msticpy.auth.keyvault_settings module
Keyvault client settings.
- class msticpy.auth.keyvault_settings.KeyVaultSettings
Bases:
object
KeyVaultSettings class - reads settings from msticpyconfig.
Notes
The KeyVault section in msticpyconfig.yaml can contain the following:
KeyVault: TenantId: {tenantid-to-use-for-authentication} SubscriptionId: {subscriptionid-containing-vault} ResourceGroup: {resource-group-containing-vault} AzureRegion: {region-for-vault} VaultName: {vault-name} UseKeyring: True Authority: global
SubscriptionId, ResourceGroup and AzureRegion are only used when creating new vaults. UseKeyring instructs the SecretsClient to cache Keyvault secrets locally using Python keyring. Authority is one of ‘global’, ‘usgov’, ‘de’, ‘cn’ Alternatively, you can specify AuthorityURI with the value pointing to the URI for logon requests.
Initialize new instance of KeyVault Settings.
- Raises
MsticpyKeyVaultConfigError – If no Key Vault settings are found in msticpyconfig.yaml.
- AAD_AUTHORITIES = {'cn': msrestazure.azure_cloud.AZURE_CHINA_CLOUD.endpoints.active_directory, 'de': msrestazure.azure_cloud.AZURE_GERMAN_CLOUD.endpoints.active_directory, 'global': msrestazure.azure_cloud.AZURE_PUBLIC_CLOUD.endpoints.active_directory, 'usgov': msrestazure.azure_cloud.AZURE_US_GOV_CLOUD.endpoints.active_directory}
- CLIENT_ID = '04b07795-8ddb-461a-bbee-02f9e1bf7b46'
- KV_SUFFIXES = {'cn': msrestazure.azure_cloud.AZURE_CHINA_CLOUD.suffixes.keyvault_dns, 'de': msrestazure.azure_cloud.AZURE_GERMAN_CLOUD.suffixes.keyvault_dns, 'global': msrestazure.azure_cloud.AZURE_PUBLIC_CLOUD.suffixes.keyvault_dns, 'usgov': msrestazure.azure_cloud.AZURE_US_GOV_CLOUD.suffixes.keyvault_dns}
- KV_URIS = {'cn': 'https://{vault}msrestazure.azure_cloud.AZURE_CHINA_CLOUD.suffixes.keyvault_dns', 'de': 'https://{vault}msrestazure.azure_cloud.AZURE_GERMAN_CLOUD.suffixes.keyvault_dns', 'global': 'https://{vault}msrestazure.azure_cloud.AZURE_PUBLIC_CLOUD.suffixes.keyvault_dns', 'usgov': 'https://{vault}msrestazure.azure_cloud.AZURE_US_GOV_CLOUD.suffixes.keyvault_dns'}
- RES_MGMT_URIS = {'cn': msrestazure.azure_cloud.AZURE_CHINA_CLOUD.endpoints.resource_manager, 'de': msrestazure.azure_cloud.AZURE_GERMAN_CLOUD.endpoints.resource_manager, 'global': msrestazure.azure_cloud.AZURE_PUBLIC_CLOUD.endpoints.resource_manager, 'usgov': msrestazure.azure_cloud.AZURE_US_GOV_CLOUD.endpoints.resource_manager}
- get_tenant_authority_host(authority_uri: Optional[str] = None, tenant: Optional[str] = None) str
Return tenant authority URI with no leading scheme.
- Parameters
- Returns
Tenant Authority
- Return type
- Raises
KeyVaultConfigException – If tenant is not defined.