To use secrets in YAML files (e.g. in data integration pipelines):

  1. Add the following keys and values to your environment variables so that Mage can access the Azure Key Vault:

    1. AZURE_KEY_VAULT_URL: The Azure Key Vault URI.
    2. AZURE_CLIENT_ID: Azure Active Directory client ID.
    3. AZURE_CLIENT_SECRET: Azure Active Directy client secret.
    4. AZURE_TENANT_ID: Azure Active Directory tenant ID.
  2. Store a secret in Azure Key Vault.

  3. Use the following syntax in your YAML file to interpolate secret values from Azure Key Vault:

    "{{ azure_secret_var('secret_name') }}"

    For example:

    api_key: "{{ azure_secret_var('API_KEY') }}"
    access_token: "{{ azure_secret_var('ACCESS_TOKEN') }}"


Here is the example python code to get secrets from Azure Key Vault:

from mage_ai.services.azure.key_vault.key_vault import get_secret