Applications contain many secrets, such as connection strings, passwords, certificates, and tokens, which, if leaked to unauthorized users, can lead to a severe security breach. This can also result in serious damage to the reputation of the organization and can cause compliance issues.
Azure Key Vault allows you to manage your organization's secrets and certificates in a centralized repository. The secrets and keys are further protected by Hardware Security Modules (HSMs). It also provides versioning of secrets, full traceability, and efficient permission management with access policies.
Note
For more information on Azure Key Vault, visit https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview.
In this recipe, we will see how we can automatically publish secrets in our pipeline so that secret management is automated.