In this lab, you will get started with Azure Key Vault to create a hardened container (a vault) in Azure, to store and manage cryptographic keys and secrets in Azure. First you will use Azure PowerShell. Then you will store a password as a secret that could then be used with an Azure application.
- Use PowerShell to create an Azure Key Vault
- Create both a key and a secret that are stored in Azure Key Vault
- Register an Application with Azure AD and then create a Key Vault Polices allowing an Application to access the Key Vault
- Encrypt Columns in an Azure SQL Database using an autogenerated key
- Build a Console application that connects to the DB using an Always Encrypted Connection String which allows for inserting Data into Encrypted Columns and then selecting encrypted data from the Columns
In this exercise, you will create a Virtual Machine in Azure that will be used to complete the exercises in this lab.
In this exercise, you will use PowerShell to create an Azure Key Vault.
In this exercise, you will use PowerShell to create a Key and Secret that are stored in Azure Key Vault.
You will enable your client application to access the SQL Database service by setting up the required authentication and acquiring the Application ID and Secret that you will need to authenticate your application in the following code.
In this exercise, you will create a blank Azure SQL Database, connect to it with SQL Management Studio and create a table. You will then encrypt two data columns using an autogenerated key from the Azure Key Vault. Then you will create a Console application using Visual Studio to Load data into the Encrypted Columns and then access that data securely using a connection string that accesses the key via Key Vault.