Unit 8: Retrieve Objects from Azure Key Vault

Azure Key Vault securely stores:

• Secrets.
• Keys.
• Certificates.

Secrets can be retrieved:

• Through the Azure portal.
• Using Azure CLI.
• Using PowerShell.
• Programmatically from applications.

Applications typically retrieve secrets using managed identities, ensuring credentials are never exposed.

Final Retention Summary

This module teaches that access management is not just about users, but also about applications, services, and secrets.

Key exam takeaways:

• Azure RBAC controls access using roles and scope.
• Always apply least privilege and narrow scope.
• Custom roles fill gaps left by built-in roles.
• Managed identities remove credential management.
• Key Vault protects secrets and integrates with RBAC.
• Applications should access resources securely without storing secrets.