stackoom
  简体   繁体   中英

Azure Key Vault Understanding

 原文  2017-09-25 20:46:30       azure/ azure-virtual-machine/ azure-keyvault

Question

The following github deployment allows me to deploy a simple Windows VM by retrieving the password that is stored in a Key Vault. Therefore the password is never put in plain text in the template parameter file.

Can someone explain what is meant with the statement:

'the password is never put in plain text in the template parameter file?'

1 answers

solution1
 0 ACCPTED  2017-09-26 02:23:49

If you don't use Key Vault, even adminPassword type is securestring , When you enter the adminPassword during deployment, it is showing as plaintext, not ****** . It is not safe. But if you use Key Vault, the password stores in Key Vault and encrypted save, other could not see your password.

In template, you should configure your template using Key Vault like below: 

"adminPassword": {
  "reference": {
    "keyVault": {
      "id": "/subscriptions/XXXXXXX/resourceGroups/resourceGroupName/providers/Microsoft.KeyVault/vaults/vaultName"
    },
    "secretName": "secretName"
  }
},

Please refer to the similar question:How to hide password in shell script duing ARM template deployment .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure functions Key Vault azure key vault permisions Azure Key Vault limits Azure Key vault basic Azure Key-vault Encryption Setting up Azure Key Vault Limiting access to azure key vault CyberArk vs Azure Key vault Azure key vault create in Python Azure key vault: Merge certificate
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM