Microsoft Azure Key Vault
The following article explains how to set up your Azure Key Vault to store your sensitive data. This article assumes you have already created your Microsoft Azure account and enabled your Azure Subscription.
Create Key Vault
Head over to the Azure Portal and from the main screen select "Create a Resource"
Now enter of find "Key Vault".
Click the create button.
Configure Key Vault
This process is very similar to when we set up your storage account. All we need to do is select the subscription, select the resource group we created earlier when creating a storage account, or create a new one. Enter a unique name, select which region you want. Leave the rest as default and click "Review + Create".
If the validation passed, click "Create".
After a couple of minutes, the Key Vault will be created. Once created, Click "Go to resource".
On the overview tab, you will see a "Vault URI" copy this value so we can paste it in the G2S preferences window.
Open the G2S preferences window, and on the security tab, check "Use Key Vault" and paste the value in the "Vault URI" field.
Now key Vault is set up we need to go to app registrations and register the app. Head over to the Azure Portal and from the main screen, type "app registrations" in the search field at the top, then select "App Registrations".
Click New Registration.
Enter a name and click "Register".
Now within the new app registration, on the overview tab, copy the Application (Client) ID, and paste it in G2S preferences.
Open the G2S preferences window, and on the security tab, paste the value in the "Client ID" field.
Now within the new app registration, click the "Certificates & secrets" tab, and click the "+ New client secret" button.
Enter a Name/Description for the client secret, choose an expiry date, and click Add.
Now copy the client secret, Note you need to copy this now, as it will never be visible again.
Open the G2S preferences window, and on the security tab, paste the value in the "Client Secret" field.
Now back over to Azure, from the main screen, select the Key Vault we made earlier.
Now on the Access policies tab, click Add Access Policy.
Now from the configure template dropdown, select "Secret Management" this selects the Secret Permissions for you. Then click "Select principal".
Now in the principal list, we need to select the App Registration we created earlier. In my example, I called it G2S Keys, so I need to find G2S Keys and click "Select".
Now click Add.
Now you should see your access policy, click save and we are done.