- This service is used to manage all the secrets like Encryption keys, connection passwords, Certificates.
- Service principle is created in AAD like a user and is assigned rights to fetch details from azure key vault.
- Azure keyvalue can be used to do the disk encryption (VM disc ie D drive). it wil put lock symbol on drive.
- RBAC(Role based access control) vs Permission in azure keyvault:
- RBAC come first in picture means it might be the case because of RBAC in picture use has no access to keyvault or has limited access to key vault.
- For an application defined in Azure AD to access a storage account, you have to implement the permission of user_impersonation. Here the permission of the logged-on user would be used to access the storage account
Key Vault
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment