hands-on lab

Exploring Azure KeyVault RBAC vs Access Policies Permission Model

Intermediate
1h
12
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Azure KeyVault is a secret and key management service that allows you to store and manage sensitive information such as passwords, keys, and certificates. Azure KeyVault helps you control your applications' secrets by keeping them in a single, central location and by providing secure access, permissions control, and access logging capabilities.

The KeyVault offer two types of permission models, RBAC and Access Policies. RBAC is role-based access control, which is used to manage access to Azure resources. Access Policies are used to manage access to KeyVault secrets and keys. While the access policies are used to manage access to KeyVault secrets and keys, RBAC is used to manage access to KeyVault itself simplifying the management of access to KeyVault secrets and keys.

In this hands-on lab, you will understand various permission models in Azure KeyVault and create access policies for Azure KeyVault. You will also understand RBAC roles for Azure KeyVault and create secrets using RBAC and Access Policies in Azure KeyVault.

Learning objectives

Upon completion of this intermediate-level lab, you will be able to:

  • Understand various permission models in Azure KeyVault
  • Create access policies for Azure KeyVault
  • Understand RBAC roles for Azure KeyVault
  • Create secrets using RBAC and Access Policies in Azure KeyVault

Intended audience

  • Candidates for Azure Administrator Associate certification (AZ-104)
  • Cloud Architects
  • Data Engineers
  • DevOps Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

  • Azure KeyVault

The following content can be used to fulfill the prerequisites:

Environment before
Environment after
About the author
Avatar
Parveen Singh
Cloud Lab Developer
Students
13,796
Labs
93
Courses
1
Learning paths
3

Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.

Covered topics
Lab steps
Logging in to the Microsoft Azure Portal
Review KeyVault Permissions and Assigning Access Policy
Reviewing Azure KeyVault RBAC Permissions