Reputation: 83
KustoConnectionStringBuilder.with_aad_application_certificate_authentication in Synapse notebook
I am trying to use app with certificate for authentication in KustoConnectionStringBuilder, the certificate is saved in a KeyVault, as I found from the examples in github is required to download the PEM file as shown in the code below:
filename = "path to a PEM certificate"
with open(filename, "r") as pem_file:
PEM = pem_file.read()
thumbprint = "certificate's thumbprint"
kcsb = KustoConnectionStringBuilder.with_aad_application_certificate_authentication(cluster, client_id, PEM, thumbprint, authority_id)
Could someone point me in how to properly retrieve the certificate from the KeyVault in Synapse, I tried using DefaultAzureCredentials and looks is not supported in Synapse, is there any way to retrieve the cer file using linked service of the KeyVault?
Upvotes: 0
Views: 316
Answers (1)
Reputation: 5317
DefaultAzureCredentials and looks are not supported in Synapse. Is there any way to retrieve the .cer file using a linked service of the KeyVault?
You can follow the procedure below to retrieve a certificate from the key vault:
- Create a service principal, create a secret, save
TenantId,ClientId, andSecretvalues. Add the Key Vault Administrator role in the key vault to the service principal by selecting IAM and clicking on Add and selectAdd role assignment.
- Select the Key Vault Administrator role and go to the next step. Select the
user or groupoption and click on theselect memberoption. Select the SPN and click on theReview + Assignoption.
- Use the code below to get the details of the certificate in a Synapse notebook:
from azure.identity import ClientSecretCredential
from azure.keyvault.certificates import CertificateClient
credential = ClientSecretCredential("<tenant_id>", "<client_id>", "<client_secret>")
certificate_client = CertificateClient(vault_url="https://<keyVaultName>.vault.azure.net/", credential=credential)
certificate = certificate_client.get_certificate("<certificateName>")
print(certificate.name)
print(certificate.properties.version)
print(certificate.policy.issuer_name)
This will retrieve the details successfully, as shown below:
For more information, you can refer to this.
Upvotes: 0
Related Questions
- How do I increase the cell width of the Jupyter/ipython notebook in my browser?
- What is the difference between Jupyter Notebook and JupyterLab?
- Access the cell outputs from a synapse notebook using a (python) synapse api
- Azure Synapse error- unable to open data file from ADLSGen2
- Synapse Notebook reference - Call Synapse notebook from another with parameters
- Synapse Notebook reference - Call Synapse pipeline from Notebook
- Synapse notebook - reference to unpublished notebook
- How to make IPython notebook matplotlib plot inline