Snake case conversion in Azure Key Vault

[AndreuCodina]

Until now, we had workarounds to read secrets from Azure Key Vault:

• Alias in each field.
• Alias generator in all settings.
• dash_to_underscore to convert from "my-secret" to "my_secret".

And Key Vault uses the dash for different semantics:

• Prefixes (5-StorageAccountAccessKey).
• Hierarchical values (StorageAccount--AccessKey).
• Arrays (StorageAccounts--0--AccessKey).
• (*) Separate words (storage-account-access-key): It's not discouraged and it's used in some official examples.

Now, the package implements a mature conversion, from Key Vault's semantics to the Python convention. For example, it converts the following secrets in Key Vault to Python:

• SqlServer -> sql_server
• sqlServer -> sql_server
• sql-server -> sql_server
• SqlServer--Password -> sql_server__password (nested model).

With the old behavior, instead of converting to snake case, we had to add an alias and have mixed conventions in the .env file:

application_settings.py

class ApplicationSettings(BaseSettings):
    my_setting: str
    sql_server_password: SecretStr = Field(alias="SqlServerPassword")

    @classmethod
    def settings_customise_sources(
        cls,
        settings_cls: type[BaseSettings],
        init_settings: PydanticBaseSettingsSource,
        env_settings: PydanticBaseSettingsSource,
        dotenv_settings: PydanticBaseSettingsSource,
        file_secret_settings: PydanticBaseSettingsSource,
    ) -> tuple[PydanticBaseSettingsSource, ...]:
          azure_key_vault = AzureKeyVaultSettingsSource(
              settings_cls,
              dotenv_settings()["key_vault_url"],
              DefaultAzureCredential(),
          )
          return (azure_key_vault, dotenv_settings)

        return settings

.env

KEY_VAULT_URL="Value"
MY_SETTING="Value"
SqlServerPassword="Value"

[Copilot]

Pull Request Overview

This PR implements mature snake case conversion for Azure Key Vault secret names, replacing the previous workaround solutions. The changes eliminate the need for manual field aliases and the dash_to_underscore parameter by automatically converting Key Vault naming conventions to Python snake_case.

• Automatic conversion from various naming patterns (camelCase, PascalCase, kebab-case) to snake_case
• Simplified field definitions by removing manual alias requirements
• Updated nested delimiter from '--' to '__' to match Python conventions

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
pydantic_settings/sources/providers/azure.py	Implements snake case conversion using pydantic's to_snake function and removes case sensitivity options
tests/test_source_azure_key_vault.py	Updates test cases to remove field aliases and validates the new snake case conversion functionality

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[hramezani]

Thanks @AndreuCodina