Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
MonikaK23
New Member

Need help in accessing key vault secrets from fabric notebooks

My Fabric is capacity is not created in azure subscription and its created in PowerBI workspace and its indenpendent. Because of this I am not able to add Fabric in Access policies of keyvaults. I am trying to access the keyvault from fabric notebook using below code. My keyvault is configured to "Allow public access from specific virtual networks and IP addresses". So its throwing the firewall issue. There is a service principal created for secret. I have tried providing access to service principal in IAM and access policies. But still not working. Can you please help.

 

from trident_token_library_wrapper \ import PyTridentTokenLibrary as tl

#2 key_vault_name = '<unique-keyvault-name>' key_name = "AHV-name" # key name added to vault

# 3 access_token = mssparkutils.credentials.getToken("keyvault")

# 4 ai_services_key = tl.get_secret_with_token( \ f"https://{key_vault_name}.vault.azure.net/", \ key_name, \ access_token)

9 REPLIES 9
krishn
Helper I
Helper I

can please share if there any document or detailed steps accessing Key Vault secrest in Microsoft Fabric. We are pretry new to Microsoft Fabric and need to set it up configurig rest api data puls.

IntoNumbers
New Member

I have the same issue since today.

I'm using notebookutils.mssparkutils.credentials import getSecret and until yesterday everything worked just fine for weeks.

 

BR IntoNumbers 

HimanshuS-msft
Community Support
Community Support

Hello @MonikaK23 

The challenge  here is that the firewall expects the IP to be whitelisted and then you only you can use the code to retrieve the secret . 
You can get the IP of the cluster by doing this . 

 

from notebookutils.mssparkutils.credentials import getSecret
import requests
res = requests.get("http://checkip.dyndns.com")
print(res.text)

 

and once you whitelist the IP , it will work fine , I did tested the same . 

 

HimanshuSmsft_0-1709065687701.png

 

 

Thanks 
Himanshu

Hi @HimanshuS-msft ,

IP is not static and everytime the IP address is changing. When I am running the notebook alone after whitelisting the IP its working fine, but when triggering the pipeline it starts a new session and IP address is different. Whtelisting the IP is not working.

Error details :

An error occurred while calling o4363.getSecretWithToken. : java.io.IOException: 403 {"error":{"code":"Forbidden","message":"Client address is not authorized and caller is not a trusted service.\r\nClient address: ###.###.###.##

puneetvijwani
Resolver IV
Resolver IV

@MonikaK23  Have you tried below approach , let me know if its working or not

from notebookutils.mssparkutils.credentials import getSecret

keyvault_url = "https://keyvaultname.vault.azure.net/"
secret_name_in_notebook = getSecret(keyvault_url, "secretnameinkeyvault")




I am still getting the same error

Hi @MonikaK23 

Apologies for the issue you have been facing.

I would suggest you to create a support ticket. This is the most direct way to get official assistance and specific insights into your situation. The support team can access detailed logs and metrics to pinpoint the issue and suggest solutions.

Please go ahead and raise a support ticket to reach our support team: Link 

After creating a Support ticket please provide the ticket number as it would help us to track for more information.

Thanks.

Hi @egons11 

We haven’t heard from you on the last response and was just checking back to see if you got a chance to create a support ticket. If yes please provide the details here. Otherwise, will respond back with the more details and we will try to help.
Thanks

v-nikhilan-msft
Community Support
Community Support

Hi @MonikaK23 
Thanks for using Fabric Community.
Can you please share the steps you have followed or any screenshot of the error? This information would help to guide you better.
Thanks.

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

March 2024  FBC Gallery Image

Fabric Monthly Update - March 2024

Check out the March 2024 Fabric update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

Top Kudoed Authors