Azure Key Vault
- It is a tool for securely storing and accesing secrets. Secrets could be API kesys, passwords or certificates.
- A vault is a logical group of secrets
- Terms:
- tenant: It is organization that owns and manages te instances
- Vault Owner: vault owner can create a key vault and has full access over it
- Vault Consumer: vault conumer can perform actions on assets inside the keyvaults
- Resource
- Resource Group
- Service Principal: azure service principal is a security identiy that user creates for apps, services or automation tools.
- What azure Key Vault can do
- Secrets Management
- Key Management
- Certificate Management
- Store secrets backed by HSM (Hardware security modules)
- Azure Key Vault supports multiple key types and algorithms
- Cryptographic keys in the Key Vault ar represent as JSON Web Key Objects.
- Software Protected keys:
- Importing an existing RSA or EC key or create a new key
- HSM-protected keys:
- Key Operations
- Create
- Import
- Update
- Delete
- List
- List Versions
- Get
- Backup
- Restore
- Once key is generated
- Sign and verify
- Key Encryption
- Encrypt and decrypt
- Key vault provides secure storage of secrets such as passwords and database connection strings.
- Certificate: Key Vault certificates support provides management of x509 ceritificates
Create Azure Key Vault
-
Create a resource and select ‘Key Vault’ to create azure key vault
-
Refer Here for a example in .net to access secret
-
Azure Key vault has a Rest API
-
Refer code samples for accessing the azure key vault over here
Azure API Management – Import OpenAPI
Azure Logic Apps
- Azure Logic apps is cloud service that helps in schedule, automate and orchestrate tasks, business process and workflow
- Click on create resource and select logic app and create with basic details
Azure Service fabric
- Azure service fabric is a distributed systems platform that makes easy to package, deploy and scale microservices and containers.
- Install Azure Service Fabric SDK
