Chapter 15. Securing information with Azure Key Vault

 

Almost every week, there’s news of a cybersecurity incident with a major company. In the same way you’ve used various forms of automation to grow or replicate your applications and data, attackers automate their own actions. It’s unlikely that a single person will manually try to compromise the security of your systems. This concept makes it difficult to defend your systems 24 hours a day, 7 days a week, 365 days a year (okay, or 366 days!).

Chapter 14 discussed how to encrypt your data and VMs. This is a great first step, and we briefly looked at how to create and use encryption keys stored with the Azure Key Vault service. Secure data, such as keys, secrets, and certificates, is best stored in a digital vault like a key vault, which can centrally manage, issue, and audit the use of your critical credentials and data. As your applications and services need access to different resources, they can automatically request, retrieve, and use these keys, secrets, and credentials. In this chapter, you learn why and how to create a secure key vault, control access, and then store and retrieve secrets and certificates.

15.1. Securing information in the cloud

15.2. Managed service identities

15.3. Creating and injecting certificates

15.4. Lab: Configuring a secure web server