The Code Blogger - Managing Azure Key Vault and Secrets with Azure CLI

Managing Azure Key Vault and Secrets with Azure CLI

Post author:Manoj Choudhari
Post published:June 13, 2020
Post category:Azure / Uncategorized
Post comments:0 Comments

In this short article, let’s have a look at small tip to remember the Azure CLI commands for managing key vault itself and the keys, secrets and certificates in it.

Key Vault

To know the Azure CLI commands for Azure key vault management, let’s try to know more about life-cycle of the key vault. Below diagram shows a high level overview:

Created, when a new key vault is created
In Use, the key vault which is used by one or more applications for storing the secrets. It has one or more access policies.
Deleted, when the key vault is deleted. Please note that a deleted key vault can be restored.
Purged, when the key vault is purged and deleted permanently. It means the key vault cannot be restored.

So, you can now easily remember and understand the Azure CLI commands which can be used for Azure key vault management.

The only thing to remember is all the key vault management commands start with az keyvault and some additional text like what operation needs to be performed and parameters for that operation.

Below code snippet shows some of the important commands with some comments to explain more about each commands. For full list of Azure CLI commands, please refer the documentation.

Keys / Secrets / Certificates

Azure key vault solves the problem of securely storing the keys, secrets and certificates. So, if application needs any secret, applications can connect securely with key vault and know the value of a secret.

All the Azure CLI commands which manage these items in key vault start with

for keys, commands start with az keyvault key
for secrets, commands start with az keyvault secret
for certificates, commands start with az keyvault certificate

Below is a high level diagram which shows high level life-cycle of the keys, secrets and certificates:

Life-cycle for keys, secrets and certificates in key vault

Created, when a new key / secret / certificate is created. One can create individual secret or can import it.
In Use, when the secret is being used. Key vault maintains the version history. We can also update the existing secrets.
Deleted, when the key / secret/ certificate is deleted
Purged, when the key/secret/certificate is permanently deleted

Below snippet shows some of the useful Azure CLI commands. Refer documentation for more details.

I hope you find this tip useful. Let me know your thoughts.

Tags: Azure, Azure CLI, Azure Key Vault, Backup, Certificates, Key Vault, Keys, Life Cycle, Microsoft Azure, Recover, Restore, Secret Management, Secrets

Key Vault

Keys / Secrets / Certificates

Share this article on:

Please Share This Share this content

You Might Also Like

Azure – Setting up the command line interfaces

Create your first Managed Instance in Azure SQL

WPF App and Web API using Azure AD and MSAL

Leave a ReplyCancel reply

Share this content