Azure Key Vault

  • A service that allows you to store tokens, passwords, certificates, and other secrets.
  • You can also create and manage the keys used to encrypt your data.


  • Soft delete allows a deleted key vault and its objects to be retrieved during the retention time you designate.
  • The retention period of a deleted vault is between 7 to 90 days.
  • With soft-delete and purge protection enabled, it will not purge a vault or object in the deleted state until the retention period has expired.
  • You may connect to a key vault via
    • A public endpoint in all networks
    • A public endpoint in selected networks
    • A private endpoint
  • Tutorials dojo strip
  • Share access to your applications and resources without revealing your credentials.


  • A tenant is a representation of an organization.
    • Azure Active Directory allows you to publish multi-tenant applications.
    • Azure Active Directory (B2C) tenant represents a collection of identities.
  • A vault owner enables you to create a key vault and set up an auditing log of who has access to secrets and keys.
  • A vault consumer can only perform actions on the assets inside the key vault if the vault owner grants the consumer access.
  • A manageable item in Azure is called resource, and resource groups are containers that hold related resources.
  • Service principal gives you control over which resources can be accessed. At the same time, a managed identity eliminates the need for you to create and manage service principals directly since it provides Azure services with an automatically managed identity in Azure AD.
  • You can identify an Azure AD instance within your Azure subscription using a tenant ID.
  • An access policy grants the service principal (user group or application) permissions to perform various operations on Azure Key Vault keys, secrets, and certificates.
    • You can also configure the access policy from a template.
    • With access policy, you can enable access to:
      • Azure Virtual Machines for deployment – this will permit the VMs to retrieve certificates stored as secrets from the key vault.
      • Azure Resource Manager for template deployment – if this option is enabled, the ARM is permitted to retrieve secrets from the key vault.
      • Azure Disk Encryption for volume encryption – grants permission to retrieve secrets from the key vault and unwrap keys.
    • You can select a permission model between vault access policy or Azure RBAC.


  • You are charged if the key has been used at least once in the last 30 days (based on the key’s creation date).
  • You are charged for each historical version of a key.

Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.


Tutorials Dojo portal

FREE AWS Exam Readiness Digital Courses

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?