Create an Azure Key Vault service

As a next step you will need to create an Azure Key Vault service for holding your application certificates. You can use the below guidance for creating a Key Vault.

• Create Key Vault

Step by step guidance

1. Create an Azure Key Vault using Azure CLI. Make sure you use a globally unique name for your Key Vault.

   KEYVAULT_NAME=kv-$APPNAME-$UNIQUEID
   az keyvault create \
       --name $KEYVAULT_NAME \
       --resource-group $RESOURCE_GROUP \
       --location $LOCATION \
       --sku standard \
       --enable-rbac-authorization
   

2. Assign access to Azure Key Vault for your user using Azure CLI.

   KEYVAULT_ID=$(az keyvault show -n $KEYVAULT_NAME -g $RESOURCE_GROUP --query id -o tsv)
      
   CURRENT_USER=$(az account show --query user.name --output tsv)
   echo $CURRENT_USER
      
   az role assignment create \
      --role "Key Vault Secrets Officer" \
      --assignee $CURRENT_USER \
      --scope $KEYVAULT_ID
   
   az role assignment create \
      --role "Key Vault Certificates Officer" \
      --assignee $CURRENT_USER \
      --scope $KEYVAULT_ID