Azure Key Vault is a new promising service to store cryptographic keys and application secrets.
Note
At the time of writing this book, Azure Key Vault is still a preview service. Despite this, every service in Azure evolves at an incredible speed; this means that the procedures in this section are especially subject to major changes.
With the Key Vault, we come back to thinking about making thinks safer, thereby enabling certain scenarios, for example:
We have a database connection string spread into several applications pointing to this database and we would like to:
Avoid writing it in certain configuration files
Prevent developers from having access to it
Avoid replicating/changing it in every deployment when the data source changes
We have a Cryptographic Key that we use to sign several important documents and we would like to:
Avoid embedding it into the application
Sign documents without doing it on the application machine, so as to avoid the possibility of these documents being...