зеркало из https://github.com/Azure/AzureKeyVault.git
72 строки
3.1 KiB
R
72 строки
3.1 KiB
R
% Generated by roxygen2: do not edit by hand
|
|
% Please edit documentation in R/vault_endpoint.R
|
|
\name{key_vault}
|
|
\alias{key_vault}
|
|
\title{Azure Key Vault client}
|
|
\usage{
|
|
key_vault(
|
|
url,
|
|
tenant = "common",
|
|
app = .az_cli_app_id,
|
|
...,
|
|
domain = "vault.azure.net",
|
|
as_managed_identity = FALSE,
|
|
token = NULL
|
|
)
|
|
}
|
|
\arguments{
|
|
\item{url}{The location of the vault. This can be a full URL, or the vault name alone; in the latter case, the \code{domain} argument is appended to obtain the URL.}
|
|
|
|
\item{tenant, app, }{Authentication arguments that will be passed to \code{\link[AzureAuth:get_azure_token]{AzureAuth::get_azure_token}}. The default is to authenticate interactively.}
|
|
|
|
\item{...}{Further arguments that will be passed to either \code{get_azure_token} or \code{\link[AzureAuth:get_azure_token]{AzureAuth::get_managed_token}}, depending on whether \code{as_managed_identity} is TRUE.}
|
|
|
|
\item{domain}{The domain of the vault; for the public Azure cloud, this is \code{vault.azure.net}. Also the resource for OAuth authentication.}
|
|
|
|
\item{as_managed_identity}{Whether to authenticate as a managed identity. Use this if your R session is taking place inside an Azure VM or container that has a system- or user-assigned managed identity assigned to it.}
|
|
|
|
\item{token}{An OAuth token obtained via \code{get_azure_token} or \code{get_managed_token}. If provided, this overrides the other authentication arguments.}
|
|
}
|
|
\description{
|
|
Azure Key Vault client
|
|
}
|
|
\details{
|
|
This function creates a new Key Vault client object. It includes the following component objects for working with data in the vault:
|
|
\itemize{
|
|
\item \code{keys}: A sub-object for working with encryption keys stored in the vault. See \link{keys}.
|
|
\item \code{secrets}: A sub-object for working with secrets stored in the vault. See \link{secrets}.
|
|
\item \code{certificates}: A sub-object for working with certificates stored in the vault. See \link{certificates}.
|
|
\item \code{storage}: A sub-object for working with storage accounts managed by the vault. See \link{storage}.
|
|
}
|
|
}
|
|
\examples{
|
|
\dontrun{
|
|
|
|
key_vault("mykeyvault")
|
|
key_vault("https://mykeyvault.vault.azure.net")
|
|
|
|
# authenticating as a service principal
|
|
key_vault("mykeyvault", tenant="myaadtenant", app="app_id", password="password")
|
|
|
|
# authenticating with an existing token
|
|
token <- AzureAuth::get_azure_token("https://vault.azure.net", "myaadtenant",
|
|
app="app_id", password="password")
|
|
key_vault("mykeyvault", token=token)
|
|
|
|
# authenticating with a system-assigned managed identity
|
|
key_vault("mykeyvault", as_managed_identity=TRUE)
|
|
|
|
# authenticating with a user-assigned managed identity:
|
|
# - supply one of the identity's object ID, client ID or resource ID
|
|
key_vault("mykeyvault", as_managed_identity=TRUE,
|
|
token_args=list(mi_res_id="/subscriptions/xxxx/resourceGroups/resgrpname/..."))
|
|
|
|
}
|
|
}
|
|
\seealso{
|
|
\code{\link{keys}}, \code{\link{secrets}}, \code{\link{certificates}}, \code{\link{storage}}
|
|
|
|
\href{https://docs.microsoft.com/en-us/azure/key-vault/}{Azure Key Vault documentation},
|
|
\href{https://docs.microsoft.com/en-us/rest/api/keyvault}{Azure Key Vault API reference}
|
|
}
|