{"id":14709,"date":"2020-08-01T05:50:23","date_gmt":"2020-08-01T05:50:23","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=14709"},"modified":"2020-08-27T06:40:10","modified_gmt":"2020-08-27T06:40:10","slug":"overview-of-azure-keyvault-and-keyvault-operations","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/","title":{"rendered":"Overview of Azure KeyVault and KeyVault operations"},"content":{"rendered":"\n<p><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-az-304-microsoft-azure-architect-design\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to AZ-304 Tutorials<\/a><\/p>\n\n\n\n<p>In this, we will discuss Azure Key Vault and how it enables Microsoft Azure applications including the use of Azure key vault. However, Azure key vault use and store several types of secret\/key data:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, <strong>cryptographic keys<\/strong> for supporting multiple key types and algorithms. It enables the use of Hardware Security Modules (HSM) for high-value keys.<\/li><li>Secondly, <strong>secrets<\/strong> for providing secure storage of secrets, such as passwords and database connection strings.<\/li><li>Then, <strong>certificates<\/strong> for supporting certificates built on top of keys and secrets and add an automated renewal feature.<\/li><li>Lastly, <strong>Azure Storage<\/strong> manages the keys of an Azure Storage account for you. Internally, Key Vault can list-keys with an Azure Storage Account, and regenerate the keys periodically.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Uses of Azure Key Vault<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, it has <strong>centralized storage <\/strong>for application secrets in the Azure Key Vault that allows you to control their distribution. And, the Key Vault reduces the chances that secrets may be accidentally leaked. While using Key Vault, application developers no longer need to store security information in their application. As not having to store security information in applications eliminates the need to make this information part of the code.&nbsp;<\/li><li>Secondly, in this, the <strong>secrets and keys<\/strong> are protection assurance is given by Azure using industry-standard algorithms, key lengths, and hardware security modules (HSMs). The HSMs here is Federal Information Processing Standards (FIPS) 140-2 Level 2 validated. However, access to a key vault requires proper authentication and authorization before a caller can get access. This authentication is via Azure Active Directory. Also, the authorization is via role-based access control (RBAC) or the Key Vault access policy.<\/li><li>Lastly, it provides<strong> access to monitoring<\/strong>. That is to say, after creating a couple of Key Vaults, you will want to monitor how and when your keys and secrets are being accessed. So, you can monitor activity by enabling logging for your vaults. You can configure Azure Key Vault to:<\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li>Firstly, archiving to a storage account.<\/li><li>Secondly, streaming to an event hub.<\/li><li>Thirdly, sending the logs to Azure Monitor logs.<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><a href=\"https:\/\/www.testpreptraining.ai\/microsoft-azure-architect-design-az-304-free-practice-test\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" width=\"961\" height=\"150\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/AZ-304-practice-tests-3.png\" alt=\"AZ-304 Practice tests\" class=\"wp-image-18182\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/AZ-304-practice-tests-3.png 961w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/AZ-304-practice-tests-3-750x117.png 750w\" sizes=\"auto, (max-width: 961px) 100vw, 961px\" \/><\/a><\/figure><\/div>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Data types<\/strong><\/h4>\n\n\n\n<p>There are various data types in Azure Key Vault that are:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, <strong>algorithm<\/strong>, it refers to a supported algorithm for a key operation<\/li><li>Secondly, <strong>ciphertext-value<\/strong>, it is ciphertext octets for which there is encoding using Base64URL<\/li><li>Thirdly, <strong>digest-value<\/strong>, in this the output of a hash algorithm in which there is encoding is using Base64URL<\/li><li>Fourthly, <strong>key-type<\/strong>. These are some of the supported key types, for example, RSA (Rivest-Shamir-Adleman).<\/li><li>Then, <strong>plaintext-value<\/strong>, it has plaintext octets, encoded using Base64URL<\/li><li>After that,<strong> signature-value<\/strong>, the output of a signature algorithm, encoded using Base64URL<\/li><li><strong>base64URL<\/strong>. A Base64URL [RFC4648] encoded binary value<\/li><li>Then, <strong>boolean<\/strong>. It is either true or false<\/li><li>Lastly, <strong>Identity<\/strong>. This defines an identity from the Azure Active Directory (AAD).<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Objects, identifiers, and versioning<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Objects that are storer in Key Vault are versioned whenever there is a creation of a new instance of an object. However, each version has a unique identifier and URL. And, during the development of an object, a unique version identifier is allocated. And it is marked as the current version of the object. This creation of a new instance with the same object name gives the new object a unique version identifier, causing it to become the current version.