class KeyVaultCertificates:
def __init__(self):
# DefaultAzureCredential() expects the following environment variables:
# * AZURE_CLIENT_ID
# * AZURE_CLIENT_SECRET
# * AZURE_TENANT_ID
credential = DefaultAzureCredential()
self.certificate_client = CertificateClient(
vault_url=os.environ["AZURE_PROJECT_URL"], credential=credential)
self.certificate_name = "cert-name-" + uuid.uuid1().hex
def create_certificate(self):
print("creating certificate...")
self.certificate_client.create_certificate(name=self.certificate_name)
print("\tdone")
def get_certificate(self):
print("Getting a certificate...")
certificate = self.certificate_client.get_certificate_with_policy(
name=self.certificate_name)
print("\tdone, certificate: %s." % certificate.name)
def delete_certificate(self):
print("Deleting a certificate...")
deleted_certificate = self.certificate_client.delete_certificate(
name=self.certificate_name)
print("\tdone: " + deleted_certificate.name)
def run(self):
print("")
print("------------------------")
print("Key Vault - Certificates\nIdentity - Credential")
print("------------------------")
print("1) Create a certificate")
print("2) Get that certificate")
print("3) Delete that certificate (Clean up the resource)")
print("")
try:
self.create_certificate()
self.get_certificate()
finally:
self.delete_certificate()
issuer_name='Self',
subject_name='CN=*.microsoft.com',
validity_in_months=24,
san_dns_names=['sdk.azure-int.net'])
cert_name = "HelloWorldCertificate"
# create_certificate returns a poller. Calling result() on the poller will return the certificate
# if creation is successful, and the CertificateOperation if not. The wait() call on the poller will
# wait until the long running operation is complete.
certificate = client.create_certificate(name=cert_name,
policy=cert_policy).result()
print("Certificate with name '{0}' created".format(certificate.name))
# Let's get the bank certificate using its name
print("\n.. Get a Certificate by name")
bank_certificate = client.get_certificate_with_policy(name=cert_name)
print("Certificate with name '{0}' was found'.".format(
bank_certificate.name))
# After one year, the bank account is still active, and we have decided to update the tags.
print("\n.. Update a Certificate by name")
tags = {"a": "b"}
updated_certificate = client.update_certificate(name=bank_certificate.name,
tags=tags)
print("Certificate with name '{0}' was updated on date '{1}'".format(
bank_certificate.name, updated_certificate.updated))
print("Certificate with name '{0}' was updated with tags '{1}'".format(
bank_certificate.name, updated_certificate.tags))
# The bank account was closed, need to delete its credentials from the Key Vault.
print("\n.. Delete Certificate")
