Only allow encryption access for key in Azure Key Vault with Azure RBAC enabled-CodePudding

Home > database > Only allow encryption access for key in Azure Key Vault with Azure RBAC enabled

Only allow encryption access for key in Azure Key Vault with Azure RBAC enabled

Time：01-18

I have an Azure Key Vault with Azure RBAC enabled. I have a key in that vault that I use for encryption and decryption. I would like to only allow admins to use the key to decrypt data. Regular users should only be able to encrypt data using the key. Is that possible? None of the roles listed seem to do what I want.

CodePudding user response：

You could make custom roles that contain the dataActions that you want for both cases. You can find available actions here: https://learn.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations#microsoftkeyvault.

You can see definitions for built-in roles here: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#key-vault-certificates-officer.

Instructions how to make a custom role: https://learn.microsoft.com/en-us/azure/role-based-access-control/custom-roles

Page link：https//www.codepudding.com/database/675517.html

Prev:How do I get the file name that triggered a Azure Function Blob Trigger

Next:Is there a way to get sensor data from IoT central a MySQL database?

Tags：

azureencryptionazure-keyvaultazure-rbac

Related

Links：
CodePudding