You want to deploy resources using ARM template. You need to make sure that IT operators who are responsible for deployments won't have access to the Azure Key Vault secrets directly. How will you achieve this?
Experience Level: Senior
Tags: Azure CloudAzure Key Vault
Answer
From Access policies in Key Vault, enable access to the Azure Resource Manager for template deployment.
Then assign the IT operators a custom role that includes the Microsoft.KeyVault/Vaults/Deploy/Action permission.
This will follow the principle of least privilege.
Related Azure Cloud job interview questions
According to Microsoft Cloud Adoption Framework (CAF), what are the three specific terms related to Management phaze that can help improve conversations among business stakeholders?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are 6 key steps for establishing a management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat is management baseline according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorWhat are the 5 disciplines of cloud governance according to Microsoft Cloud Adoption Framework (CAF)?
Microsoft Cloud Adoption Framework (CAF) JuniorIs Cloud Security Posture Management (CSPM) available for all Azure Subscriptions?
Microsoft Defender Junior