How to Fetch Azure Key Vault Secrets in Azure Databricks

Assuming that you have created Azure Key Vault scope in Azure Databricks and created some secrets in the vault, you can use the below commands to read secrets from Azure Key Vault to consume in your databricks notebooks. If you need to see how to create a scope for Azure Key Vault in Azure Databricks, you can navigate to another post How to configure Azure Key Vault in Azure Databricks.

In the above snapshot, “sandbox” is the scope name in Azure Databricks and Azure Key Vault was configured with different keys named as “source-database-server”, “source-database-name”, “source-database-user” and “source-database-user-password” to connect to a database. Values corresponding to these keys which is stored in Azure Key Vault are captured in the variables which can be placed anywhere needed, in general, in the connection string.

If you are wondering that anyone can print the variables and see the values captured in it then you need to feel comfortable as it’s not possible to do so. If you try to print them using print statements like –

You see something as –

i.e. “REDACTED“. This also means that values have been fetched correctly from Azure Key Vault.