我已成功将秘密集成到 httptrigger 中。我需要检索并解析 python 代码中的秘密。
以下代码返回保管库 ID,而不是秘密。
Http触发
import logging
import os
import azure.functions as func
def main(req: func.HttpRequest) -> func.HttpResponse:
logging.info('Python HTTP trigger function processed a request.')
test = os.environ["testkeyvault"]
return func.HttpResponse(
"This" + test,
status_code=200
)
本地.settings.json
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage": "",
"FUNCTIONS_WORKER_RUNTIME": "python",
"testkeyvault": "@Microsoft.KeyVault(SecretUri=https://jjjjj.vault.azure.net/secrets/AzureAuthUrl/xxxxxx)"
}
}
函数.json
{
"scriptFile": "__init__.py",
"bindings": [
{
"authLevel": "anonymous",
"type": "httpTrigger",
"direction": "in",
"name": "req",
"methods": [
"get",
"post"
]
},
{
"type": "http",
"direction": "out",
"name": "$return"
}
]
}
对于这个问题,我在我这边测试了一下。你只需要把你的函数部署到azure上,然后它就可以正常工作了。如果您在本地运行函数,它无法获取密钥保管库。
After you deploy the function to azure, you also need to add it to application settings of your function app.
Also do not forget enable the "Identity" of your function app.
And then add access policy in keyvault to to allow your function can access the keyvault.
By the way, it seems all of your steps are correct. So please notice all of the steps above will get the value of secret stored in my keyvault show as below screenshot.
So please check if you misunderstood the feature of get keyvault in azure function.