Retrieve SAS Key from Key Vault.
Set a variable to hold that value (technically not needed, but makes things) clean
Post to the Storage Queue
Reference Document: Use Azure Key Vault secrets in pipeline activities - Azure Data Factory | Microsoft Docs
For a secret stored in key vault – each version will have a url, so be sure to grab the version specific url.
For this pipeline, I create a few parameters
Parameter Name | Value | Example |
---|---|---|
account | storagename | mmmxstoragexdev |
queue | queue name | demoqueue |
kvurl | url for key vault secret | sv=2020-02-10&ss=….. |
Note the SAS Key - remove the ? when you store it in keyvault.
We will make a Web request that is a get. For this to work with MSI authentication, be sure to provide access to your ADF Instance in your key vault instance.
We will be sure to add the api version to the url - as shown below.
The Web Request is a GET, the url
@concat(pipeline().parameters.kvurl,'?api-version=7.0')
The Resource is:
https://vault.azure.net
After you get it going, you should set the Secure output for the key so it won’t show up in the logs
Be sure to grab the output value and place into a variable.
@activity('GetKeyFromKV').output.value
We will create an additional Web activity to put a message onto a queue through a POST api call
Reference Document: https://docs.microsoft.com/en-us/rest/api/storageservices/put-message
Create a web activity - set the Url, Body is the queueMessage (this is a post)
For the URL
@concat('https://', pipeline().parameters.account, '.queue.core.windows.net/', pipeline().parameters.queue, '/messages?visibilitytimeout=30&timeout=30','&', variables('theKey'))