Azure Key Vault

Detailed information on the Azure Key Vault cryptography component

Component format

A Dapr crypto.yaml component file has the following structure:

kind: Component
  name: azurekeyvault
  - name: vaultName
    value: mykeyvault
  # See authentication section below for all options
  - name: azureTenantId
    value: ${{AzureKeyVaultTenantId}}
  - name: azureClientId
    value: ${{AzureKeyVaultServicePrincipalClientId}}
  - name: azureClientSecret
    value: ${{AzureKeyVaultServicePrincipalClientSecret}}

Authenticating with Azure AD

The Azure Key Vault cryptography component supports authentication with Azure AD only. Before you enable this component:

  1. Read the Authenticating to Azure document.
  2. Create an Azure AD application (also called a Service Principal).
  3. Alternatively, create a managed identity for your application platform.

Spec metadata fields

Field Required Details Example
vaultName Y Azure Key Vault name "mykeyvault"
Auth metadata Y See Authenticating to Azure for more information

Last modified September 28, 2023: Jaeger otlp updates (#3771) (7ed281a)