Latest Posts

Azure Key Vault

Azure Key Vault

  • Azure Key Vault is managed service for securing sensitive application information both for building applications and azure platform management.
  • This is a PaaS (Platform as a Service) offering
  • Azure key vault is integrated with other Azure services like
    • Logic Apps
    • Azure SQL DB
    • Power Platform applications
    • Data Factory
    • Web Applications, and more…
  • If you create a single Azure Key Vault Service, then the other applications can store their secrets/keys/certificates in that key vault.
    • This centralized storage approach can greatly reduce the chances of secrets/tokens getting leaked.
  • Even if someone could get access to the key vault on Azure, the storage is done on hardware that is secure as well.
  • Not even Microsoft can see or extract your keys in the vault.
  • The application can't pass on access to any other application, and access can be removed quickly in Azure Key Vault without having to change passwords.
  • Key Vault can scale globally, like any other managed Azure service, so you can get cryptographic high performance too

Azure Key Vault Scenario

  • Please refer to the diagram below.
  • Let's say you have a database with some valuable business data in it.
  • Azure Key Vault
  • While you use the data successfully internally, you also want to share access with other trusted outside third parties.
  • However, you don't want to just give them the username and password to access the database.
  • Instead, you place the password in Azure Key Vault and then provide access to individual applications.
  • The application can identify itself, and then Azure Key Vault grants access to the database.

Azure Key Vault offering

  • In Azure Key Vault you can store,
    • API Keys
    • Tokens
    • Passwords
    • Certificates
    • Other secrets

Azure Key Vault Monitoring and Logging

  • You can monitor how and when your key vault is accessed and who is accessing it. You can enable the logging and achieve this easily.
  • All the logging data are stored in Azure Storage account that you provide.
  • You can access your logging information after 10 mins (max.) of Key vault usage.
  • The individual log is stored as text, formatted as a JSON blob.

We value your Feedback:

Page URL:







Azure Key Vault
© 2024 Code SharePoint