We often need to share database connection strings, system account passwords and whatnot with our team members. People typically put the secret in a DRM’d email, but that’s not secure enough and you can’t copy and paste them. There’s a better way with Azure Key Vault and Azure Key Vault Explorer.
Here’s how to get it all setup.
Go to the Azure Portal and create an Azure Key Vault
I tried adding a security group here, but it appears that this only works if you add each user individually.
1. Go to the newly created vault and select “Access Control (IAM)” and then click the Add button.
2. Select “Key Vault Contributor” role
3. Add a User and click OK
Repeat that for every team member you want to have access to your secrets.
You could manage your secrets via the portal, but I’ve found that the Azure Key Vault Explorer requires less clicks to get to the secrets. I’m a fan of less clicks.
In Vault Explorer, select “Pick vault from Subscription”
Sign in, select your subscription and select your vault and click OK.
1. Click on Add -> Secret
2. Enter your secret info and click OK
You, and all the people you gave permissions to, will now be able to view the secret.