Managing Key Vault Through Azure Portal

You can now manage Key Vault through the Azure portal. Prior to this the Key Vault's were managed either using Powershell, ARM Templates or REST API. Managing key Vault is now easy and user-friendly for the nontechnical people. In this post, I will walk through the new features in Azure Portal to manage key vault.

If you find any difference between what you see in the portal versus those in the screenshots below, it's likely that the portal is updated

In the new Azure portal search for 'key vault' to access this new feature. Or you can go to 'More Services' and scroll down to 'Security + Identity' section in the menu. Selecting Key Vault takes you to all the available Key Vaults under your subscription. You can further filter the Vault's list by the vault name using the filter box or based on your subscriptions.

Creating Key Vault

To create a new Key Vault select the 'Create' option. By entering the Vault Name, Subscription, Resource Group and Location you can create a new Key Vault.

The pricing tier defaults to Standard and it does not support HSM backed keys. This means you will be only able to create Software keys. You can select the Premium pricing tier if you need HSM backed keys. By default the login with which you create the subscription with gets granted access to the vault and is added to the access policies. You can grant additional applications or users access and control the permissions. Below I am adding in an AD application.

You can specify the Key Permissions and the Secret Permissions that the ServicePrincipal.

Keys and Secrets

Once the Vault is created you can add in Keys and Secrets into the vault. This can be done by selecting the Vault that was just created from the Vaults list. From here you can manage different aspects of the Vault and also manage Keys and Secrets.

The Azure Portal experience of Key Vault is good. It covers most of the functionalities needed when using a Key Vault. How do you find the new UI experience?