MarkRobles
/ gist:0f22bb4e6c5da59561ac44f8b2c7f4a3
Last active
June 21, 2022 14:29
Using azure key vault
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1-Create azure key vault (Use AzurePortal or azure CLI and so on) | |
| 2-Create a secret (Use AzurePortal or azure CLI and so on) | |
| 3- Register your app with Azure Active Directory | |
| 3.1- Our app gets an identity | |
| 3.2- Now we can assign vault permissions to our app | |
| 3.3- App and users requires a token and a secret or certificate to authenticate to keyVault | |
| 3.4- This seems to be the default flow but with this you also need to keep the user/app secret to authenticate | |
| with key vault somewhere. So to avoid this use Managed identities for azure resources | |
| 4- Enable Managed Identities (Use Azure portal or CLI) -> Go to your app, select identity tab, select on in the system assigned |