Ends in

72-Hour Flash Sale! Get our AZ-900, AZ-104, and GCP ACE Practice Exams at Super Low Prices

Azure Key Vault

  • A service that allows you to store tokens, passwords, certificates, and other secrets.
  • You can also create and manage the keys used to encrypt your data.


  • Soft delete allows a deleted key vault and its objects to be retrieved during the retention time you designate.
  • The retention period of a deleted vault is between 7 to 90 days.
  • With soft-delete and purge protection enabled, it will not purge a vault or object in the deleted state until the retention period has expired.
  • You may connect to a key vault via
    • A public endpoint in all networks
    • A public endpoint in selected networks
    • A private endpoint
  • Share access to your applications and resources without revealing your credentials.
  • IT Certification Category (English)728x90


  • A tenant is a representation of an organization.
    • Azure Active Directory allows you to publish multi-tenant applications.
    • Azure Active Directory (B2C) tenant represents a collection of identities.
  • A vault owner enables you to create a key vault and set up an auditing log of who has access to secrets and keys.
  • A vault consumer can only perform actions on the assets inside the key vault if the vault owner grants the consumer access.
  • A manageable item in Azure is called resource, and resource groups are containers that hold related resources.
  • Service principal gives you control over which resources can be accessed. At the same time, a managed identity eliminates the need for you to create and manage service principals directly since it provides Azure services with an automatically managed identity in Azure AD.
  • You can identify an Azure AD instance within your Azure subscription using a tenant ID.
  • An access policy grants the service principal (user group or application) permissions to perform various operations on Azure Key Vault keys, secrets, and certificates.
    • You can also configure the access policy from a template.
    • With access policy, you can enable access to:
      • Azure Virtual Machines for deployment – this will permit the VMs to retrieve certificates stored as secrets from the key vault.
      • Azure Resource Manager for template deployment – if this option is enabled, the ARM is permitted to retrieve secrets from the key vault.
      • Azure Disk Encryption for volume encryption – grants permission to retrieve secrets from the key vault and unwrap keys.
    • You can select a permission model between vault access policy or Azure RBAC.


  • You are charged if the key has been used at least once in the last 30 days (based on the key’s creation date).
  • You are charged for each historical version of a key.

Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.


Save More with Our SAA, CDA, and SysOps Triple Bundle Reviewers!

AWS Certified SysOps Administrator Associate Video Course – Early Access Discount Ends Soon!

Pass your AWS, Azure, and Google Cloud Certifications with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

FREE AWS Cloud Practitioner Essentials Course!

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?

error: Content is protected !!