Skip to content

key-vault.mdx

Latest commit

 

History

History
136 lines (108 loc) · 3.15 KB

key-vault.mdx

File metadata and controls

136 lines (108 loc) · 3.15 KB
title Key Vault
description Get started with Azure Key Vault on LocalStack
template doc

import AzureFeatureCoverage from "../../../../components/feature-coverage/AzureFeatureCoverage";

Introduction

Azure Key Vault is a managed service for securely storing and accessing secrets, keys, and certificates. It helps centralize sensitive configuration and credentials for your applications and services. Key Vault also supports secure key management and certificate lifecycle operations.

LocalStack for Azure allows you to build and test Key Vault workflows in your local environment. The supported APIs are available on our API Coverage section, which provides information on the extent of Key Vault's integration with LocalStack.

Getting started

This guide is designed for users new to Key Vault and assumes basic knowledge of the Azure CLI and our azlocal wrapper script.

Start your LocalStack container using your preferred method. Then start CLI interception:

azlocal start_interception

Create a resource group

Create a resource group that will contain your Key Vault resources:

az group create \
  --name rg-keyvault-demo \
  --location westeurope
{
  "name": "rg-keyvault-demo",
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-keyvault-demo",
  "location": "westeurope",
  "properties": {
    "provisioningState": "Succeeded"
  }
}

Create a Key Vault

Create a Key Vault in your resource group:

az keyvault create \
  --name kv-demo-localstack \
  --resource-group rg-keyvault-demo \
  --location westeurope
{
  "name": "kv-demo-localstack",
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-keyvault-demo/providers/Microsoft.KeyVault/vaults/kv-demo-localstack",
  "location": "westeurope",
  "properties": {
    "provisioningState": "Succeeded",
    "vaultUri": "https://kv-demo-localstack.localhost.localstack.cloud:4566"
  }
  ...
}

Add and read a secret

Create a secret in the vault:

az keyvault secret set \
  --vault-name kv-demo-localstack \
  --name app-secret \
  --value "super-secret-value"
{
  "name": "app-secret",
  "id": "https://kv-demo-localstack.localhost.localstack.cloud:4566/secrets/app-secret/d8a709f96aee4bea901bd8825f28a281",
  "attributes": {
    "enabled": true
  },
  "value": "super-secret-value"
  ...
}

Read the secret value:

az keyvault secret show \
  --vault-name kv-demo-localstack \
  --name app-secret
{
  "name": "app-secret",
  "id": "https://kv-demo-localstack.localhost.localstack.cloud:4566/secrets/app-secret/d8a709f96aee4bea901bd8825f28a281",
  "attributes": {
    "enabled": true
  },
  "value": "super-secret-value"
  ...
}

List all secrets in the vault:

az keyvault secret list \
  --vault-name kv-demo-localstack
[
  {
    "name": "app-secret",
    "id": "https://kv-demo-localstack.localhost.localstack.cloud:4566/secrets/app-secret"
    ...
  }
]

API Coverage