This connector allows the easy integration with Azure Key Vault. All operations use the Azure Key Vault REST API being invoked with a HTTP Client.
- Fixed microsoft-trust.jks to be valid - Issue 23
- Added explicit connection validation before call - Issue 27
Retrieves the specified secret.
Link to official documentation. Azure - Get Secret
Retrieves the public portion of a stored key.
Link to official documentation. Azure - Get Key
This operation retrieves data about a specific certificate.
Link to official documentation. Azure - Get Certificate
This operation encrypts the value of a key provided. Link to official documentation. Azure - Encrypt
This operation decrypts the value of a key provided. Link to official documentation. Azure -Decrypt
Add this dependency to your application pom.xml
<groupId>com.avioconsulting.mule.connector</groupId>
<artifactId>mule-azure-key-vault-connector</artifactId>
<version>1.1.0</version>
<classifier>mule-plugin</classifier>
Sample calls to the key vault. The secretName/keyName/certificateName attribute's are appropriate name of the secret/key/certificate.
<akv:get-secret config-ref="config" secretName="test-secret"/>
<akv:get-key config-ref="config" keyName="test-key"/>
<akv:get-certificate config-ref="config" certificateName="test-certificate"/>
| Parameter | Sample | Description |
|---|---|---|
| Azure OAuth Base URI | https://login.microsoftonline.com/ | The base url of the login server. |
| Azure Tenant Id | xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx |
The Tenant ID of the Azure account. |
| Service account client id | xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx |
The account client id. |
| Service account client secret | password1 |
The account client secret. |
| Timeout for API calls | 15000 | Defaults to 30000 (30 seconds) |
To find the above configuration values,
- Login to the Azure Portal Account https://portal.azure.com/#home
- Go to App Registrations under the Azure services where you can see the list of Apps registered.
- Select the required App and click on the overview tab on the left to get the
ClientIdandTenentId - To get the ClientSecret, navigate to home, search for key vault under Azure services, select the Key and go to secrets tab on the left
- On the same page, go to overview tab to find the Azure key host name (Shown as DNS Name)
To run the test cases, use mvn clean test -Dazure.client.id=xxxxxxxxxxxxx -Dazure.client.secret=xxxxxxxxxxxxx -Dazure.tenant.id=xxxxxxxxxxxxx -Dazure.vault.name=xxxxxxxxxxxxx
- replace the
-Dazure.client.id,-Dazure.client.secret-Dazure.tenant.idand-Dazure.vault.namewith correct values before running the command.
The Mule Azure Key Connector can be deployed to an Exchange with a few small modifications.
Shamelessly stolen from Manik Mager's blog post
- Update the connector pom.xml file
- Change the
groupIdvalue to the Organization Id- (Id found in Anypoint -> Access Management -> Organization -> You're Org)
<modelVersion>4.0.0</modelVersion> <groupId>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</groupId> <artifactId>mule-azure-key-vault-connector</artifactId> <version>1.1.0</version> <packaging>mule-extension</packaging> <name>Akv Extension</name> - Update
distributionManagementto point to the Exchange Repository (Uncomment these lines)<distributionManagement> <snapshotRepository> <id>exchange-repository</id> <name>Exchange Repository</name> <url>https://maven.anypoint.mulesoft.com/api/v1/organizations/${pom.groupId}/maven</url> <layout>default</layout> </snapshotRepository> <repository> <id>exchange-repository</id> <name>Exchange Repository</name> <url>https://maven.anypoint.mulesoft.com/api/v1/organizations/${pom.groupId}/maven</url> <layout>default</layout> </repository> </distributionManagement>
- Change the
- Configure your
~/.m2/settings.xmlfile with your Exchange credentials<servers> <server> <id>exchange-repository</id> <username>USERNAME</username> <password>PASSWORD</password> </server> </servers> - Execute
mvn deployto publish to Exchange
Enjoy!