Secrets management with Azure Key Vault and Powershell

I’m writing this short blog post to fill a gap here on scripting library regarding the secret management topic after a comment received on this previous article.

I’m not opinionated when I need to choose a secret management solution, there are multiple options available and like anything else, it depends on your needs. What I find very appealing about Azure Key Vault is that offers a very simple user interface, all the features I generally need,  no upfront costs, and all the PowerShell cmd-let you need.

What is Azure Key Vault?

from : https://docs.microsoft.com/en-au/azure/key-vault/

Azure Key Vault helps solve the following problems:

  • Secrets Management – Azure Key Vault can be used to Securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets
  • Key Management – Azure Key Vault can also be used as a Key Management solution. Azure Key Vault makes it easy to create and control the encryption keys used to encrypt your data.
  • Certificate Management – Azure Key Vault is also a service that lets you easily provision, manage, and deploy public and private Transport Layer Security/Secure Sockets Layer (TLS/SSL) certificates for use with Azure and your internal connected resources.

What is required to start using it?

You need an Azure account and subscription (you can use a trial one)

I will assume you are already familiar with Azure Cloud services and with the Azure portal. In any case, I would recommend you start by reading the documentation of the Azure Key Vault.

Basic operations with Azure Key Vault with PowerShell

You can use cloud shell (https://shell.azure.com) or from a powershell window follow the instructions to connect/login with your account.

Conclusions

Over the years I’ve used several secret management solutions and by far Azure Key Vault would be the solution I would probably use for PowerShell, not just in Azure but especially on-premises.

As usual, you can find this code snippet in my GitHub repository.

2 Replies to “Secrets management with Azure Key Vault and Powershell”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.