Azure Key Vault


Azure Key Vault is a cloud service that provides a secure storage for secrets. You can use this Azure resource to securely store custom keys, passwords, certificates, and other secrets.
Azure Key Vault helps solve the following problems:

  • Secrets Management - Azure Key Vault can be used to securely store and tightly control access to tokens, passwords, certificates, API keys, and other secrets.
  • Key Management - Azure Key Vault can be used as a Key Management solution that makes it easy to create and control the cryptographic keys used to encrypt your data.
  • Certificate Management - Azure Key Vault lets you easily provision, manage, and deploy public and private Transport Layer Security/Secure Sockets Layer (TLS/SSL) certificates for use with Azure and your internal connected resources.

For more information, see Microsoft documentation » Azure Key Vault.

You can access Azure Key Vault directly through the Azure Portal, or through the Keys, secrets & certificates link on the Welcome page of Sitefinity Cloud Management Portal.

NOTE: Only users with Access Repos and Pipelines group permissions can manage secrets, keys, and certificates in a Key Vault.

Link Key Vault secrets

As an additional level of usability, you are allowed to link a Key Vault secret to a variable group. This way, you may have version management for the secret and may keep track of all different values.

To link a Key Vault secret, perform the following:

  1. Login to Sitefinity Cloud Management Portal.
  2. Navigate to Pipelines » Library.
  3. Open Custom <Environment name> AppSettings variable group.
  4. For each app setting, configure the following:
    • Name – enter the path to the configuration property; use this pattern: sf-env:<PathToConfigurationProperty>
      For information how to locate the path to the property, see Manage configurations in Continuous delivery pipeline.
    • Value – enter the name of the secret in Key Vault; use this pattern: $(<NameofSecretInKeyVault>)

NOTE: If you want your app settings to apply to all environments, add these settings to Custom Release AppSettings variable group.

Was this article helpful?