the key vault within the specified resource group.

  • $resourceGroupName - The name of the resource group within the user’s subscription to retrieve the key vault from. The name is case-insensitive.

  • $scopes - The comma-separated set of the variables scopes.

  • $variableName - The variable name to store the key vault properties as JSON.

Example 2. Retrieve the Key Vault properties
When I retrieve properties of key vault with name `KEY-VAULT-NAME` from resource group `TEST-SA` and save them as JSON to scenario variable `key-vault-properties`