With the Key Vault of Microsoft Azure, all your secrets are safe!

Jaap and Simon take you through the combination of the Azure Key Vault in CI/CD pipelines.

3
 min read |  
22/3/2022
 |  
Business critical applications

Securing cryptographic keys and other secrets used in the cloud is done with Microsoft Azure Key Vault. What it is? Why and how to apply it? What the benefits are and how it helps both business and IT? Cloud Developers Jaap & Simon tell.

What is Azure Key Vault and why do you apply it?

When it comes to processing personal data, passwords and certificates, we want to process it neatly, uniformly and securely. It's all the values you want to keep but shouldn't be visible to others. Think of the Key Vault as a vault in Azure where you store these secrets. It enhances and simplifies:

  • The security and control of keys and passwords
  • Scalability with the Azure Cloud
  • Applications. These do not have direct access to keys
  • Automating tasks for SSL/TLS certificates  

Want to read more about the Azure Key Vault?

Getting a pipeline ready doesn't have to take long these days. If all goes well, you already have a lot automated. This includes creating the Key Vault, so that each connection string exchanges information in a secure way. Where you used to have to do a separate operation or upset for each environment or stage from the OTAP street, we already set this up automatically through the web API configuration. From Microsoft best practices and our Golden Path principles, we see that data is fully traceable (even if changed in the interim). When achieving ISO certification, this is not a luxury, but a must.

Why do we use this as a standard when setting up a CI/CD pipeline and real-world examples?

What does this look like in practice? The process works easily, quickly and is fully compliant. What benefits it has for both business and IT?  

  • When creating a new sprint, a push is given for releasing a CI/CD pipeline. New features are automatically merged. It's faster and more insightful.
  • SaaS first. Before PaaS and before IaaS. The focus of Azure Key Vault is on the software and not necessarily on the platform or infrastructure. This makes connecting to other gateways easy and flexible.  
  • You spend less development time on this. You can focus more on functionality instead of dealing with virtual machines. More time for development for your DevOps team and more time for business. Win-win.  
  • You work as a team. Peripheral issues soon become less important. You focus on what does/doesn't work and why from the source.  

The option is often used with organizations where interfacing with banking & payment systems is required. We then only need to make changes in the Key Vault and not in the application. It can be read out via YAML. This means that if certain policies change, this no longer results in manual work. And thus less chance of errors. With the Key Vault of Microsoft Azure, all your secrets are safe!

Are you already deploying Azure Key Vault? And also at the beginning of the development process and during automatic deployment?

Also interesting to read:  

Our cloud colleagues are looking to strengthen their team. Check out Working at TeamValue.

Download our cheat sheet BizDevOps

We combine data and foresight with intuition and lasting behavior change. How. We wrote out the first steps for you in our BizDevOps cheat sheet. Download it now for free and start your digital transformation today.

5
 min read |  
19/7/2024
Team huddle: A weekly moment for connection and effectiveness in your team
In the digital age where technology drives the way we work, collaboration is becoming increasingly challenging. Teams are scattered across different locations and working on a variety of projects, so connectedness can quickly be lost. How can we ensure that team members stay engaged despite this distance?
Business critical applications
3
 min read |  
19/7/2024
Back to the 80's! - Recap Azure & AI Lowlands
June 27 was the day: the Azure & AI Lowlands event! With the entire Cloud team we traveled to this event, completely in '80s style. Think neon colors, retro games, iconic 80s vehicles and of course a lot of tech talks on Azure and AI.
Our team members
4
 min read |  
5/7/2024
The Role of Agile Coach - In conversation with Gert-Jan
Meet Gert-Jan! Agile Coach at TeamValue. Scrum working is totally his thing. And he likes to help his colleagues with this. Curious about working at TeamValue? Then read on quickly.
More information about this blog? Get in touch with the author(s).
Jaap Meems
Sign up for the newsletter!
SIGN UP NOW
Background

Join our team!

TeamValue is a young and fast growing company with a solid foundation. We are looking for people who have IT skills and enjoy giving workshops. Searching together for the best solution for a customer. That is what we are all about!

Azure Solution Developer

A very dynamic role, in which more than just technical skills are required! You are that Fullstack Software Developer who knows how to build business-critical applications. All your solutions must be rolled out 100% automatically.

Full-time
Zwolle

Cloud Engineer

You are the Cloud Engineer who understands the old world, has a lot of experience in it and secretly wants nothing more than to enter the new world of Modern Service Management and the public cloud. Do you have scripting skills, do you stand for proactive management and are you 'on' when it comes to solving (im)possible problems? The team can't wait to meet you.

Full-time
Zwolle

Business Intelligence Consultant

You have guts! Because you dare to be critical towards our customers. You really help the client one step further. You think with us, ask questions and respond. Because TeamValue goes for the best result.

Full-time
Zwolle