<\/li><li>However, objects in Key Vault can be addressed by specifying a version or by omitting the version for operations on the current version of the object. For example, given a Key with the name MasterKey, performing operations without specifying a version causes the system to use the latest available version.<\/li><li>Unique identification of objects is within Key Vault using a URL. And, no two objects in the system have the same URL, regardless of geo-location. However, the complete URL for an object is Object Identifier. The URL includes a prefix for identifying the Key Vault, object type, user given Object Name, and an Object Version. The Object Name is case-insensitive and immutable. And, identifiers that do not include the Object Version are Base Identifiers.<\/li><\/ul>\n\n\n\n<p>General format of an object identifier:<\/p>\n\n\n\n<p><strong><em>&#8220;https:\/\/{keyvault-name}.vault.azure.net\/{object-type}\/{object-name}\/{object-version}&#8221;<\/em><\/strong><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/azure-key-vault-1.png\" alt=\"Object Identifier Azure Key Vault\" class=\"wp-image-14718\" width=\"874\" height=\"433\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/azure-key-vault-1.png 977w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/azure-key-vault-1-750x372.png 750w\" sizes=\"auto, (max-width: 874px) 100vw, 874px\" \/><figcaption>Image Source: Microsoft<\/figcaption><\/figure><\/div>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><a href=\"https:\/\/www.testpreptraining.ai\/microsoft-azure-architect-design-az-304-practice-exam\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" width=\"961\" height=\"150\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/Az-304-online-course.png\" alt=\"Azure Key Vault Concept in AZ-304 Online Course\" class=\"wp-image-14714\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/Az-304-online-course.png 961w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/Az-304-online-course-750x117.png 750w\" sizes=\"auto, (max-width: 961px) 100vw, 961px\" \/><\/a><\/figure><\/div>\n\n\n\n<p class=\"has-text-align-right\"><strong>Reference: <\/strong><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/key-vault\/general\/about-keys-secrets-certificates\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Documentation<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-az-304-microsoft-azure-architect-design\/\" target=\"_blank\" rel=\"noreferrer noopener\"><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-az-304-microsoft-azure-architect-design\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to AZ-304 Tutorials<\/a><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to AZ-304 Tutorials In this, we will discuss Azure Key Vault and how it enables Microsoft Azure applications including the use of Azure key vault. However, Azure key vault use and store several types of secret\/key data: Firstly, cryptographic keys for supporting multiple key types and algorithms. It enables the use of Hardware&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-14709","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304<\/title>\n<meta name=\"description\" content=\"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304\" \/>\n<meta property=\"og:description\" content=\"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-27T06:40:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/AZ-304-practice-tests-3.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/\",\"name\":\"Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2020-08-01T05:50:23+00:00\",\"dateModified\":\"2020-08-27T06:40:10+00:00\",\"description\":\"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Overview of Azure KeyVault and KeyVault operations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304","description":"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/","og_locale":"en_US","og_type":"article","og_title":"Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304","og_description":"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2020-08-27T06:40:10+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/08\/AZ-304-practice-tests-3.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/","name":"Overview of Azure KeyVault and KeyVault operations | Microsoft AZ-304","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2020-08-01T05:50:23+00:00","dateModified":"2020-08-27T06:40:10+00:00","description":"Enhance your knowledge by learning about Azure Key Vault using Microsoft Azure AZ-304 online course and practice exam Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/overview-of-azure-keyvault-and-keyvault-operations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"Overview of Azure KeyVault and KeyVault operations"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/14709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=14709"}],"version-history":[{"count":3,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/14709\/revisions"}],"predecessor-version":[{"id":18189,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/14709\/revisions\/18189"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=14709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=14709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=14709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}