DEV Community

Cover image for Deploy a Secure Key Vault and Cryptographic Key Using ARM Templates and Azure CLI
Oluwatobiloba Akinbobola
Oluwatobiloba Akinbobola

Posted on

Deploy a Secure Key Vault and Cryptographic Key Using ARM Templates and Azure CLI

INTRODUCTION

This article will teach you how to deploy an Azure Key Vault and a cryptographic key using ARM (Azure Resource Manager) Templates and Azure CLI. Azure CLI is a command-line tool for managing Azure resources, and ARM Templates are JSON files that provide the setup and infrastructure for your Azure resources.

PROCEDURE

Step 1: Set Up Your Environment

  1. Install Azure CLI: If you don’t already have it, install the Azure CLI.
  2. Log in to Azure: Open your terminal or command prompt and login to your Azure account using:
az login
Enter fullscreen mode Exit fullscreen mode

Step 2: Create a Resource Group

az group create --name key-rg --location eastus
Enter fullscreen mode Exit fullscreen mode

VScode template

Step 3: Prepare the ARM Template
ARM Templates are JSON files that define the resources you want to deploy. Here’s a simple example of a template (template.json) to create a Key Vault and a key:

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "type": "Microsoft.KeyVault/vaults",
      "apiVersion": "2021-04-01-preview",
      "name": "myKeyVault123",
      "location": "[resourceGroup().location]",
      "properties": {
        "sku": {
          "name": "standard",
          "family": "A"
        },
        "tenantId": "[subscription().tenantId]",
        "accessPolicies": [],
        "enabledForDeployment": false,
        "enabledForDiskEncryption": false,
        "enabledForTemplateDeployment": false
      }
    },
    {
      "type": "Microsoft.KeyVault/vaults/keys",
      "apiVersion": "2021-04-01-preview",
      "name": "myKeyVault123/myKey",
      "properties": {
        "kty": "RSA",
        "keySize": 2048,
        "keyOps": ["encrypt", "decrypt", "sign", "verify"],
        "attributes": {
          "enabled": true
        }
      }
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

Step 4: Deploy the Template
Use the following command to deploy the template:

az deployment group create --resource-group key-rg --template-file template.json
Enter fullscreen mode Exit fullscreen mode

Step 5: Verify the Deployment
1.Check if the Key Vault was created:

az keyvault show --name myKeyVault123 --resource-group key-rg
Enter fullscreen mode Exit fullscreen mode

2.Verify the key inside the Key Vault:

az keyvault key show --vault-name myKeyVault123 --name myKey
Enter fullscreen mode Exit fullscreen mode

Verify Key vault
3.Create Azure’s role-based access control (RBAC) access
rbac
4.Assign job function role
key role
5.Select members
key members
6.Confirm RBAC Keyvault operation access
RBAC1
7.Confirm RBAC Key operation access
RBAC-KEY access

  1. Download public key Download key

CONCLUSION

ARM Templates and Azure CLI are essential tools for defining and deploying infrastructure, ensuring consistency and repeatability, and providing a quick, scriptable interface for automation.

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

Image of AssemblyAI

Automatic Speech Recognition with AssemblyAI

Experience near-human accuracy, low-latency performance, and advanced Speech AI capabilities with AssemblyAI's Speech-to-Text API. Sign up today and get $50 in API credit. No credit card required.

Try the API

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay