使用未部署在Azure中的应用程序访问Azure Key Vault存储的机密 [英] Access Azure Key Vault stored secret using application not deployed in Azure

问题描述

我读过大多数文章，需要在Azure中部署应用程序，这样应用程序才能以编程方式访问Azure密钥保管库中存储的机密.

I've read in most articles that deploying an application in Azure is needed such that an application will be able programmatically access the secrets stored in the Azure Key Vault.

是否有一种方法可以不以天蓝色部署应用程序，并且仍然可以使用客户端ID和客户端机密或证书访问Azure Key Vault来获取机密?

Is there a way to not deploy the application in azure and have it still be able to access the Azure Key Vault to fetch the secrets either by using client id and client secret or certificates?

推荐答案

无需使用Azure运行应用程序即可使用Azure KeyVault.您的应用程序可以在本地计算机上，Intranet上的任何地方，AWS或任何您喜欢的地方运行.

There's no need to run your application in Azure for you to use Azure KeyVault. Your application can run on your local machine, somewhere on your intranet, in AWS or where-ever you like.

要访问KeyVault，您需要来自Azure Active Directory(AAD)的安全令牌，因此您确实需要在AAD目录中注册应用程序.

In order to access KeyVault, you need a security token from Azure Active Directory (AAD), so you do need to register your application within an AAD directory.

您可以在 查看全文