Exercise 1 – Create an Azure key vault
This section will look at installing Azure Key Vault and then storing a secret, which will be a password in this exercise.
In the following sub-sections, you can see the procedure to complete the exercise, segregated into tasks for a better understanding.
Task: Access the Azure portal
- Log in to the Azure portal at https://portal.azure.com. You can alternatively use the Azure desktop app, found at https://portal.azure.com/App/Download.
Task: Create an Azure key vault
- In the search bar, type in key vaults; click key vaults from the results list.
- From the Key vaults blade, click the + Create button on the top toolbar.
- From the Basics tab, set project details settings as required for the subscription and the resource group.
- Set Instance details settings, as follows:
- Key vault name—Enter a name.
- Region—Set as required.
- Pricing tier—Leave set to Standard.
6. Set Recovery options settings, as follows:
- Days to retain deleted vaults—Leave set to 90 days.
- Purge protection—Leave set to Disabled.
- Click Next: Access policy; leave at default settings.
- Click Next: Networking; leave at default settings.
- Click Review + create.
- On the Review + create tab, review your settings; you may go back to the previous tabs and make any edits if required. Once you have confirmed your settings are as required, you can click Create.
- When the deployment is complete, you will receive a notification that the deployment succeeded.
- Click Go to resource from the Deployment blade; alternatively, navigate to the Azure Key Vault instance.
Task: Add a secret to the key vault
- From the Key Vault blade of the instance created, click Secrets under Settings.
- Click + Generate/Import.
- From the Create a secret blade, set the following:
• Upload options—Leave set to Manual.
• Name—Enter a name for this secret.
• Value—Enter the secret you wish to store (that is, a password).
• Content type—Set as required.
• Set activation date—Set as required.
• Set expiration date—Set as required.
• Enabled—Leave as Yes.
- Click Create.
- You will receive a notification that the secret was successfully created.
- You will now see the secret listed in secrets under Settings for the key vault instance.
In this exercise, we successfully created an Azure key vault and created a secret. In the following exercise, we will look at securing network access using an NSG.