Add a Cloud Keystore to Azure Key Vault¶
Before you begin¶
- You need to add a cloud provider first. If you still need to do this, see the following integration guide Configure Azure Key Vault connection.
- Sign in to Venafi Control Plane.
- Click Installations > Cloud Keystores.
- Click New and select Azure.
- Enter a Name for the new cloud keystore.
- Select an Owning Team. If you need to create a new team, see create a new team.
-
Select an Authorized Team.
Note
- Owning Team - The Owning Team is responsible for the administration, management, and control of a designated cloud provider, with the authority to update, modify, and delete cloud provider resources.
- Authorized Team - The Authorize Team is granted permission to use specific resources of a cloud provider. Although team members can perform tasks like creating a keystore, their permissions may be limited regarding broader modifications to the provider's configuration. Unlike the Owning Team, users may not have the authority to update and delete Cloud Providers.
-
Select an Azure Cloud Provider.
- Select a Subscription Name.
- Select an Azure Key Vault Name.
- (Optional) To begin discovery once the keystore is created, an option to discover certificates on your keystore, select the toggle switches to turn on
"Start discovery immediately" and "Include expired certificates". After creating the keystore, refer to Set up AKV Discovery Schedule to create your schedule. - Click Save. At this point you should see your saved new cloud keystore in the Cloud Keystore list.
- (Optional) If you didn't start discovery when creating the keystore in the above step, click the Discover Now button. You will notice a message in the top right of the pane indicating "Discovery Status: Running". Your results will begin to populate in the same pane.