Creating a secret in Azure Key Vault is essential for securely storing and managing sensitive information. In this article, I will explain two simple approaches to performing this task efficiently.
Table of Contents
How to create a secret in Azure Key Vault
Let us deep dive into the two simple approaches individually.
- Approach-1: Using Azure Portal
- Approach-2: Using PowerShell
Approach-1: Using Azure Portal
To create secret in Azure Key Vault, Follow the below steps
1. Log in to the Azure Portal.
2. On the key volt window, click the Secrets link from the left navigation and then click the + Generate/Import button.
3. On the Create a secret window, Provide the below details.
- Upload options: Choose Manual.
- Name: Provide a unique name for your secret.
- Secret value: Enter a secret value.
- Select the set activation date and set the expiration date based on your requirements.
- Enabled: Select Yes.
Finally, click the Create button, as shown in the screenshot below.
Fix the error. The operation is not allowed by RBAC in the case you are getting it after clicking on the Create button.
Now, you can see that the key vault has been created successfully. Check out the screenshot below.
Approach-2: Using PowerShell
Create an user account permissions to create secrets in the Key Vault
Execute the Azure PowerShell command below to create user account permissions to create secrets in Key Vault. Else. You will get the error “Caller is not authorized to perform an action on a resource.” like below.
So, the first step is to create user account permissions to create secrets in Key Vault using the script below to avoid the above error.
New-AzRoleAssignment -RoleDefinitionName "Key Vault Administrator" -SignInName "fewlines4biju_hotmail.com#EXT#@fewlines4bijuhotmail.onmicrosoft.com" -Scope "/subscriptions/1cdf4300-dee5-4518-9c9c-feaa72a5cbd1/resourceGroups/newresgroup/providers/Microsoft.KeyVault/vaults/Azurelessonskeyvt2"After executing the above script, I got the expected output below
Create a secret in your Azure key vault
Now, you can execute the below Azure PowerShell command to create the secret.
$secretvalue = ConvertTo-SecureString "Password@123" -AsPlainText -Force
$secret = Set-AzKeyVaultSecret -VaultName "Azurelessonskeyvt2" -Name "AzurelessonsPassword" -SecretValue $secretvalueAfter executing the above script, I got the expected output, and the secret was created successfully, as shown in the screenshot below.
I logged in to the Azure Portal and verified that the secret was created successfully. See the screenshot below.
You may also like following the articles below
- How Does Azure Key Vault Work
- Az keyvault list
- Azure Key Vault Best Practices
- The Access Configuration For This Key Vault Is Set To Role-Based Access Control.
- Azure Recovery Services Vault
I am Rajkishore, and I am a Microsoft Certified IT Consultant. I have over 14 years of experience in Microsoft Azure and AWS, with good experience in Azure Functions, Storage, Virtual Machines, Logic Apps, PowerShell Commands, CLI Commands, Machine Learning, AI, Azure Cognitive Services, DevOps, etc. Not only that, I do have good real-time experience in designing and developing cloud-native data integrations on Azure or AWS, etc. I hope you will learn from these practical Azure tutorials. Read more.
