Azure Keyvault Integration
Overview
The Azure Keyvault Integration is used to retrieve secrets from Azure Keyvault secret to use in your tasks and automations. The integration also lets you create, get, and delete secrets in the Azure Keyvault secrets from Release.
Requirements
- Release: version 23.3.x and above
Installation
In this scenario, we have used gradle 6.0.1. See gradle/wrappter/gradle-wrapper.properties for the actual version.
Import the jar file into your %XLRELEASE_INSTALLATION%/plugins/xlr-official folder or from the Release web UI as a new plugin. Adding the plugin requires a server restart.
Usage
Set up Connection to Azure Keyvault
From the navigation pane, under Configuration, click Connections.
- Under Secrets Management connections, next to
Azure: Keyvault Server, click Add. - Select the authentication method,
Directory_Application_And_Service_PrincipalorActive_Directory_With_Username_And_Passwordfrom the dropdown. - If
Directory_Application_And_Service_Principalis selected, enter theSubscription Id,Tenant Id *,Client Id, andClient Key. - If
Active_Directory_With_Username_And_Passwordis selected, enter theUser Name,User Password, andTenant Id *. - If required, enter the proxy details.
- To test the connection, click Test.
- To save the configuration, click Save.
Azure Keyvault Tasks
The following tasks are available with the Azure Keyvault plugin:
- Set Secret
- Get Secret
- Delete Secret
Set Secret
This task lets you create a secret in Azure keyvault. The task takes in parameters like the secret name and secret value.
Get Secret
This task lets you retrieve a secret and store it in an output password variable which can be used in subsequent tasks.The task takes in the Secret name.
Delete Secret
This task lets you delete a secret from Azure keyvault. The task takes in the Secret name.
Lookup Secret
You can create a lookup variable in Release, to retrieve a secret value from the Azure keyvault in real time. Now, you can store it to be used in the Release tasks.
