如何在Key Vault中审核秘密密钥访问 [英] How to audit Secret key access in Key Vault

问题描述

我们正在使用Azure Key Vault保留我们的应用程序密码.所有用户名和密码都存储在Key Vault的Secret中.我该如何审核谁已登录机密"以检索密码?

We are using Azure Key Vault to keep our application password. All usernames and passwords are stored in the Secret at Key Vault. How can I audit who had checked in to the Secret to retrieve the password?

推荐答案

使用此powershell命令启用Azure密钥保管库的审核日志，以便您可以获取所需的日志:

Use this powershell command to enable audit logs for Azure key vault , so that you can get logs you need :

$kv = Get-AzKeyVault -VaultName "<your key vault name>"
$sa = New-AzStorageAccount -ResourceGroupName $kv.ResourceGroupName -Name ('keyvaultlogs4' + $kv.VaultName) -Type Standard_LRS -Location $kv.Location

Set-AzDiagnosticSetting -ResourceId $kv.ResourceId -StorageAccountId $sa.Id -Enabled $true -Category AuditEvent

审核日志将以blob的形式写入名为 insights-logs-auditevent 的存储容器中，您可以直接从中读取审核日志:

Audit logs will be written into your storage container named insights-logs-auditevent as a blob, you can read audit logs from it directly:

请注意，运行此命令后，大约需要20分钟才能开始将日志写入存储帐户.

日志如下所示:

有关详细信息，请参见此官方文档.

For details see this official doc.

这篇关于如何在Key Vault中审核秘密密钥访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！