DEV Community

Shivappa
Shivappa

Posted on

Understand and use Azure Key Vault Easily (Most Secured Secrets Storage)

Now a days the term security becoming the must follow topic for all the organizations to have a good brand name.
To secure your credentials or secrets in your web application is a big challenge when we deploy our application to the public internet.
And also once your code is deployed and secrets are revealed then one need to redeploy the code with updated secrets to secure the application. As the application grows bigger and bigger this will be cumbersome to manage the application.

To solve this issue we can use Azure Key Vault resource.
Azure Key Vault is a Microsoft cloud service to store and access data and secrets securely. Which controls below tasks,

  1. Securely store the keys, secrets and certificates.
  2. Only authorized user can access the key vault.
  3. Frequently rotate the secrets, keys.
  4. Automatically renew the certificates.
  5. Centralized storage for all keys, secrets and certificates.

Azure Key Vault can be used in many services, here I will be showing how to use it in Azure app service.

Prerequisites:

We can create Azure Key Vault using Azure CLI or Azure Portal.
In this blog we will look at how to do in Azure Portal.

Create Azure Key Vault using Azure Portal

Create an Azure resource

  1. Login to Azure Portal.
  2. Click on create a resource.
    createresource

  3. Search for Key Vault. Select and create it.
    KeyVault-Search
    KeyVault-Create-1

  4. Fill details and create the resource.

Resource Group: Select existing resource group or create a new one

Key vault name: Enter globally Unique name for your key vault. This is access from the application.

Region: Select location the one near to you.

Pricing tier: Select Standard.

KeyVault-Create-2

  1. Review + create and then create.

  2. Go to Key vault resource created.
    KeyVault-Secrets

  3. Let's create some secrets in the key vault which will be accessed from our application.
    Click on Generate/Import to add new secret.
    KeyVault-Secrets-Generate

Fill the details and add it.
Name: name of the secret to be created.
value: Value to store in this secret.
We can set when this secret can be activated and deactivated.
As of now we can leave default, meaning immediate activate and never expires.
KeyVault-Secrets-Create

  1. After the secret is added go the secret which looks like this. KeyVault-Secrets-Details-Version

Our secret is successfully created in Azure Key Vault. Now we have to access it from our code.
To access the secrets, valid permissions (like who can access) must be added to the keyvault.
Let's learn how to add the authentication in next part of this series.

Billboard image

The fastest way to detect downtimes

Join Vercel, CrowdStrike, and thousands of other teams that trust Checkly to streamline monitoring.

Get started now

Top comments (0)

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay