# NOT RUN {
# default is to grant full access
vault_access_policy("user_id")
# use AzureGraph to specify a user via their email address rather than a GUID
usr <- AzureGraph::get_graph_login()$get_user("username@aadtenant.com")
vault_access_policy(usr)
# grant a service principal read access to keys and secrets only
svc <- AzureGraph::get_graph_login()$
get_service_principal(app_id="app_id")
vault_access_policy(svc,
key_permissions=c("get", "list"),
secret_permissions=c("get", "list"),
certificate_permissions=NULL,
storage_permissions=NULL)
# }
Run the code above in your browser using DataLab