What is the Azure Key Vault?

Azure Key Vault can be best described as a Key Management Service that is based on FIPS 140-2 validated HSMs, which also provides secrets and certificate-management services. Azure Key Vault is used for Azure RMS BYOK deployments. The service itself provides the following capabilities:

  • Centralized secret management
  • Compliance through Software/Hardware HSM protection
  • Read/Write management over REST API/SDK/PowerShell and CLI
  • Access and usage monitoring
  • Automated distribution, logging inspection, and deployments
  • Throttling and Versioning
  • SLA 99.9% and 6 persistent copies (3 copies same region/3 additional copies secondary region)

For Azure RMS and BYOK, you need to use the P1 Premium option to import your keys ...

Get Mastering Identity and Access Management with Microsoft Azure - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.