Azure Key Vault to store secrets - bitbucket pipelines

Susana Abrantes March 20, 2023

In our project we need to store secrets in Azure Key Vault and use them in bitbucket pipelines. Is it possible to do it?

I can not find anything about that.

Thanks for helping.

1 answer

1 vote
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 21, 2023

Hello @Susana Abrantes ,

Welcome to the Community!

Once your credentials are stored in the Azure Key Vault, you can fetch them in your bitbucket pipeline by using the Azure CLI run pipe. This is a pipe developed by Microsoft that enables you to run the commands available in the Azure CLI in your Azure instance. 

Since the Azure CLI provides the functionality to Retrieve a secret from the Key Vault , you can leverage that in your pipeline build.

The example below illustrates how to configure a  step to use the Azure CLI run pipe to fetch a secret from your Key Vault : 

script:
- echo "Using Azure-cli-run pipe"
  - pipe: microsoft/azure-cli-run:1.1.0
    variables:
      AZURE_APP_ID: $AZURE_APP_ID
      AZURE_PASSWORD: $AZURE_PASSWORD
      AZURE_TENANT_ID: $AZURE_TENANT_ID
      CLI_COMMAND: 'az keyvault secret show --name "ExamplePassword" --vault-name "<your-unique-keyvault-name>" --query "value"'

Please note that the variables need to be configured with the corresponding values of your Azure instance. For more details on what each of the pipe variables means, you can refer to the pipe's official documentation: Azure CLI run pipe.

Thank you, @Susana Abrantes !

Patrik S

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events