- Created, when a new key vault is created
- In Use, the key vault which is used by one or more applications for storing the secrets. It has one or more access policies.
- Deleted, when the key vault is deleted. Please note that a deleted key vault can be restored.
- Purged, when the key vault is purged and deleted permanently. It means the key vault cannot be restored.
The only thing to remember is all the key vault management commands start with
az keyvault and some additional text like what operation needs to be performed and parameters for that operation.
Keys / Secrets / Certificates
Azure key vault solves the problem of securely storing the keys, secrets and certificates. So, if application needs any secret, applications can connect securely with key vault and know the value of a secret.
All the Azure CLI commands which manage these items in key vault start with
- for keys, commands start with
az keyvault key
- for secrets, commands start with
az keyvault secret
- for certificates, commands start with
az keyvault certificate
Below is a high level diagram which shows high level life-cycle of the keys, secrets and certificates:
- Created, when a new key / secret / certificate is created. One can create individual secret or can import it.
- In Use, when the secret is being used. Key vault maintains the version history. We can also update the existing secrets.
- Deleted, when the key / secret/ certificate is deleted
- Purged, when the key/secret/certificate is permanently deleted
I hope you find this tip useful. Let me know your thoughts.