What is Management and Data plane in Azure Key Vault?

asked 2020-05-06T20:49:06.38+00:00
Saurabh Sharma 17,286 Reputation points Microsoft Employee

What is Management and Data plane in Azure Key Vault?

[Note: As we migrate from MSDN, this question has been posted by an Azure Cloud Engineer as a frequently asked question]

Source: Secure your key vault

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
654 questions
No comments
{count} votes

Accepted answer
  1. answered 2020-05-06T21:53:16.383+00:00
    Marilee Turscak-MSFT 20,401 Reputation points Microsoft Employee

    The Management plane interface is used for managing the Key Vault itself which includes operations like creating and deleting key vaults, retrieving key vault properties, and updating access policies.

    The data plane is used for working with the data stored in a key vault and includes operations of add, delete, and modify keys, secrets, and certificates.

    Access to a key Vault is controlled through these two planes and the applications access these planes through endpoints. Refer to Resource endpoints for details.

    The Management plane access is provided through RBAC whereas access to a data plane is provided through Key Vault access policies.

    Source: Secure your key vault

    No comments

1 additional answer

Sort by: Most helpful
  1. answered 2022-09-21T06:10:33.043+00:00

    243246-azure-vault-management-data-plane.pdf

    Attached document has some details on the working of each plane with flow diagram as an example taken from Microsoft Learn.

    Hope this would help you further to understand about each plane.

    If the document adds value to your question then please accept this as an solution.

    No comments