The Azure Code Samples are currently available in English

Managing storage account keys in Azure Key Vault using the Azure Python SDK

Scott Schaab 提供
在 GitHub 上编辑

This Sample repo includes sample code demonstrating common mechanism for managing storage account keys using Key Vault.

Samples in this repo

    • add_storage_account -- Creates a storage account then adds the storage account to the vault to manage its keys.
    • update_storage_account -- Updates a storage account in the vault.
    • regenerate_storage_account_key -- Regenerates a key of a storage account managed by the vault.
    • get_storage_accounts -- Lists the storage accounts in the vault, and gets each.
    • delete_storage_account -- Deletes a storage account from a vault.
    • create_account_sas_definition -- Creates an account sas definition, to manage storage account and its entities.
    • create_blob_sas_defintion -- Creates a service SAS definition with access to a blob container.
    • get_sas_definitions -- List the sas definitions for the storage account, and get each.

Running The samples

  1. If you don't already have it, install Python.

  2. We recommend using a virtual environment to run this example, but it's not mandatory. You can initialize a virtual environment this way:

    pip install virtualenv
    virtualenv mytestenv
    cd mytestenv
    source bin/activate
  3. Clone the repository.

    git clone
  4. Install the dependencies using pip.

    cd key-vault-python-storage-accounts
    pip install -r requirements.txt
  5. Create an Azure service principal, using Azure CLI, PowerShell or Azure Portal.

  6. Export these environment variables into your current shell.

    export AZURE_TENANT_ID={your tenant id}
    export AZURE_SUBSCRIPTION_ID={your subscription id}
    export AZURE_CLIENT_ID={your service principal AppID}
    export AZURE_CLIENT_OID={your service principal OID}
    export AZURE_CLIENT_SECRET={your service principal secret}
  7. Run the samples, optionally specifying a space delimited list of specific samples to run.


Note## Certain portions of this sample require authenticated user to execute. For this reason the sample will prompt

the user to authenticate with a device code. For more details see in-line comments in

Minimum Requirements

Python 2.7, 3.3, or 3.4. To install Python, please go to

More information

  • What is Key Vault? -
  • Get started with Azure Key Vault -
  • Azure Key Vault General Documentation -
  • Azure Key Vault REST API Reference -
  • Azure SDK for Python Documentation -
  • Azure Active Directory Documenation -


This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.