Malin De Silva, profile picture
Uploaded byMalin De Silva
PPTX, PDF158 views

Azure Key Vault

This document discusses Azure Key Vault, which allows centralizing application secrets and securing storage of keys and secrets. It can simplify administration by centralizing configurations and allowing monitoring of access and usage. The document demonstrates how to create an Azure Key Vault and connect to it from Visual Studio using managed identities. It also discusses how Azure Key Vault can integrate with app settings and be called externally with a token.

Embed presentation

Download to read offline
AZURE KEY VAULT Malin De Silva MVP – Microsoft Azure Azure and Office 365 Solutions Consultant
Challenges with configurations Team Development QA Testing User Acceptance Testing Production ◦ Changes when moving through environments ◦ Configurations shared with multiple people ◦ Mostly stored in plain text ◦ No way to monitor the usage
What is Azure Key Vault? ◦ Centralize Application Secrets ◦ Securing Storage of Keys and Secrets ◦ Monitor Access and Use ◦ Simplified Administration ◦ Simplified integration ◦ Secrets Store secured access tokens, passwords and API Keys ◦ Keys Encryption keys ◦ Certificates SSL Certificates for Azure services
Terminology ◦ HSM - A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. ◦ EC Keys – Elliptic Curve Cryptography, Based on Algebraic Structure of elliptic curves over a finite field ◦ RSA Keys - Rivest–Shamir–Adleman Generates a public key based on 2 prime numbers. Prime numbers kept secret. Public key shared for encryption.
CREATING AZURE KEY VAULT DEMONSTRATION
What is Managed Identity? Azure AD App Registration Azure Key Vault Azure App Service Client ID and Client Secret
CONNECTING TO VISUAL STUDIO DEMONSTRATION
Azure Hosted Scenario Can Integrate with App Settings Externally call with token
Thank You Malin De Silva malindesilva@live.com MVP – Microsoft Azure Azure and Office 365 Solutions Consultant

More Related Content

PPTX
Zero Credential Development with Managed Identities for Azure resources
byJoonas Westlin
 
PDF
Programming with Azure Active Directory
byJoonas Westlin
 
PDF
Identity Security - Azure Active Directory
byEng Teong Cheah
 
PDF
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
byaOS Community
 
PPTX
Best pratices reliability & scalability on Azure
byAlex Danvy
 
PPTX
Global Azure Bootcamp 2017 - Azure Key Vault
byAlberto Diaz Martin
 
PPTX
Zero Credential Development with Managed Identities
byJoonas Westlin
 
PPTX
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
byKasun Kodagoda
 
Zero Credential Development with Managed Identities for Azure resources
byJoonas Westlin
 
Programming with Azure Active Directory
byJoonas Westlin
 
Identity Security - Azure Active Directory
byEng Teong Cheah
 
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
byaOS Community
 
Best pratices reliability & scalability on Azure
byAlex Danvy
 
Global Azure Bootcamp 2017 - Azure Key Vault
byAlberto Diaz Martin
 
Zero Credential Development with Managed Identities
byJoonas Westlin
 
Get On Top of Azure Resource Security Using Secure DevOps Kit for Azure
byKasun Kodagoda
 

What's hot

PDF
Security + DevOps + Azure = Awesomeness
byKarl Ots
 
PPTX
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
byMVP Dagen
 
PDF
Azure DevOps
bySurasuk Oakkharaamonphong
 
PDF
01_SQL Migration Using Azure Data Migration Services (DMS)_GAB2019
byKumton Suttiraksiri
 
PDF
TechWiseTV Workshop: Q&A OpenDNS and AnyConnect
byRobb Boyd
 
PPTX
EWUG - Something about the Cloud - Unit IT - January 14, 2020
byPeter Selch Dahl
 
PDF
IglooConf 2019 Secure your Azure applications like a pro
byKarl Ots
 
PDF
Everything you always wanted to know about API Management (but were afraid to...
byMassimo Bonanni
 
PPTX
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
byTom Kerkhove
 
PPTX
Launching Assassin's Creed with the Eagle Vision
bySplunk
 
PDF
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
byEvident.io
 
PPTX
Java App Hosting: Choices!
byMicrosoft Tech Community
 
PDF
Streamline CI/CD with Just-in-Time Access
byAkeyless
 
PDF
03_Azure Security Center_GAB2019
byKumton Suttiraksiri
 
PPTX
Secret Management with Hashicorp Vault and Consul on Kubernetes
byAn Nguyen
 
PDF
Azure Meetup: Keep your secrets and configurations safe in azure!
bydotnetcode
 
