Introducing Azure Key Vault
At its core, Key Vault is a cloud service that we can use to securely store and safeguard secrets, keys, and certificates that applications use (Figure 12.1).
It allows us to streamline how applications access sensitive configuration parameters. How does it do this? It does this by providing the following capabilities:
- Centralizing the storage of application secrets: This ensures that we only need to make changes in one place instead of on distributed instances of our application.
- Implementing access control to restrict who can access application secrets.
- Implementing audit logging so that we can review how and when application secrets are accessed.
Before we go any further in our discussion, let's take some time to understand what we mean by secrets, keys, and certificates in Key Vault.