Cloud Intermediate
Azure Key Vault — Secrets Management¶
AzureKey VaultSecuritySecrets 5 min read
Key Vault pro secrets, keys, certificates. RBAC, Managed Identity a rotation.
Základní operace¶
az keyvault create --name mykeyvault -g myRG --enable-rbac-authorization true
az keyvault secret set --vault-name mykeyvault --name db-password --value "S3cret!"
Managed Identity¶
var client = new SecretClient(
new Uri("https://mykeyvault.vault.azure.net"),
new DefaultAzureCredential());
var secret = await client.GetSecretAsync("db-password");
Žádné credentials v kódu — Managed Identity se autentizuje automaticky.
Rotation¶
- Event Grid notifikace při expiraci
- Azure Functions jako rotation handler
- Auto-rotation pro Storage Account keys
Summary¶
Nikdy nehardcodujte secrets — vždy Key Vault + Managed Identity.
Need Help with Implementation?¶
Our team has experience designing and implementing modern architectures. We’re happy to help.