In this video I show you how to set a secret key in Azure Key Vault that will contain a storage account key that will allow Databricks access to the blob in that storage account. This will be done using secrets which only the Administrator will have access; yet the developer of the code will be able to refer to the secret name only and not the actual key value. Below I have listed the steps I walk through in the video.
( [ Ссылка ] )

1. Figure value you want as secret
2. Go to KeyVault and create the secret
3. Go to KeyVault properties for the respective Key Vault and copy the:
a. Vault URI (save to notepad)
b. Resource ID (save to notepad)
4. Go to Create Secret Scope in Databricks
a. Use this pattern: [ Ссылка ] (save to notepad, case sensitive ...-- must have capital S in Scope word)
b. On Overview screen of DataBricks Workspace copy URL (save to notepad)
c. Replace [ Ссылка ]" from (a) with URL from (b) and save entire pattern
d. Place pattern (c) into browser and press enter and you should be in Azure Databricks
- Create Secret Scope
5. Create a Secret Scope
a. Enter scope name and make sure to save in notepad
b. Under Azure Key Vault section: enter DNS Name: (enter value from 3a above)
c. Under Azure Key Vault section: enter Resource ID: (enter value from 3b above)
d. Press Create Button (you will not be able to list scopes; except from CLI)
6. Call secret from Notebook:
a. storage_account_access_key = dbutils.secrets.get(scope ="scopefordemo3", key = "databrickssecretkey3")

свернуть