A Dapr crypto.yaml
component file has the following structure:
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: azurekeyvault
spec:
type: crypto.azure.keyvault
metadata:
- name: vaultName
value: mykeyvault
# See authentication section below for all options
- name: azureTenantId
value: ${{AzureKeyVaultTenantId}}
- name: azureClientId
value: ${{AzureKeyVaultServicePrincipalClientId}}
- name: azureClientSecret
value: ${{AzureKeyVaultServicePrincipalClientSecret}}
The Azure Key Vault cryptography component supports authentication with Microsoft Entra ID only. Before you enable this component:
Field | Required | Details | Example |
---|---|---|---|
vaultName | Y | Azure Key Vault name | "mykeyvault" |
Auth metadata | Y | See Authenticating to Azure for more information |