Create/Retrieve Secrets from Key Vault using Azure CLI

You can create a secret directly using Azure CLI and store it in Azure Key vault. Once the secret is created and stored, you can retrieve/fetch it using Azure CLI. Let’s check the steps:

Step 1 – Install Azure CLI

Before we begin, ensure that you have Azure CLI installed on your local system. If you don’t have it installed, you can download Azure CLI by clicking this link: https://aka.ms/installazurecliwindows.

To learn more about installing Azure CLI on Windows, please refer to the following link: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-cli.

Once you’ve downloaded the Azure CLI MSI file, double-click it to launch the installer. Then, follow the wizard’s instructions to complete the installation on your system.

Install Azure CLI
Install Azure CLI
  • After Azure CLI installation is completed, Open the command prompt or Powershell and run az version command to verify if it’s installed and working fine.
Install Azure CLI
Install Azure CLI

Step 2 – Authenticate with Azure using az login

To use Azure CLI and work with Azure Key Vault, you must log in and authenticate with your Azure account. You can run the az login command in your command prompt or terminal.

This will open a browser session where you can complete the authentication process by logging in with your administrator account.

Authenticate with Azure using az login
Authenticate with Azure using az login

Step 3 – Create Azure Key Vault

The next step is to create an Azure Key Vault using the az keyvault create command. If you already have an Azure Key Vault created and want to add a secret to it, you can skip this step. Make sure to replace the example values with your desired values.

Create Azure Key Vault

az keyvault create --name "newKeyVaultUKSouth01" --resource-group "UkSouthRg" --location "UKSouth"
Create Azure KeyVault
Create Azure KeyVault

Step 4 – Create a Secret in Azure Key Vault using Azure CLI

You can use the az keyvault secret command to create a secret in Azure Key Vault. Here is an example of creating an Azure Key Vault secret:

Create a Secret in Azure Key Vault using Azure CLI

az keyvault secret set --vault-name "newKeyVaultUKSouth01" --name "SqlAdmin" --value "Jhne&(nol@jdn88HHG"
Azure Keyvault secret set
Create Azure KeyVault Secret
  • You can confirm the successful creation of your secret in the Azure Key Vault by checking the Azure Portal.
Create Azure KeyVault Secret
Create Azure KeyVault Secret

Step 5 – Retrieve Secret from Azure KeyVault using Azure CLI

To retrieve secret from Azure Key Vault, you can use the az keyvault secret show command. Refer to the example below to understand how to do this.

Retrieve Secret from Azure KeyVault

az keyvault secret show --name "SqlAdmin" --vault-name "newKeyVaultUKSouth01" --query "value"
Retrieve Azure KeyVault Secret
Retrieve Azure KeyVault Secret

Read Next

Leave a Comment