Managing network access to a key vault using the Azure Python SDK

Last updated: 6/29/2018
Edit on GitHub

This Sample repo includes sample code that demonstrates managing network access to a key vault through VNET and IP ACLs using the Azure Python SDK.

Samples in this repo

    • create_vault_with_network --Creates a key vault with network access limited by a NetworkRuleSet

Running The samples

  1. If you don't already have it, install Python.

  2. We recommend using a virtual environment to run this example, but it's not mandatory. You can initialize a virtual environment this way:

    pip install virtualenv
    virtualenv mytestenv
    cd mytestenv
    source bin/activate
  3. Clone the repository.

    git clone
  4. Install the dependencies using pip.

    cd key-vault-python-network-acl
    pip install -r requirements.txt
  5. Create an Azure service principal, using Azure CLI, PowerShell or Azure Portal.

  6. Export these environment variables into your current shell.

    on Linux and Mac export AZURE_TENANT_ID={your tenant id} export AZURE_CLIENT_ID={your service principal AppID} export AZURE_CLIENT_OID={your service principal OID} export AZURE_CLIENT_SECRET={your application key} export AZURE_SUBSCRIPTION_ID={your subscription id}

    on Windows set AZURE_TENANT_ID={your tenant id} set AZURE_CLIENT_ID={your service principal AppID} set AZURE_CLIENT_OID={your service principal OID} set AZURE_CLIENT_SECRET={your application key} set AZURE_SUBSCRIPTION_ID={your subscription id}

  7. Run the samples, optionally specifying a space delimited list of specific samples to run.


Minimum Requirements

Python 2.7, 3.3, or 3.4. To install Python, please go to

More information

  • What is Key Vault? -
  • Get started with Azure Key Vault -
  • Azure Key Vault General Documentation -
  • Azure Key Vault REST API Reference -
  • Azure SDK for Python Documentation -
  • Azure Active Directory Documenation -


This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.