PDF
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
byKenny Buntinx
 
PDF
Seguridad en SQL Server 2012
byJuan Fabian
 
PPTX
Automating your AWS Security Operations
byEvident.io
 
PDF
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
byNCCOMMS
 
Security + DevOps + Azure = Awesomeness
byKarl Ots
 
Modern Management for Identiteter og Enheter – Azure AD, Intune og Windows 10
byMVP Dagen
 
Azure DevOps
bySurasuk Oakkharaamonphong
 
01_SQL Migration Using Azure Data Migration Services (DMS)_GAB2019
byKumton Suttiraksiri
 
TechWiseTV Workshop: Q&A OpenDNS and AnyConnect
byRobb Boyd
 
EWUG - Something about the Cloud - Unit IT - January 14, 2020
byPeter Selch Dahl
 
IglooConf 2019 Secure your Azure applications like a pro
byKarl Ots
 
Everything you always wanted to know about API Management (but were afraid to...
byMassimo Bonanni
 
Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault
byTom Kerkhove
 
Launching Assassin's Creed with the Eagle Vision
bySplunk
 
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
byEvident.io
 
Java App Hosting: Choices!
byMicrosoft Tech Community
 
Streamline CI/CD with Just-in-Time Access
byAkeyless
 
03_Azure Security Center_GAB2019
byKumton Suttiraksiri
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
byAn Nguyen
 
Azure Meetup: Keep your secrets and configurations safe in azure!
bydotnetcode
 
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystified
byKenny Buntinx
 
Seguridad en SQL Server 2012
byJuan Fabian
 
Automating your AWS Security Operations
byEvident.io
 
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
byNCCOMMS
 

Similar to Azure Key Vault

PPTX
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
byTom Kerkhove
 
PPTX
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
byCodit
 
PPTX
Azure Key Vault - Getting Started
byTaswar Bhatti
 
PPTX
Managing your secrets in a cloud environment
byTaswar Bhatti
 
PPTX
TechEvent Data Encryption in Azure
byTrivadis
 
PDF
Application Security - Key Vault
byEng Teong Cheah
 
PPTX
Secure your Config with Key Vault for .NET Core API
byLakshman S
 
PPTX
Securing sensitive data with Azure Key Vault
byTom Kerkhove
 
PPTX
Azure key vault
byRahul Nath
 
PPTX
Azure key vault - Brisbane User Group
byRahul Nath
 
PPTX
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
byTom Kerkhove
 
PDF
Secretsth-Azure-KeyVault-and-Azure-App.pdf
bys87j3
 
PDF
Secretsth-Azure-KeyVault-and-Azure-App.pdf
bys87j3
 
PPTX
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
byRoy Kim
 
PPTX
Techdays Finland 2018 - Building secure cloud applications with Azure Key Vault
byTom Kerkhove
 
PPTX
Hashicorp Chicago HUG - Secure and Automated Workflows in Azure with Vault an...
byStenio Ferreira
 
PPTX
Secure your Config with Key Vault for Node.JS
byLakshman S
 
PDF
Dynamic Azure Credentials for Applications and CI/CD Pipelines
byMitchell Pronschinske
 
PPTX
AzureSecurity - Day3 - Storage And Key Vault
by2nd Sight Lab
 
PPTX
Configuration in azure done right
byRick van den Bosch
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
byTom Kerkhove
 
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
byCodit
 
Azure Key Vault - Getting Started
byTaswar Bhatti
 
Managing your secrets in a cloud environment
byTaswar Bhatti
 
TechEvent Data Encryption in Azure
byTrivadis
 
Application Security - Key Vault
byEng Teong Cheah
 
Secure your Config with Key Vault for .NET Core API
byLakshman S
 
Securing sensitive data with Azure Key Vault
byTom Kerkhove
 
Azure key vault
byRahul Nath
 
Azure key vault - Brisbane User Group
byRahul Nath
 
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...
byTom Kerkhove
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
bys87j3
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
bys87j3
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
byRoy Kim
 
Techdays Finland 2018 - Building secure cloud applications with Azure Key Vault
byTom Kerkhove
 
Hashicorp Chicago HUG - Secure and Automated Workflows in Azure with Vault an...
byStenio Ferreira
 
Secure your Config with Key Vault for Node.JS
byLakshman S
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
byMitchell Pronschinske
 
