16 строки
11 KiB
YAML
16 строки
11 KiB
YAML
### YamlMime:JavaPackage
|
|
uid: "com.azure.security.keyvault.secrets"
|
|
fullName: "com.azure.security.keyvault.secrets"
|
|
name: "com.azure.security.keyvault.secrets"
|
|
summary: "[Azure Key Vault][] is a cloud-based service provided by Microsoft Azure that allows users to store, manage, and access secrets, such as passwords, certificates, and other sensitive information, securely in the cloud.\n\n\n[Azure Key Vault]: https://learn.microsoft.com/azure/key-vault/general/"
|
|
classes:
|
|
- "com.azure.security.keyvault.secrets.SecretAsyncClient"
|
|
- "com.azure.security.keyvault.secrets.SecretClient"
|
|
- "com.azure.security.keyvault.secrets.SecretClientBuilder"
|
|
enums:
|
|
- "com.azure.security.keyvault.secrets.SecretServiceVersion"
|
|
desc: "[Azure Key Vault][] is a cloud-based service provided by Microsoft Azure that allows users to store, manage, and access secrets, such as passwords, certificates, and other sensitive information, securely in the cloud. The service provides a centralized and secure location for storing secrets, which can be accessed by authorized applications and users with appropriate permissions. Azure Key Vault Secrets offers several key features, including:\n\n * Secret management: It allows users to store, manage, and access secrets securely, and provides features such as versioning, backup, and restoration.\n * Access control: It offers [ role-based access control (RBAC)][role-based access control _RBAC] and enables users to grant specific permissions to access secrets to other users, applications, or services.\n * Integration with other Azure services: Azure Key Vault Secrets can be integrated with other Azure services, such as Azure App Service, Azure Functions, and Azure Virtual Machines, to simplify the process of securing sensitive information.\n * High availability and scalability: The service is designed to provide high availability and scalability, with the ability to handle large volumes of secrets and requests.\n\nThe Azure Key Vault Secrets client library allows developers to interact with the Azure Key Vault service from their applications. The library provides a set of APIs that enable developers to securely store, manage, and retrieve secrets in a key vault, and supports operations such as creating, updating, deleting, and retrieving secrets.\n\n**Key Concepts:**\n\nWhat is a Secret Client?\n\nThe secret client performs the interactions with the Azure Key Vault service for getting, setting, updating, deleting, and listing secrets and its versions. Asynchronous (SecretAsyncClient) and synchronous (SecretClient) clients exist in the SDK allowing for selection of a client based on an application's use case. Once you've initialized a secret, you can interact with the primary resource types in Key Vault.\n\nWhat is an Azure Key Vault Secret ?\n\nA secret is the fundamental resource within Azure Key Vault. From a developer's perspective, Key Vault APIs accept and return secret values as strings. In addition to the secret data, the following attributes may be specified:\n\n1. enabled: Specifies whether the secret data can be retrieved.\n2. notBefore: Identifies the time after which the secret will be active.\n3. expires: Identifies the expiration time on or after which the secret data should not be retrieved.\n4. created: Indicates when this version of the secret was created.\n5. updated: Indicates when this version of the secret was updated.\n\n## Getting Started ##\n\nIn order to interact with the Azure Key Vault service, you will need to create an instance of the <xref uid=\"com.azure.security.keyvault.secrets.SecretClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient\"></xref> or <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref> class, a vault url and a credential object.\n\nThe examples shown in this document use a credential object named DefaultAzureCredential for authentication, which is appropriate for most scenarios, including local development and production environments. Additionally, we recommend using a [ managed identity][managed identity] for authentication in production environments. You can find more information on different ways of authenticating and their corresponding credential types in the [ Azure Identity documentation\"][Azure Identity documentation].\n\n**Sample: Construct Synchronous Secret Client**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.security.keyvault.secrets.SecretClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient\"></xref>, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretClientBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClientBuilder\"></xref> to configure it.