Microsoft Azure provides a way to manage cryptographic keys and application secrets in a way that it doesn’t expose them to applications.
Let’s say that you have a web application and you access this application via a key stored in web config or it is hardcoded.
With Azure Key Vault, imagine that you have a key stored somewhere safe where nobody has access, except for the person who created this Azure Key Vault and generated the key.

Create an Azure  Key Vault

Let’s create a Key Vault from scratch.
First, search for the azure service  “Key Vault”, and click Create.

Create Key Vault

In the blade Create key vault, fill up all the necessary fields and click Create.

Create New Key

In the main blade, under the SETTINGS tab you can see few items.
You can choose here three actions : Generate Key, Upload an existing Key or Restore a key from backup.

For the demo needs, generate a new key as the following image shows.

RSA Type: More details here.
EC Type: More details here.

Key Settings

In the picture below you can see key settings that you can modify according to your application needs.

 

Create New Secret

You can create a secret with two ways :
Manual : (Create a new secret, which can be used in your apps )
Certificate : (Upload an existing certificate)

 

Secret Settings

At the image below you can see the key vault secret settings that you can change.

 

Create New Certificate

You can create an SSL certificate very easily, just type Certificate Name, Select the type of CA and type a Subject.

Certificate Settings

In the image below you can find all the available settings on your key vault certificate and customize as needed.

Key Vault Limitations

In the table below you can find the Azure key vault service limitations.

Key type HSM-Key
CREATE Key
HSM-key
All other transactions
Software-key
CREATE Key
Software-key
All other transactions
RSA 2048-bit 5 1000 10 2000
RSA 3072-bit 5 250 10 500
RSA 4096-bit 5 125 10 250
ECC P-256 5 1000 10 2000
ECC P-384 5 1000 10 2000
ECC P-521 5 1000 10 2000
ECC SECP256K1 5 1000 10 2000
Transactions Type Max transactions allowed in 10 seconds, per vault per region1
All transactions 2000

More Details about key vault limitations, here.

Pricing Details

Find key vault pricing details on this link.

Share This