AzureSecurity - Day3 - Storage And Key Vault
by2nd Sight Lab
 
Configuration in azure done right
byRick van den Bosch
 

More from Malin De Silva

PPTX
Azure boards and GitHub
byMalin De Silva
 
PPTX
Accelaratinng developmennt and business with azure conntainers
byMalin De Silva
 
PPTX
SharePoint Fundamentals in Microsoft Graph
byMalin De Silva
 
PPTX
Custom APIs with Powerapps and Microsoft Flow
byMalin De Silva
 
PDF
Exploring the PowerApps advantage
byMalin De Silva
 
PPTX
Workflow Manager Troubleshooting and Experience
byMalin De Silva
 
PDF
Success Story of SharePoint Development on Azure
byMalin De Silva
 
PDF
Tips and Tricks for Building Visual Studio Workflows
byMalin De Silva
 
PPTX
Moving your share point development to azure
byMalin De Silva
 
PPTX
Mobile device management
byMalin De Silva
 
PPTX
Consuming SharePoint data in universal apps
byMalin De Silva
 
PPTX
Branding and designing capabilities with the Design Manager
byMalin De Silva
 
PPTX
Working with Windows Phone sensors, gps and maps
byMalin De Silva
 
PPTX
Using Lync for cost effective and efficient communications
byMalin De Silva
 
PPTX
SharePoint Development
byMalin De Silva
 
PPTX
AngularJS
byMalin De Silva
 
Azure boards and GitHub
byMalin De Silva
 
Accelaratinng developmennt and business with azure conntainers
byMalin De Silva
 
SharePoint Fundamentals in Microsoft Graph
byMalin De Silva
 
Custom APIs with Powerapps and Microsoft Flow
byMalin De Silva
 
Exploring the PowerApps advantage
byMalin De Silva
 
Workflow Manager Troubleshooting and Experience
byMalin De Silva
 
Success Story of SharePoint Development on Azure
byMalin De Silva
 
Tips and Tricks for Building Visual Studio Workflows
byMalin De Silva
 
Moving your share point development to azure
byMalin De Silva
 
Mobile device management
byMalin De Silva
 
Consuming SharePoint data in universal apps
byMalin De Silva
 
Branding and designing capabilities with the Design Manager
byMalin De Silva
 
Working with Windows Phone sensors, gps and maps
byMalin De Silva
 
Using Lync for cost effective and efficient communications
byMalin De Silva
 
SharePoint Development
byMalin De Silva
 
AngularJS
byMalin De Silva
 

Recently uploaded

PDF
The Hidden Cost of “Quick” Web App Development
byiProgrammer Solutions Private Limited
 
PDF
DSD-INT 2025 Flexible Reservoir Modelling with Ribasim - From Simple to Compl...
byDeltares
 
PPT
C++ how to program 10 edition Harvey Deitel
byatisyemen
 
PPTX
Computing Adnans presentation OTHM level 3
bymashikhossain23
 
PPTX
Cloud_Computing_Presentation FOR BCA.pptx
bysharma79822
 
PPTX
Publix Data Scraping for Grocery Prices & Store Analysis.pptx
byMobile App Scraping
 
PPT
C++ how to program 10 edition Harvey Deitel
byatisyemen
 
PPTX
Object Oriented Programming - Lecture 02
byAbdul Baqi Malik
 
PPTX
Choosing Your Web3 Architecture: L1 vs L2 vs Appchain
bystorygamemarketing
 
PDF
Oracle AI Database 26ai _ AI-Native Database for Enterprises.pdf
byAstuteBusiness
 
PDF
Wormhole Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority
 
PDF
AI Concepts - MCP Neurons
byPhilip Schwarz
 
PDF
DSD-INT 2025 Coupled modeling in Ribasim - Linking Water Availability and Qua...
byDeltares
 
PDF
Dues Collection Software Intelligent Revenue Management.pdf
byCollege Pro
 
PDF
What Web Teams Need to Know About Building API-Powered Websites
byAlex Halsey
 
PDF
AI Development Services: MVP to Production Guide
byShiv Technolabs Pvt. Ltd.
 
