I’m currently working on a task where I need to retrieve a secret from Azure Key Vault within a Fabric notebook. This secret is crucial for authenticating my Azure SQL database JDBC connection. However, I’m encountering an error during the secret retrieval process.
Here’s the code snippet I’ve been using: from trident_token_library_wrapper import PyTridentTokenLibrary as tl access_token = mssparkutils.credentials.getToken("keyvault") pwd = tl.get_secret_with_token("Keyvault URL","Password",access_token)
In my Azure Key Vault settings, I’ve disabled public access and allowed trusted Microsoft services to bypass the firewall.
Despite these settings, I’m receiving the following error message: “Client address is not authorized and caller is not a trusted service.”
Unfortunately, enabling public access to my vault isn’t an option for me. Is there any workaround to bypass this error? Any help would be greatly appreciated.
I’ve attempted to resolve the issue by whitelisting IP addresses. However, due to the dynamic nature of IP addresses, this solution proved to be ineffective
The above requirement might not be possible when you disable the public access of the key vault. The only possible solutions might be enabling public access and specifying the IP address ranges.
You can see I got the same error when the public access was disabled even though I have selected the Allow trusted Microsoft services to bypass this firewall option.
The same will give the expected result when public access is enabled.
I have tried to get the secret with REST API as well. But this also, gives the same result with public access disabled.
If you don't want to enable the public access, then you need to get the range of your IP addresses and add it in the IP address range is another option.
Your IP address need to fall in this range to get the required results.