Tag: azure key vault

Some fun with Azure Key Vault REST API and HttpClient – Part 4.1

I thought I would have a new title for this article as it is not going to cover the use of HttpClient and Key Vault REST API. Spent a little bit of time thinking, I decided to let it be part of the series to show you a few funny things around Azure Key Vault certificate in a secret store. Don’t mind the version 4.1 as it’s just a number!

This article somewhat covers scenarios and biased reasons as to why you might need to store your certificates to Secret store instead of Keys or Certificates. It also shows a proof that my certificate’s password was stripped which would potentially results to security threat.

(more…)

Some fun with Azure Key Vault REST API and HttpClient – Part 4

The Part 2 in Some fun with Azure Key Vault REST API and HttpClient series provides simple guidance on how to create a new fresh secret without creating a new version of existing secret under a specified vault in Azure Key Vault. So far, what we have been using is only HttpClient with Azure Key Vault REST API.

You might ask if you can store a certificate as secret in a key vault and how to retrieve it. If so, this article is for you.

(more…)

Some fun with Azure Key Vault REST API and HttpClient – Part 3

After two articles doing some fun with Azure Key Vault REST API and HttpClient, I’ve got some requests to add more things to work with vault, for example listing all existing vaults under a given subscription, or deleting a vault.

In this article, let’s explore all the operations which you can work through Azure Key Vault REST API for Vault.

(more…)

Some fun with Azure Key Vault REST API and HttpClient – Part 2

In previous article, I demonstrated how to use HttpClient to work with Azure Key Vault REST API. With this approach, you shouldn’t worry about your programming language skills. What I meant was that you could even use Python, for instance, to make a HttpClient object and call Azure Key Vault REST API. This approach gives developers more flexibility to work with Microsoft Azure as it does not limit to the platform supportability.

You were learnt by getting started with creating a new key vault which is used to protect your key, secret or certificate. In this article, let’s take some time looking into secret in Azure Key Vault.

(more…)

Protecting your Azure virtual machine with Disk Encryption

The ultimate objective of security was to protect data from any authorized access. Confidentiality should emphasize similarly. Controlling access to virtual machine and data sometimes does not work. Through a local attack, an attacker might have your disk where data is stored. In this situation, adding an extra protection layer by encrypting your disk is always a recommended best practice.

(more…)

© 2018 The Soldier of Fortune.