Add documentation examples for loading credentials externally

[idanov]

Description

We often get requests on how to use credentials managers with Kedro, especially in platforms like Azure, AWS or GCP. This has always been possible, but not easy to come up with on your own and we haven't had any documentation on it. With the new changes on the AbstractConfigLoader and the addition of the after_context_created hook, this has become extremely easy, but will remain unknown to our users unless we document it.

Context

Our users need to deploy to one of the aforementioned platforms very often and thus they would need to provide credentials to their applications in a more robust way than just through config files.

Possible Implementation

Here's an example stub for adding a hook, which augments the credentials with the ones that could be found in the given vault.

from kedro.framework.hooks import hook_impl
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential

class AzureSecretsHooks:
    @hook_impl
    def after_context_created(self, context) -> None:
        # to learn more details about Azure's keyvault, see https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-python?tabs=azure-cli
        keyVaultName = "your-vault-name" # or os.environ["KEY_VAULT_NAME"] if you would like to provide it through environment variables
        KVUri = f"https://{keyVaultName}.vault.azure.net"
        
        credential = DefaultAzureCredential()
        client = SecretClient(vault_url=KVUri, credential=credential)

        secret_keys = ['key1', 'key2', 'key3', ...]
        azure_creds = {k: client.get_secret("your-secret-name").value for k in secret_keys}

        context.config_loader['credentials'] = {**context.config_loader['credentials'], **azure_creds}
        o

The above example needs to be reworked to show a real and working example, where the credentials might be more complicated, i.e. each Kedro credentials alias contains a couple of key/value mappings, similar to what we have currently in the docs: https://kedro.readthedocs.io/en/stable/data/data_catalog.html?highlight=catalog#example-16-loads-a-model-saved-as-a-pickle-from-azure-blob-storage, where dev_abs is the key used in the catalog, and that key has a couple of key/value mappings in it.

The hook needs to be added to the settings.py file in your project as follows:

HOOKS = (AzureSecretsHooks(),)

Possible Alternatives

Instead of adding this to the docs, we could also write a blog post.