This blog post will show how to monitor access to Azure Key Vault secrets using Azure Monitor.
Azure Key Vault allows organisations with an active workload in Azure to store and retrieve secrets and certificates programmatically using service accounts.
Azure Monitor is Azure’s monitoring service fully integrated with Azure services and allows us to monitor performance and enable actions taken by users and accounts against resources.
This post will show how to configure Azure monitor to notify when anyone receives a secret from an Azure Key vault.
Create an Alert Rule
To create an Alert, Open Azure Monitor
Click on Alerts
Click on Alert rules
From the Alert Rules page, click on Create
From the scope section, select the resource that you would like to monitor request to the Key vault. The resource can be a subscription, resource group or a single resource.
from the Select a signal search box, search for list keys and select the service.
Continue with the wizard and set an alert type, or leave it without an alert configuration. Once an application requests a key, it will show up on the alerts page.