Key Vault – Azure’s key and secret management service.
Azure Key Vault is a cloud service for securely storing and accessing secrets, encryption keys, and certificates. It provides centralized key storage, automated certificate management, and hardware security module (HSM) backing. Key Vault features automatic key rotation, access logging, and RBAC integration with Azure Active Directory. The service includes backup and restore capabilities for secrets and keys, soft-delete and purge protection for accidental deletions, and private endpoint support for secure access. It enables secure secret injection into Azure services and applications, supports both software and HSM-protected keys, and provides monitoring through Azure Monitor.
