async def run_sample(): # Instantiate a secret client that will be used to call the service. # Notice that the client is using default Azure credentials. # To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID', # 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials. VAULT_URL = os.environ["VAULT_URL"] credential = DefaultAzureCredential() client = SecretClient(vault_url=VAULT_URL, credential=credential) try: # Let's create secrets holding storage and bank accounts credentials. If the secret # already exists in the Key Vault, then a new version of the secret is created. print("\n.. Create Secret") bank_secret = await client.set_secret("listOpsBankSecretName", "listOpsSecretValue1") storage_secret = await client.set_secret("listOpsStorageSecretName", "listOpsSecretValue2") print("Secret with name '{0}' was created.".format(bank_secret.name)) print("Secret with name '{0}' was created.".format( storage_secret.name)) # You need to check if any of the secrets are sharing same values. # Let's list the secrets and print their values. # List operations don 't return the secrets with value information. # So, for each returned secret we call get_secret to get the secret with its value information. print("\n.. List secrets from the Key Vault") secrets = client.list_secrets() async for secret in secrets: retrieved_secret = await client.get_secret(secret.name) print("Secret with name '{0}' with value '{1}' was found.".format( retrieved_secret.name, retrieved_secret.value)) # The bank account password got updated, so you want to update the secret in Key Vault to ensure it reflects the # new password. Calling set_secret on an existing secret creates a new version of the secret in the Key Vault # with the new value. updated_secret = await client.set_secret(bank_secret.name, "newSecretValue") print("Secret with name '{0}' was updated with new value '{1}'".format( updated_secret.name, updated_secret.value)) # You need to check all the different values your bank account password secret had previously. Lets print all # the versions of this secret. print("\n.. List versions of the secret using its name") secret_versions = client.list_secret_versions(bank_secret.name) async for secret in secret_versions: print("Bank Secret with name '{0}' has version: '{1}'".format( secret.name, secret.version)) # The bank account and storage accounts got closed. Let's delete bank and storage accounts secrets. await client.delete_secret(bank_secret.name) await client.delete_secret(storage_secret.name) # To ensure secret is deleted on the server side. print("\nDeleting secrets...") await asyncio.sleep(20) # You can list all the deleted and non-purged secrets, assuming Key Vault is soft-delete enabled. print("\n.. List deleted secrets from the Key Vault") deleted_secrets = client.list_deleted_secrets() async for deleted_secret in deleted_secrets: print("Secret with name '{0}' has recovery id '{1}'".format( deleted_secret.name, deleted_secret.recovery_id)) except HttpResponseError as e: if "(NotSupported)" in e.message: print( "\n{0} Please enable soft delete on Key Vault to perform this operation." .format(e.message)) else: print("\nrun_sample has caught an error. {0}".format(e.message)) finally: print("\nrun_sample done")
class ListSecretsTest(PerfStressTest): def __init__(self, arguments): super().__init__(arguments) # Auth configuration self.credential = DefaultAzureCredential() self.async_credential = AsyncDefaultAzureCredential() # Create clients vault_url = self.get_from_env("AZURE_KEYVAULT_URL") self.client = SecretClient(vault_url, self.credential, **self._client_kwargs) self.async_client = AsyncSecretClient(vault_url, self.async_credential, **self._client_kwargs) self.secret_names = [ "livekvtestlistperfsecret{}".format(i) for i in range(self.args.count) ] async def global_setup(self): """The global setup is run only once.""" # Validate that vault contains 0 secrets (including soft-deleted secrets), since additional secrets # (including soft-deleted) impact performance. async for secret in self.async_client.list_properties_of_secrets(): raise Exception( "KeyVault %s must contain 0 secrets (including soft-deleted) before starting perf test" % self.async_client.vault_url) async for secret in self.async_client.list_deleted_secrets(): raise Exception( "KeyVault %s must contain 0 secrets (including soft-deleted) before starting perf test" % self.async_client.vault_url) await super().global_setup() create = [ self.async_client.set_secret(name, "secret-value") for name in self.secret_names ] await asyncio.wait(create) async def global_cleanup(self): """The global cleanup is run only once.""" delete = [ self.async_client.delete_secret(name) for name in self.secret_names ] await asyncio.wait(delete) purge = [ self.async_client.purge_deleted_secret(name) for name in self.secret_names ] await asyncio.wait(purge) await super().global_cleanup() async def close(self): """This is run after cleanup.""" await self.async_client.close() await self.async_credential.close() await super().close() def run_sync(self): """The synchronous perf test.""" secret_properties = self.client.list_properties_of_secrets() # enumerate secrets to exercise paging code list(secret_properties) async def run_async(self): """The asynchronous perf test.""" secret_properties = self.async_client.list_properties_of_secrets() # enumerate secrets to exercise paging code async for _ in secret_properties: pass @staticmethod def add_arguments(parser): super(ListSecretsTest, ListSecretsTest).add_arguments(parser) parser.add_argument("--count", nargs="?", type=int, help="Number of secrets to list. Defaults to 10", default=10)