class Chef::SecretFetcher::AzureKeyVault

Chef::SecretFetcher::AzureKeyVault

A fetcher that fetches a secret from Azure Key Vault. Supports fetching with version.

In this initial iteration this authenticates via token obtained from the OAuth2 /token endpoint.

Validation of required configuration (vault name) is not performed until ‘fetch` time, to allow for embedding the vault name in with the secret name, such as “my_vault/secretkey1”.

@example

fetcher = SecretFetcher.for_service(:azure_key_vault, { vault: “my_vault” }, run_context) fetcher.fetch(“secretkey1”, “v1”)

@example

fetcher = SecretFetcher.for_service(:azure_key_vault, {}, run_context) fetcher.fetch(“my_vault/secretkey1”, “v1”)

@example

fetcher = SecretFetcher.for_service(:azure_key_vault, { client_id: “540d76b6-7f76-456c-b68b-ccae4dc9d99d” }, run_context) fetcher.fetch(“my_vault/secretkey1”, “v1”)