Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events
SOLVED

Integration of Azure Key Vault for Secret Management in AEM as a Cloud Service

Avatar

Level 3

Hi All

Is it possible to integrate Azure Key Vault with AEM as a Cloud Service for managing secrets such as API keys, passwords, and connection strings?

If feasible, what are the recommended steps or best practices for integrating Azure Key Vault with AEM as a Cloud Service?

Please share any related documents .

 

Thanks

 

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @KannanCh2,
You can refer to the following document - 

Configure an Azure Key Vault


The general steps for integrating Azure Key Vault in AEMaaS would be as follow-

  1. Setup Azure Key Vault Key - Create new key vault instance, add secrets to the key vault & define access policies to read these secrets.
  2. Access Key Vault in AEM - Ensure IAM (Service Principal or Managed Identify) has permissions to access Key Vault, Then authentication with Key Vault from AEM Application (Azure AD Authentication, Client Certificates etc.) and finally using REST APIs (Azure Key Vault REST API reference) or Azure SDKs (Azure SDK for Java) to retrieve secrets from Azure Key Vault.

Hope this helps!

View solution in original post

2 Replies

Avatar

Correct answer by
Community Advisor

Hi @KannanCh2,
You can refer to the following document - 

Configure an Azure Key Vault


The general steps for integrating Azure Key Vault in AEMaaS would be as follow-

  1. Setup Azure Key Vault Key - Create new key vault instance, add secrets to the key vault & define access policies to read these secrets.
  2. Access Key Vault in AEM - Ensure IAM (Service Principal or Managed Identify) has permissions to access Key Vault, Then authentication with Key Vault from AEM Application (Azure AD Authentication, Client Certificates etc.) and finally using REST APIs (Azure Key Vault REST API reference) or Azure SDKs (Azure SDK for Java) to retrieve secrets from Azure Key Vault.

Hope this helps!

Avatar

Administrator

@KannanCh2 Did you find the suggestion helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!



Kautuk Sahni