In this lab, you will use the Azure Key Vault service in order to store keys and secrets used to encrypt an Azure Virtual Machine (VM). Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) by using keys that are protected by hardware security modules (HSMs). This streamlines the key management process and enables you to maintain control of keys that access and encrypt your data.
Upon completion of this lab you will be able to:
You should be familiar with:
The lab Environment has two main pieces:
You will spend most of your time in the Azure PowerShell ISE and the Azure Portal. Below is a high-level diagram of the steps you will take in this lab:
March 30th, 2023 - Resolved permissions issue
January 22nd, 2023 - Updated labstep with new screenshots & instructions
November 23rd, 2022 - Updated the instructions and screenshots to reflect the latest UI
April 27, 2022 - Updated instructions for accuracy
March 22nd, 2022 - Updated the instructions and screenshots to reflect the latest UI
February 8th, 2022 - Updated the lab to use the previous version of the Az.Resources PowerShell module to avoid a bug introduced in the latest version
December 20th, 2021 - Removed a dangling variable reference from the lab script
December 13th, 2021 - Updated Azure AD PowerShell cmdlets to work with Microsoft Graph
October 20th, 2021 - Resolved an issue caused by a breaking change in Azure Active Directory
July 20th, 2020 - Modified the lab bootstrap script to ensure all dependent PowerShell modules are installed before the New-EncryptedVM.ps1 script is available to avoid potential unrecognized cmdlet errors
February 19th, 2020 - Update the lab to use PowerShell's Az module and added validation checks to check the work performed in the lab
February 5th, 2020 - Updated lab script to resolve an issue causing invalid storage account names
December 11th, 2019 - Updated lab VM to latest Windows 2019 image and improved issues causing slow startup PowerShell performance
April 11th 2018 - Updated Key Vault Portal screenshots, resolved issue causing the PowerShell script to timeout when creating the VM, and prepared for May 2018 API changes
Chris has over 15 years of experience working with top IT Enterprise businesses. Having worked at Google helping to launch Gmail, YouTube, Maps and more and most recently at Microsoft working directly with Microsoft Azure for both Commercial and Public Sectors, Chris brings a wealth of knowledge and experience to the team in architecting complex solutions and advanced troubleshooting techniques. He holds several Microsoft Certifications including Azure Certifications.
In his spare time, Chris enjoys movies, gaming, outdoor activities, and Brazilian Jiu-Jitsu.