Versions Compared

Old Version 2

changes.mady.by.user Kevin Wu

Saved on

compared with

New Version Current

changes.mady.by.user Kevin Wu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Azure KeyVault Profile is used for setting up the access credentials and properties to be used to connect to an Azure KeyVault environment. Currently, the profile can be used in the following Profiles:

Buttons

The contents of the buttons in the button bar may change depending on which configuration type has been opened. The Azure Keyvault Profile uses the standard menu items and buttons that are visible for all configurations, and these are described in in Common Configuration Buttons. The profile uses the standard menu items and buttons that are visible for all configurations.

Setting

Description

External References

Image Removed

Image Added

Select this menu item to enable the use of External References in the Azure KeyVault profile configuration. This can be used to configure the following fields:

Secret Key

  • Key Vault Name

  • Client ID

  • Tenant ID

  • Client Secret

Certificate

  • Key Vault Name

  • Client ID

  • Tenant ID

  • Certificate Path

  • Certificate Password

For further information, see Using External Reference in Agent Profile Fields and External Reference Profile.

General Tab

Authentication Method - Secret Key

The following settings are available in the Secret Key authentication method.

Image Removed

...

Setting

Description

Authentication Method

Choose the authentication method used for this profile. The supported options are Secret Key and Certificate. Choosing one of the options will display the appropriate configuration menu for the chosen authentication method.

Key Vault Name

Enter the name of the Azure Key Vault.

Client ID

Enter the client ID (application ID) used to create the application for the Azure Active Directory that will allow the profile to access the Azure KeyVault. The ID entered here should correlate with the client ID that is used when registering the application on the Azure Active Directory.

Tenant ID

Enter the tenant ID (directory ID) linked to the Azure AD application that will be used by the profile to access the Azure KeyVault.

Client Secret

Enter the client secret provided when creating the application for the Azure Active Directory with the client ID above. The client's secret will only be visible when registering the client ID.

Test Connection

Test the connectivity to the selected Azure service using the authentication credentials provided.

Authentication Method - Certificate

The following settings are available in the Certificate authentication method.

Image Removed

Azure profile - Certificate configuration

...

Setting

Description

Authentication Method

Choose the authentication method used for this profile. The supported options are Secret Key and Certificate. Choosing one of the options will display the appropriate configuration menu for the chosen authentication method.

Key Vault Name

Enter the name of the Azure Key Vault.

Client ID

Enter the client ID (application ID) used to create the application for the Azure Active Directory that will allow the profile to access the Azure KeyVault. The ID entered here should correlate with the client ID that is used when registering the application on the Azure Active Directory.

Tenant ID

Enter the tenant ID (directory ID) linked to the Azure AD application that will be used by the profile to access the Azure KeyVault.

Certificate Type

Set the certificate format that is used by the Azure AD application. You can set it to either a PEM or PFX formatted certificate.

Certificate Path

Define the full local path of the certificate. The certificate must be stored in the same location as the EC that will be running the workflows. The certificate must be the same one used by the Azure AD application.

Certificate Password

Enter the password for the PFX certificate, where the password value can also be an empty string. Password-locked PEM certificates are not supported.

Test Connection

Test the connectivity to the selected Azure service using the authentication credentials provided.

title
Note

Note!

For the Test Connection button to work while using certificate authentication, the certificate path must point to a certificate located in the Platform. However, when running workflows, the certificate path must point to a certificate located in the EC.

Advanced Tab

...

Advanced tab

In the Advanced tab, you specify settings that correspond to the Azure Keyvault environment connection. The two optional fields are the Authority Host and API Endpoint. If left empty, the following default values will be used:

Field

Default Values

Authority Host

Enter the URL to the directory the Microsoft Authentication Library will request tokens. If left empty, the following default values will be used accordingly:

API Endpoint

Enter the API endpoint in Azure to be used for accessing and managing the services. If left empty, the following default values will be used accordingly:

Info
title

For Additional Information

To find out more about the configuration for both authority and endpoints, refer to to https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints and  and https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure.

...