Badges
Tags
Categories
Meta
Tag Archives: azure key vault
Reliable and scalable infrastructure: Secrets
This is a series of posts: Introduction Principles Layers Traffic Secrets (this post) In the previous post we’ve discussed probably the most important aspect of running a service – the handling of live traffic. Without it it’s a not a … Continue reading
Posted in Infrastructure
Tagged azure, azure active directory, azure key vault, azure managed identity, book, x509 certificate
Leave a comment
How to get secret from Key Vault using PowerShell and Managed Identity
First you need to acquire a token using Managed Identity by calling the local Instance Metadata Service (IMDS) endpoint: Note that audience must match the service you’re calling and is different from example calling ARM. Then call the Key Vault … Continue reading
3 ways to assign access policy for user-assigned managed identity on key vault using ARM template
This post is a summary of my experience dealing with user-assigned managed identity and key vaults in Azure, it explores multiple ways to achieve the same result – how to assign access policies using an ARM template. Each of the … Continue reading
How to set access policy on Key Vault in another subscription aka How to deploy to resource group in another subscription using ARM template?
The model for my Service Fabric infrastructure consists of two major parts: Data Center (think Azure region) Scale Unit (think Service Fabric cluster and its child resources) But today due to the limitation around AAD first party application we decided … Continue reading
How to combine Key Vault access policy for AAD application and user-assigned managed identity in single ARM template
On other day I was exploring how to grant access for a user-assigned managed identity to a key vault. But here’s a more advanced scenario: let’s say legacy code uses an AAD application to access the key vault and modern … Continue reading
Alexander Batishchev's Blog 