Feature / Enhancement proposed
In Databricks when you pull a secret from the key store using dbutils.secrets it will allow the secret to be used for authentication to third party apps. It will not allow them to be logged/printed/dumped in traces.
base_url = dbutils.secrets.get(scope = "keyvault-dlake", key = "kv-xxxxx-Base-Url")
type(base_url)
print(base_url)
returns:
[REDACTED]
I'd like this for the python API delinea.secrets.server, as the returned object is plain text and I can log/print/find it in traces.
sample code:
from delinea.secrets.server import PasswordGrantAuthorizer
from delinea.secrets.server import SecretServer
from pydantic import SecretStr
base_url = https://xxxxxxxx.secretservercloud.com/
client_id = "myuser"
client_secret = "xxxxxxxxxxx"
authorizer = PasswordGrantAuthorizer(
base_url=base_url,
username=client_id,
password=client_secret
)
secret_server = SecretServer(
base_url=base_url,
authorizer=authorizer
)
secret_name = "/Datatech/Dev/XYZ"
search_results = secret_server.get_secret_by_path(secret_name)
print(search_results)
search_results = SecretStr(search_results)
for field in search_results.get_secret_value().get("items", []):
match field.get("fieldName"):
case "URL":
url = field.get("itemValue")
print(f'url: {field.get("itemValue")}')
case "Username":
user_name = field.get("itemValue")
print(f'user: {field.get("itemValue")}')
case "Password":
print(f'pwd: {field.get("itemValue")}')
pwd = SecretStr(field.get("itemValue"))
Workarounds
Can you achieve the same result doing it in an alternative way?
not 100%, but could use from pydantic
Has the feature been requested before?
Don't know
If the feature request is approved, would you be willing to submit a PR?
Would try, never done that before
[x] Yes [] No
Feature / Enhancement proposed
In Databricks when you pull a secret from the key store using dbutils.secrets it will allow the secret to be used for authentication to third party apps. It will not allow them to be logged/printed/dumped in traces.
base_url = dbutils.secrets.get(scope = "keyvault-dlake", key = "kv-xxxxx-Base-Url")
type(base_url)
print(base_url)
returns:
[REDACTED]
I'd like this for the python API delinea.secrets.server, as the returned object is plain text and I can log/print/find it in traces.
sample code:
from delinea.secrets.server import PasswordGrantAuthorizer
from delinea.secrets.server import SecretServer
from pydantic import SecretStr
base_url = https://xxxxxxxx.secretservercloud.com/
client_id = "myuser"
client_secret = "xxxxxxxxxxx"
authorizer = PasswordGrantAuthorizer(
base_url=base_url,
username=client_id,
password=client_secret
)
secret_server = SecretServer(
base_url=base_url,
authorizer=authorizer
)
secret_name = "/Datatech/Dev/XYZ"
search_results = secret_server.get_secret_by_path(secret_name)
print(search_results)
search_results = SecretStr(search_results)
for field in search_results.get_secret_value().get("items", []):
match field.get("fieldName"):
case "URL":
url = field.get("itemValue")
print(f'url: {field.get("itemValue")}')
case "Username":
user_name = field.get("itemValue")
print(f'user: {field.get("itemValue")}')
case "Password":
print(f'pwd: {field.get("itemValue")}')
pwd = SecretStr(field.get("itemValue"))
Workarounds
Can you achieve the same result doing it in an alternative way?
not 100%, but could use from pydantic
Has the feature been requested before?
Don't know
If the feature request is approved, would you be willing to submit a PR?
Would try, never done that before
[x] Yes [] No