powerful-printer-57241
08/25/2023, 2:38 PMazure-native:clientId
and azure-native:clientSecret
properties in the stack YAML to authenticate against Azure.
Now, in the same code that is executed by Pulumi, we would like to access Azure Key Vault using the Microsoft SDK. However, just providing new DefaultAzureCredential()
to the Key Vault client does not work.
Is there a way to authenticate to Key Vault using the same identity that's defined by the azure-native:clientId
and azure-native:clientSecret
variables?melodic-tomato-39005
08/25/2023, 2:46 PMDefaultAzureCredential
will work if you set the client id and secret as environment variables as described here.
Maybe easier and more predictable would be to use the desired auth method directly, in form of ClientSecretCredential. You’d pass your id and secret into the constructor.powerful-printer-57241
08/25/2023, 2:48 PMmelodic-tomato-39005
08/25/2023, 2:49 PMpowerful-printer-57241
08/25/2023, 3:00 PMazure-native
-prefixed secret variables.melodic-tomato-39005
08/25/2023, 3:04 PMTo access a namespaced configuration value, such as one set for a provider library like, you must pass the library’s name to the constructor. For example, to retrieve the configured value of `aws:region`:aws
```var awsConfig = new Pulumi.Config("aws");
var awsRegion = awsConfig.Require("region");```Or are you saying it’s an issue specifically with config values marked as secret? I’m not aware of any limitations here, other than that they are returned as
Output
instances.powerful-printer-57241
08/25/2023, 3:05 PM