![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 15%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIL%3C/text%3E%3C/svg%3E)
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,448 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Ian Lee ,
Thanks for reaching out.
KeyClient and Spring Cloud Azure are two different approaches to accessing Azure Key Vault in a Java application.
KeyClient is a client library provided by Azure SDK for Java that allows you to interact with Azure Key Vault to manage keys, certificates, and secrets. It provides a low-level API for accessing Azure Key Vault, which means that you will need to handle authentication, authorization, and other details yourself. You can use KeyClient to retrieve keys, create keys, delete keys, and perform other key management operations.
Spring Cloud Azure, on the other hand, is a framework that provides a higher-level abstraction for accessing Azure services, including Azure Key Vault. It provides a set of Spring Boot starters that you can use to configure your application to use Azure services. Spring Cloud Azure provides a more convenient way to access Azure services, but it may not provide the same level of control as using KeyClient directly. I am not able to come across any sample documentation to autowire KeyClient with Spring cloud configration.
To auto wire KeyClient with Spring Cloud Azure without including unnecessary configuration properties, you can use the azure-keyvault-keys-spring-boot-starter dependency and directly inject KeyClient into your Spring application. This approach allows you to use the configuration properties that you're already familiar with to configure Key Vault. For more information, see Configuration examples. You do not need to include unnecessary configuration properties such as clientId and clientSecret.
Here is an example of how to inject KeyClient into your Spring application:
import com.azure.security.keyvault.keys.KeyClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class KeyClientConfiguration {
@Autowired
private KeyVaultProperties keyVaultProperties;
@Bean
public KeyClient keyClient() {
return new KeyClientBuilder()
.vaultUrl(keyVaultProperties.getVaultUri())
.credential(new DefaultAzureCredentialBuilder().build())
.buildClient();
}
}
In this example, KeyVaultProperties is a custom class that holds the configuration properties for Key Vault, including the vaultUri. The DefaultAzureCredentialBuilder is used to authenticate with Azure Key Vault.
Hope this will help.
Thanks,
Shweta
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 59%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)