In Azure Key Vault,which is a secure secrets store, we can store passwords, connection strings, and other pieces of information that are needed to keep your applications working. You want to make sure that this information is available but that it is secured.Key Vault allows you to create multiple secure containers, called vaults. These vaults are backed by hardware security modules (HSMs).
To create key vault in create resource type key vault-Create
Give it a name,specify resource group and location and click create
Once vault is created click on secrets to add a new secret
In this example i stored Storage account keys in vault-first copied storage account keys
Then pasted it into vault,optionally, Activation and expiration dates can be specified.
Now, we need to point our application to this Key Vault.I’m not a developer so i created some fake (web) application,for demonstration purpose
Azure Active Directory-App registration-New application registration
Give application name and specify URL
Once application is created, go to it’s properties and click Keys
Create a key,specify expiration period
Copy key to clipboard, you will use it in your code to connect to Key Vault
Now we need to create Key Vault access policy-go to resource group-locate Key Vault-click access policy
Add new
Select your application we created earlier-click on Select principal
Select action application can perform against vault-in this case it can only get secret key
Now web application can get storage key from Key Vault
geekdudes 