azure-keyvault

问题 I recently transferred an Azure Subscription to a new account owner in a new directory. After doing so, I am no longer able to import an App Service Certificate into my App Service, and am thus unable to create any TSL/SSL bindings . When I click Import App Service Certificate , the certificate correctly shows up; when I click on the certificate it correctly displays Validated the App Service Certificate ; but when I click OK , I get the following error: Failed to add App Service certificate

问题 I want to get secret from Azure key vault. I found codes below and tried it. But I failed with error. private String clientId= '<I put my client Id here>'; private String secret= '<I put my client secret here>'; KeyVaultClient client = new KeyVaultClient(credentials); String secret = client.getSecret("https://<myVault>.vault.azure.net", "secret name").value(); log.debug("secret=============",secret); } ServiceClientCredentials credentials = new KeyVaultCredentials() { @Override public String

问题 I'm accessing an Azure key vault, using C#, in a Net Core 2 console app. Whenever the app runs, the console window gets hit with messages like this when I retrieve a secret from the vault: 2017-12-26T18:03:49.8610049Z: 29c98a86-9e1d-4a5d-86d6-daf8f2cfdc56 - AcquireTokenHandlerBase.cs: ADAL PCL.CoreCLR with assembly version '3.17.3.35304', file version '3.17.41219.2324' and informational version 'b6afaeae7cff965e66649e0ee7e8c29071d5a7e6' is running... 2017-12-26T18:03:49.8621855Z: 29c98a86

问题 Can't get secrets from Key Vault when it's secured with vnet and firewall. I would like to use secrets stored in key vault from DevOps Build Pipeline task and I would like to follow security best practice and defense in depth. As security best practice, I want key vault to be accessible from selected virtual networks, selected azure services and from trusted internet ip's. Of course, I would use a service principal and appropriate permissions (list/get). Unfortunately, Azure DevOps is not one

问题 Can't get secrets from Key Vault when it's secured with vnet and firewall. I would like to use secrets stored in key vault from DevOps Build Pipeline task and I would like to follow security best practice and defense in depth. As security best practice, I want key vault to be accessible from selected virtual networks, selected azure services and from trusted internet ip's. Of course, I would use a service principal and appropriate permissions (list/get). Unfortunately, Azure DevOps is not one

问题 What is the recommended way of deploying Azure Key Vault: One Key Vault per environment e.g. Production, Test etc. One Key Vault used globally. If I want to automate creation of Azure resources using ARM templates, it seems the second method is preferable. However, storing Test and Production secrets together could cause mistakes to happen unless you use some kind of naming scheme for secret names. 回答1: The official recommendation is that a Key Vault is not shared across environments. Don't

问题 I am trying to run the following PS script to back-up all of the Secrets, in a specific Azure Key Vault: $secret = Get-AzureKeyVaultSecret –VaultName 'testkeyvault-1' | ForEach-Object { $Name = $_."Name" Backup-AzureKeyVaultSecret -Secret $Name -OutputFile 'C:\Backup.blob' } Though this is failing with the following PS error, any help would be appreciated: Backup-AzureKeyVaultSecret : Cannot bind parameter 'Secret'. Cannot convert the "SQLSecret" value of type "System.String" to type

问题 I was trying to add Azure key vault integration with our ARM deployment, so we can keep all password in Azure Key-Vault. I was following this to try to access secret (adminPassword) I have created in Azure KeyVault (dSentienceAnalytics). Here is my template I tried to deploy this template through powershell, but it asked me to enter value for variable “adminPassword”, which it supposed to retrieve from Azure key vault. Do you see what I am missing here ? anyone can help me with this ? 回答1:

问题 I'm new to azure cloud services platform. Today i came across the Key-Vault storage service provided by azure. It has the ability to store application level keys and settings. It is safe and secure with enhanced data protection. But what i'm not clearly getting is to connect to Key-Vault i need the artifacts of my Key-Vault stored in my application config. If that is the case when someone eves-drop on the key values will he not connect to my Key-Vault and read all my keys. If I should encrypt

问题 I am writing a .Net console application to create Key Vault but not able to find class/method in Microsoft.Azure.KeyVault assembly that allows creating Vault and setting service principal to that vault. Can someone please point me to the assembly/class that i can use to create vault. Thanks 回答1: The class you are looking for is the KeyVaultManagementClient in the Microsoft.Azure. Management .KeyVault namespace. This is defined in the management KeyVault assembly you can get from NuGet. The