1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# coding=utf-8
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# Code generated by Microsoft (R) AutoRest Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------
from azure.identity import DefaultAzureCredential
from azure.mgmt.keyvault import KeyVaultManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-keyvault
# USAGE
python update_access_policies_add.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = KeyVaultManagementClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.vaults.update_access_policy(
resource_group_name="sample-group",
vault_name="sample-vault",
operation_kind="add",
parameters={
"properties": {
"accessPolicies": [
{
"objectId": "00000000-0000-0000-0000-000000000000",
"permissions": {"certificates": ["get"], "keys": ["encrypt"], "secrets": ["get"]},
"tenantId": "00000000-0000-0000-0000-000000000000",
}
]
}
},
)
print(response)
# x-ms-original-file: specification/keyvault/resource-manager/Microsoft.KeyVault/stable/2024-11-01/examples/updateAccessPoliciesAdd.json
if __name__ == "__main__":
main()
|
