See below for creating a source that imports your Azure Key Vault certificates.
This source is only available when installing the corresponding plugin.
To create an Azure Key Vault source
- Log in as an administrator with either:
- The global_admin role.
- A <user_defined> role with permission to create sources.
- Go to Automate > Sources.
- Click Create to configure the following settings.
- Click Verify for Certificate Manager to verify all the settings. Some plugins might ask for additional configuration settings after verification.
Label
A descriptive name of the source.
Mandatory: Yes
Owner
The username of the source owner. The user who creates the source is automatically made the owner of both the source and the source certificates.
You can later edit this field and assign ownership to someone else.
Description
A description of the source purpose.
Mandatory: No
Authorization Tags
A list of authorization tags. The Custom Roles with any of these tags will grant permissions on the source.
Mandatory: No
Select Source Type
Select Azure-KeyVault-Source-Plugin.
Mandatory: Yes
Key Vault URL
The URL of the Azure Vault.
Mandatory: Yes
Client ID
The Application ID displayed on the Azure portal. See the following guide to register an application, create a new application secret and configure access policies on Azure key vault resource.
The Azure Key Vault plugin needs the following certificate permissions: create, update, get, list, import, and delete.
Mandatory: Yes
Client Secret
The Application API Key generated in the Azure portal.
Mandatory: Yes
Tenant ID
The Tenant ID displayed in the Azure portal.
Mandatory: Yes