\n\n```java\nSecretClient secretClient = new SecretClientBuilder()\n .credential(new DefaultAzureCredentialBuilder().build())\n .vaultUrl(\"<your-key-vault-url>\")\n .buildClient();\n```\n\n**Sample: Construct Asynchronous Secret Client**\n\nThe following code sample demonstrates the creation of a <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref>, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretClientBuilder\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClientBuilder\"></xref> to configure it.\n\n```java\nSecretAsyncClient secretAsyncClient = new SecretClientBuilder()\n .credential(new DefaultAzureCredentialBuilder().build())\n .vaultUrl(\"<your-key-vault-url>\")\n .buildAsyncClient();\n```\n\n--------------------\n\n## Create a Secret ##\n\nThe <xref uid=\"com.azure.security.keyvault.secrets.SecretClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient\"></xref> or <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref> can be used to create a secret in the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously create and store a secret in the key vault, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretClient.setSecret(java.lang.String,java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient#setSecret(java.lang.String, java.lang.String)\"></xref> API.\n\n```java\nKeyVaultSecret secret = secretClient.setSecret(\"secretName\", \"secretValue\");\n System.out.printf(\"Secret is created with name %s and value %s%n\", secret.getName(), secret.getValue());\n```\n\n**Asynchronous Code Sample:**\n\nThe following code sample demonstrates how to asynchronously create and store a secret in the key vault, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref>.\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref>.\n\n--------------------\n\n## Get a Secret ##\n\nThe <xref uid=\"com.azure.security.keyvault.secrets.SecretClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient\"></xref> or <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref> can be used to retrieve a secret from the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously retrieve a previously stored secret from the key vault, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretClient.getSecret(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient#getSecret(java.lang.String)\"></xref> API.\n\n```java\nKeyVaultSecret secret = secretClient.getSecret(\"secretName\");\n System.out.printf(\"Secret is returned with name %s and value %s%n\",\n secret.getName(), secret.getValue());\n```\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref>.\n\n--------------------\n\n## Delete a Secret ##\n\nThe <xref uid=\"com.azure.security.keyvault.secrets.SecretClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient\"></xref> or <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref> can be used to delete a secret from the key vault.\n\n**Synchronous Code Sample:**\n\nThe following code sample demonstrates how to synchronously delete a secret from the key vault, using the <xref uid=\"com.azure.security.keyvault.secrets.SecretClient.beginDeleteSecret(java.lang.String)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretClient#beginDeleteSecret(java.lang.String)\"></xref> API.\n\n```java\nSyncPoller<DeletedSecret, Void> deleteSecretPoller = secretClient.beginDeleteSecret(\"secretName\");\n\n // Deleted Secret is accessible as soon as polling begins.\n PollResponse<DeletedSecret> deleteSecretPollResponse = deleteSecretPoller.poll();\n\n // Deletion date only works for a SoftDelete-enabled Key Vault.\n System.out.println(\"Deleted Date %s\" + deleteSecretPollResponse.getValue()\n .getDeletedOn().toString());\n System.out.printf(\"Deleted Secret's Recovery Id %s\", deleteSecretPollResponse.getValue()\n .getRecoveryId());\n\n // Secret is being deleted on server.\n deleteSecretPoller.waitForCompletion();\n```\n\n**Note:** For the asynchronous sample, refer to <xref uid=\"com.azure.security.keyvault.secrets.SecretAsyncClient\" data-throw-if-not-resolved=\"false\" data-raw-source=\"com.azure.security.keyvault.secrets.SecretAsyncClient\"></xref>.\n\n\n[Azure Key Vault]: https://learn.microsoft.com/azure/key-vault/general/\n[role-based access control _RBAC]: https://learn.microsoft.com/azure/key-vault/general/rbac-guide?tabs=azure-cli\n[managed identity]: https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/\n[Azure Identity documentation]: https://learn.microsoft.com/java/api/overview/azure/identity-readme?view=azure-java-stable"
|
|
metadata: {}
|
|
package: "com.azure.security.keyvault.secrets"
|
|
artifact: com.azure:azure-security-keyvault-secrets:4.8.6
|