class KeyVaultCertificates: def __init__(self): # DefaultAzureCredential() expects the following environment variables: # * AZURE_CLIENT_ID # * AZURE_CLIENT_SECRET # * AZURE_TENANT_ID credential = DefaultAzureCredential() self.certificate_client = CertificateClient( vault_url=os.environ["AZURE_PROJECT_URL"], credential=credential) self.certificate_name = "cert-name-" + uuid.uuid1().hex def create_certificate(self): print("creating certificate...") self.certificate_client.create_certificate(name=self.certificate_name) print("\tdone") def get_certificate(self): print("Getting a certificate...") certificate = self.certificate_client.get_certificate_with_policy( name=self.certificate_name) print("\tdone, certificate: %s." % certificate.name) def delete_certificate(self): print("Deleting a certificate...") deleted_certificate = self.certificate_client.delete_certificate( name=self.certificate_name) print("\tdone: " + deleted_certificate.name) def run(self): print("") print("------------------------") print("Key Vault - Certificates\nIdentity - Credential") print("------------------------") print("1) Create a certificate") print("2) Get that certificate") print("3) Delete that certificate (Clean up the resource)") print("") try: self.create_certificate() self.get_certificate() finally: self.delete_certificate()
issuer_name='Self', subject_name='CN=*.microsoft.com', validity_in_months=24, san_dns_names=['sdk.azure-int.net']) cert_name = "HelloWorldCertificate" # create_certificate returns a poller. Calling result() on the poller will return the certificate # if creation is successful, and the CertificateOperation if not. The wait() call on the poller will # wait until the long running operation is complete. certificate = client.create_certificate(name=cert_name, policy=cert_policy).result() print("Certificate with name '{0}' created".format(certificate.name)) # Let's get the bank certificate using its name print("\n.. Get a Certificate by name") bank_certificate = client.get_certificate_with_policy(name=cert_name) print("Certificate with name '{0}' was found'.".format( bank_certificate.name)) # After one year, the bank account is still active, and we have decided to update the tags. print("\n.. Update a Certificate by name") tags = {"a": "b"} updated_certificate = client.update_certificate(name=bank_certificate.name, tags=tags) print("Certificate with name '{0}' was updated on date '{1}'".format( bank_certificate.name, updated_certificate.updated)) print("Certificate with name '{0}' was updated with tags '{1}'".format( bank_certificate.name, updated_certificate.tags)) # The bank account was closed, need to delete its credentials from the Key Vault. print("\n.. Delete Certificate")