Integrate Azure Key Vault with Azure DevOps

Completed 100 XP

Estimated time: 40 minutes.

Scenario

Azure Key Vault provides secure storage and management of sensitive data, such as keys, passwords, and certificates. Azure Key Vault includes support for hardware security modules and a range of encryption algorithms and key lengths. Using Azure Key Vault can minimize the possibility of disclosing sensitive data through source code, a common mistake developers make. Access to Azure Key Vault requires proper authentication and authorization, supporting fine-grained permissions to its content.

In this lab, you see how you can integrate Azure Key Vault with an Azure Pipeline by using the following steps:

  • Create an Azure Key vault to store an ACR password as a secret.
  • Create a Service Principal to access Azure Key Vault's secrets.
  • Configure permissions to allow the Service Principal to read the secret.
  • Configure the pipeline to retrieve the password from the Azure Key Vault and pass it on to subsequent tasks.

Objectives

After completing this lab, you'll be able to:

  • Create a Microsoft Entra ID Service Principal.
  • Create an Azure Key Vault.

Requirements

Exercises

During this lab, you complete the following exercises:

  • Exercise 0: Configure the lab prerequisites.
  • Exercise 1: Set up CI Pipeline to build eShopOnWeb container.
  • Exercise 2: Remove the Azure lab resources.

Screenshot of a launch button, which will take you to the lab.


Next unit: Enable Dynamic Configuration and Feature Flags

Previous Next