go azure kms (#708)

* go azure kms

* fix indentation for tabs

* fix indentation for note

* pr feedback

* fix typo

Co-authored-by: Nathan Leniz <[email protected]>

Author: terakilobyte

source/includes/steps-fle-convert-to-a-remote-master-key-azure.yaml

@@ -23,7 +23,7 @@ content: |
   .. image:: /figures/CSFLE_Master_Key_KMS.png
      :alt: Diagram that describes creating a master key when using a KMS provider
 
-  1. To create a master key, follow Microsoft's official 
+  1. To create a master key, follow Microsoft's official
      `Secrets Guide <https://docs.microsoft.com/en-us/azure/key-vault/secrets/about-secrets>`__.
      Follow the instructions in one of the :guilabel:`Quickstarts` sections
      that corresponds to your preferred method to create and configure your
@@ -171,6 +171,31 @@ content: |
               To use the Azure KMS, you must use
               `libmongocrypt <https://github.com/mongodb/libmongocrypt#installing-libmongocrypt-on-windows>`__ version 1.1 or later in your application's environment.
 
+        .. tab::
+           :tabid: go
+
+           In ``kms/provider.go``, update the variable declarations or define the expected environmental variables in
+           ``AzureProvider()``.
+
+           .. code-block:: go
+
+              azureTenantID := GetCheckedEnv("FLE_AZURE_TENANT_ID")
+              azureClientID := GetCheckedEnv("FLE_AZURE_CLIENT_ID")
+              azureClientSecret := GetCheckedEnv("FLE_AZURE_CLIENT_SECRET")
+
+           The expected KMS provider map is created with struct tags.
+
+           .. code-block:: go
+
+              func (a *Azure) Credentials() map[string]map[string]interface{} {
+                  return map[string]map[string]interface{}{"azure": structs.Map(a.credentials)}
+              }
+
+           .. note::
+
+              To use the Azure KMS, you must use
+              `libmongocrypt <https://github.com/mongodb/libmongocrypt>`__ version 1.1 or later in your application's environment.
+
 ---
 title: Create a New Data Encryption Key
 ref: create-a-new-data-key
@@ -273,9 +298,32 @@ content: |
                   });
 
               var dataKeyId = clientEncryption.CreateDataKey("azure", dataKeyOptions, CancellationToken.None);
-              Console.WriteLine($"Azure DataKeyId [UUID]: {dataKeyId}");
-              var dataKeyIdBase64 = Convert.ToBase64String(GuidConverter.ToBytes(dataKeyId, GuidRepresentation.Standard));
-              Console.WriteLine($"Azure DataKeyId [base64]: {dataKeyIdBase64}");
+
+        .. tab::
+           :tabid: go
+
+           In ``kms/provider.go``, update the variable declarations or define the expected environmental variables
+           in ``AzureProvider()``.
+
+           .. code-block:: go
+
+              azureKeyVaultEndpoint := GetCheckedEnv("FLE_AZURE_KEYVAULT_ENDPOINT")
+              azureKeyName := GetCheckedEnv("FLE_AZURE_KEY_NAME")
+
+           Struct tags are used to pass these values directly to the driver for use. In ``kms/provider.go``
+
+           .. code-block:: go
+
+              func (a *Azure) DataKeyOpts() interface{} {
+                  return a.dataKeyOpts
+              }
+
+           In ``csfle/data_key.go``
+
+           .. code-block:: go
+
+              dataKeyOpts := options.DataKey().SetMasterKey(provider.DataKeyOpts())
+              dataKeyID, err := clientEnc.CreateDataKey(context.TODO(), provider.Name(), dataKeyOpts)
 
 ---
 title: Update the Automatic Encryption JSON Schema