Monitor Key Vault Secrets Access With Azure Monitor

This blog post will show how to monitor access to Azure Key Vault secrets using Azure Monitor.

Azure Key Vault allows organisations with an active workload in Azure to store and retrieve secrets and certificates programmatically using service accounts.

Azure Monitor is Azure’s monitoring service fully integrated with Azure services and allows us to monitor performance and enable actions taken by users and accounts against resources.

This post will show how to configure Azure monitor to notify when anyone receives a secret from an Azure Key vault.

Create an Alert Rule

To create an Alert, Open Azure Monitor

Click on Alerts

Click on Alert rules

From the Alert Rules page, click on Create

From the scope section, select the resource that you would like to monitor request to the Key vault. The resource can be a subscription, resource group or a single resource.

from the Select a signal search box, search for list keys and select the service.

Continue with the wizard and set an alert type, or leave it without an alert configuration. Once an application requests a key, it will show up on the alerts page.





Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.