PPTX
Managing Multiple Projects from One ERP Dashboard - by biCanvas ERP
bybiCanvasERP
 
PDF
DSD-INT 2025 The National Hydrological Model of Denmark and its enhancements ...
byDeltares
 
PDF
apidays Paris 2025 | AI and APIs - Ensuring Platform Migration Reliability wi...
byapidays
 
PDF
erp software for trading business in india.pdf
byZipERP
 
The Hidden Cost of “Quick” Web App Development
byiProgrammer Solutions Private Limited
 
DSD-INT 2025 Flexible Reservoir Modelling with Ribasim - From Simple to Compl...
byDeltares
 
C++ how to program 10 edition Harvey Deitel
byatisyemen
 
Computing Adnans presentation OTHM level 3
bymashikhossain23
 
Cloud_Computing_Presentation FOR BCA.pptx
bysharma79822
 
Publix Data Scraping for Grocery Prices & Store Analysis.pptx
byMobile App Scraping
 
C++ how to program 10 edition Harvey Deitel
byatisyemen
 
Object Oriented Programming - Lecture 02
byAbdul Baqi Malik
 
Choosing Your Web3 Architecture: L1 vs L2 vs Appchain
bystorygamemarketing
 
Oracle AI Database 26ai _ AI-Native Database for Enterprises.pdf
byAstuteBusiness
 
Wormhole Token – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority
 
AI Concepts - MCP Neurons
byPhilip Schwarz
 
DSD-INT 2025 Coupled modeling in Ribasim - Linking Water Availability and Qua...
byDeltares
 
Dues Collection Software Intelligent Revenue Management.pdf
byCollege Pro
 
What Web Teams Need to Know About Building API-Powered Websites
byAlex Halsey
 
AI Development Services: MVP to Production Guide
byShiv Technolabs Pvt. Ltd.
 
Managing Multiple Projects from One ERP Dashboard - by biCanvas ERP
bybiCanvasERP
 
DSD-INT 2025 The National Hydrological Model of Denmark and its enhancements ...
byDeltares
 
apidays Paris 2025 | AI and APIs - Ensuring Platform Migration Reliability wi...
byapidays
 
erp software for trading business in india.pdf
byZipERP
 

Azure Key Vault

  • 1.
    AZURE KEY VAULT Malin DeSilva MVP – Microsoft Azure Azure and Office 365 Solutions Consultant
  • 2.
    Challenges with configurations Team Development QATesting User Acceptance Testing Production ◦ Changes when moving through environments ◦ Configurations shared with multiple people ◦ Mostly stored in plain text ◦ No way to monitor the usage
  • 3.
    What is AzureKey Vault? ◦ Centralize Application Secrets ◦ Securing Storage of Keys and Secrets ◦ Monitor Access and Use ◦ Simplified Administration ◦ Simplified integration ◦ Secrets Store secured access tokens, passwords and API Keys ◦ Keys Encryption keys ◦ Certificates SSL Certificates for Azure services
  • 4.
    Terminology ◦ HSM -A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. ◦ EC Keys – Elliptic Curve Cryptography, Based on Algebraic Structure of elliptic curves over a finite field ◦ RSA Keys - Rivest–Shamir–Adleman Generates a public key based on 2 prime numbers. Prime numbers kept secret. Public key shared for encryption.
  • 5.
  • 6.
    What is ManagedIdentity? Azure AD App Registration Azure Key Vault Azure App Service Client ID and Client Secret
  • 7.
  • 8.
    Azure Hosted Scenario CanIntegrate with App Settings Externally call with token
  • 9.
    Thank You Malin DeSilva malindesilva@live.com MVP – Microsoft Azure Azure and Office 365 Solutions Consultant

Editor's Notes

  • #8 //Management Shell Code az login $keyVaultName = "KeyVaultTest3" az account set --subscription "324a2a89-dc88-4e72-8c5c-291e75ae6fd9" az ad sp create-for-rbac -n $keyVaultName --sdk-auth $clientID = "" //Get from above az keyvault set-policy -n $keyVaultName --spn $clientID --secret-permissions delete get list set --key-permissions create decrypt delete encrypt get list unwrapKey wrapKey //C#.NET Code string clientId = ""; string clientSecret = ""; KeyVaultClient kvClient = new KeyVaultClient(async (authority, resource, scope) => { var adCredential = new ClientCredential(clientId, clientSecret); var authenticationContext = new AuthenticationContext(authority, null); return (await authenticationContext.AcquireTokenAsync(resource, adCredential)).AccessToken; }); await kvClient.SetSecretAsync("kv_url", "Key1", "Value1"); var keyvaultSecret = await kvClient.GetSecretAsync("kv_url", "Key1") .ConfigureAwait(false);