How to read secrets from AKV and access an API using those secrets in Azure Synapse Notebooks ?

Sravan Kumar Sumala (Tata Consultancy Services) 0 Reputation points Microsoft Vendor
2024-11-18T17:51:17.6866667+00:00

I have a usecase to be able to read secrets from an AKV in another subscription and use them to get data from an API in the same subscription.

  1. I have created a linked Service for Azure Key Vault in Synapse Analytics that has the secrets for API Access.
  2. Help Required: Need guidance on using the AKV Linked Service to get data from the API in Synapse Analytics.
Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
5,061 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ganesh Gurram 1,920 Reputation points Microsoft Vendor
    2024-11-18T19:50:59.3433333+00:00

    @Sravan Kumar Sumala (Tata Consultancy Services) - Thanks for the question and using MS Q&A forum.
    To achieve the use case of reading secrets from an Azure Key Vault (AKV) in another subscription and using those secrets to get data from an API in the same subscription within Azure Synapse Notebooks, follow these detailed steps:

    1. Create a Linked Service for Azure Key Vault:

    First, create a linked service in Azure Synapse Analytics to connect to the Azure Key Vault.

    • Navigate to the Synapse Studio.
    • Go to the "Manage" tab.
    • Click on "Linked services" and then "New".
    • Select "Azure Key Vault".
    • Provide the necessary details to connect to your Key Vault, including the Key Vault URL and authentication method.
    1. Retrieve Secrets from Azure Key Vault in Synapse Notebook:

    You can use the Azure SDK for Python to retrieve secrets from the Azure Key Vault. Here's how to do it:

    1. Install Azure SDK Libraries: If the libraries are not already installed, you can install them using pip.
         !pip install azure-identity azure-keyvault-secrets
      
    2. Retrieve Secrets: Use the Azure SDK to authenticate and retrieve the secrets from the Key Vault.
         from azure.identity import DefaultAzureCredential from azure.keyvault.secrets import SecretClient # Replace with your Key Vault name and URL key_vault_name = "your-key-vault-name" key_vault_url = f"https://{key_vault_name}.vault.azure.net/" # Authenticate using DefaultAzureCredential credential = DefaultAzureCredential() client = SecretClient(vault_url=key_vault_url, credential=credential) # Retrieve the secret secret_name = "your-secret-name" retrieved_secret = client.get_secret(secret_name) # Extract the secret value api_key = retrieved_secret.value
      
    3. Use the Secret to Access the API:

    Now that you have retrieved the secret (API key), you can use it to access the API.

    1. Make an API Request: Use the requests library to make an HTTP request to the API.
         import requests # Replace with your API endpoint api_url = "https://api.example.com/data" # Set up the headers with the API key headers = { "Authorization": f"Bearer {api_key}" } # Make a GET request to the API response = requests.get(api_url, headers=headers) # Check if the request was successful if response.status_code == 200: data = response.json() print(data) else: print(f"Failed to fetch data. Status code: {response.status_code}")
      
    2. Process the API Response: You can process the response data as needed within your Synapse Notebook. For example, you can load the data into a Pandas DataFrame for further analysis.
         import pandas as pd # Convert the response JSON to a Pandas DataFrame df = pd.DataFrame(data) # Display the DataFrame display(df)
      
      Hope this helps. Do let us know if you have any further queries.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.