In this Azure article, we will discuss the lists of Key Vault best practices that you need to follow while working with Azure Key Vault.
Azure Key Vault Best Practices
- Azure Key Vault is a cloud service that provides encryption keys and secrets like certificates, connection strings, passwords, etc. Some best practices need to be followed.
- It is recommended to enable soft delete that helps to recover the deleted vault objects.
- You should limit the number of users who have contributed access because they can access and misuse the data pane. So it is suggested to limit the number of users for those you will give the contribute access to.
- You should enable the Diagnostics logs in Key Vault to help you investigate easily in case of any service incidents.
- It is recommended to restrict who can access your key vault logs because they cannot utilize or delete them while investigating any service incidents.
- You should give limited access to the virtual networks used by all the solutions requiring vault access.
- You should ensure that you can recover the Azure Key Vault instances if needed.
You may also like following the below articles
- How to Create a Recovery Services Vault in Azure
- Recovery services vault cannot be deleted as there are existing resources within the Vault.
In this Azure article, we discussed the lists of Azure Key Vault best practices that you need to follow. Thanks for reading this article !!!
I am Rajkishore, and I have over 14 years of experience in Microsoft Azure and AWS, with good experience in Azure Functions, Storage, Virtual Machine, Logic Apps, PowerShell Commands, CLI Commands, Machine Learning, AI, Azure Cognitive Services, DevOps, etc. Not only that, I do have good real-time experience in designing and developing cloud-native data integrations on Azure or AWS, etc. I hope you will learn from these practical Azure tutorials. Read more.