Search code examples
pythonazureazure-devopsssh-keys

How do we list all SSH keys against an Azure subscription from Python SDK?

Not sure how do we create NewEnvironmentCredential from client_id, client_secret and tenant_id.

I have done same thing for GO, but not able to do it in python:

func GetAzureKeyPairsAgainstRegion(ctx context.Context, resourceGroup string, azureCredentials AccountCredentials) ([]mcloudintegration.KeyPairDetail, error) {

logger.GetLogger().Info("Get Azure key pairs activity started.")
cred, _ := NewEnvironmentCredential(ctx, azureCredentials)
sshKeysClient := armcompute.NewSSHPublicKeysClient(azureCredentials.SubscriptionID, cred, nil)
pager := sshKeysClient.ListByResourceGroup(resourceGroup, nil)

var sshKeys []*armcompute.SSHPublicKeyResource
for {
    nextResult := pager.NextPage(ctx)
    if err := pager.Err(); err != nil {
        return nil, errors.Wrap(err, "failed to advance page.")
    }
    if !nextResult {
        break
    }
    sshKeys = append(sshKeys, pager.PageResponse().Value...)
}
var KeyPairs []mcloudintegration.KeyPairDetail
for _, sshKey := range sshKeys {
    KeyPairs = append(KeyPairs, mcloudintegration.KeyPairDetail{
        KeyName:  *sshKey.Name,
        KeyValue: *sshKey.Properties.PublicKey,
    })
}
return KeyPairs, nil
Solution

  • I was able to get keys in the following way:

    def get_key_pairs(azure_account_details, resource_group):
  try:
    logger.debug(f"getting azure key pairs for resource group : {resource_group}")

    # Authenticates as a service principal using a client secret
    credential = ClientSecretCredential(
        azure_account_details.get("tenant_id"),
        azure_account_details.get("client_id"),
        azure_account_details.get("client_secret"),
    )

    resource_client = ComputeManagementClient(
        credential, azure_account_details.get("subscription_id")
    )

    # Lists all SSH public keys in the specified resource group.
    ssh_keys = resource_client.ssh_public_keys.list_by_resource_group(
        resource_group_name=resource_group
    )

    key_pairs = []

    for ssh_key in ssh_keys:
        key_name = ssh_key.name
        key_value = ssh_key.public_key
        key = {"key_name": key_name, "key_value": key_value}
        key_pairs.append(key)

    logger.debug(f"azure key pairs : {key_pairs}")
    return key_pairs

except Exception as error:
    logger.error("Error occurred during getting azure key pairs: " + str(error))
    return []