快速入门:使用 Azure 门户在 Azure Key Vault 中设置和检索密钥Quickstart: Set and retrieve a key from Azure Key Vault using the Azure portal

Azure Key Vault 是一项云服务,它为机密提供了安全的存储。Azure Key Vault is a cloud service that provides a secure store for secrets. 可以安全地存储密钥、密码、证书和其他机密。You can securely store keys, passwords, certificates, and other secrets. 可以通过 Azure 门户创建和管理 Azure Key Vault。Azure key vaults may be created and managed through the Azure portal. 在本快速入门中,你将创建一个密钥保管库并使用它来存储密钥。In this quickstart, you create a key vault, then use it to store a key. 有关 Key Vault 的详细信息,请参阅概述For more information on Key Vault, review the Overview.

如果没有 Azure 订阅,可在开始前创建一个试用帐户If you don't have an Azure subscription, create a trial account before you begin.

登录 AzureSign in to Azure

通过 https://portal.azure.cn 登录到 Azure 门户。Sign in to the Azure portal at https://portal.azure.cn.

创建保管库Create a vault

  1. 在 Azure 门户菜单或“主页”中,选择“创建资源” 。From the Azure portal menu, or from the Home page, select Create a resource.
  2. 在“搜索”框中输入“Key Vault” 。In the Search box, enter Key Vault.
  3. 从结果列表中选择“Key Vault” 。From the results list, choose Key Vault.
  4. 在“Key Vault”部分,选择“创建” 。On the Key Vault section, choose Create.
  5. 在“创建密钥保管库”部分,提供以下信息: On the Create key vault section provide the following information:
    • 名称:必须提供唯一的名称。Name: A unique name is required. 在本快速入门中,我们使用 Example-Vault 。For this quickstart, we use Example-Vault.
    • 订阅:选择订阅。Subscription: Choose a subscription.
    • 在“资源组” 下选择“新建” ,然后输入资源组名称。Under Resource Group, choose Create new and enter a resource group name.
    • 在“位置”下拉菜单中选择一个位置。 In the Location pull-down menu, choose a location.
    • 让其他选项保留默认值。Leave the other options to their defaults.
  6. 提供上述信息后,选择“创建” 。After providing the information above, select Create.

请记下下面列出的两个属性:Take note of the two properties listed below:

  • 保管库名称:在示例中,此项为 Example-Vault 。Vault Name: In the example, this is Example-Vault. 将在其他步骤中使用此名称。You will use this name for other steps.
  • 保管库 URI:在本示例中,此项为 https://example-vault.vault.azure.cn/Vault URI: In the example, this is https://example-vault.vault.azure.cn/. 通过其 REST API 使用保管库的应用程序必须使用此 URI。Applications that use your vault through its REST API must use this URI.

目前,只有你的 Azure 帐户有权对这个新保管库执行操作。At this point, your Azure account is the only one authorized to perform operations on this new vault.

Key Vault 创建完成后的输出

向密钥保管库中添加密钥Add a key to Key Vault

只需再执行几个步骤便可向保管库中添加密钥。To add a key to the vault, you just need to take a couple of additional steps. 在此示例中,我们添加可供应用程序使用的密钥。In this case, we add a key that could be used by an application. 此密钥称为 ExampleKey 。The key is called ExampleKey.

  1. 在密钥保管库属性页中,选择“密钥” 。On the Key Vault properties pages, select Keys.
  2. 单击“生成/导入” 。Click on Generate/Import.
  3. 在“创建密钥” 屏幕上,选择以下值:On the Create a key screen choose the following values:
    • 选项:生成。Options: Generate.
    • 名称:ExampleKey。Name: ExampleKey.
    • 让其他值保留默认设置。Leave the other values to their defaults. 单击创建Click Create.

收到密钥已成功创建的消息后,即可单击列表中的该密钥,Once that you receive the message that the key has been successfully created, you may click on it on the list. 然后就可以看到某些属性。You can then see some of the properties. 如果单击当前版本,则可看到在上一步指定的值。If you click on the current version, you can see the value you specified in the previous step.

密钥属性

清理资源Clean up resources

其他 Key Vault 快速入门和教程是在本快速入门的基础上制作的。Other Key Vault quickstarts and tutorials build upon this quickstart. 如果打算继续使用后续的快速入门和教程,则可能需要保留这些资源。If you plan to continue on to work with subsequent quickstarts and tutorials, you may wish to leave these resources in place. 如果不再需要资源组,可以将其删除,这将删除 Key Vault 和相关的资源。When no longer needed, delete the resource group, which deletes the Key Vault and related resources. 要通过门户删除资源组,请执行以下操作:To delete the resource group through the portal:

  1. 在门户顶部的“搜索”框中输入资源组的名称。Enter the name of your resource group in the Search box at the top of the portal. 在搜索结果中看到在本快速入门中使用的资源组后,将其选中。When you see the resource group used in this quickstart in the search results, select it.
  2. 选择“删除资源组” 。Select Delete resource group.
  3. 在“键入资源组名称:”框中,键入资源组的名称,然后选择“删除” 。In the TYPE THE RESOURCE GROUP NAME: box type in the name of the resource group and select Delete.

后续步骤Next steps

在本快速入门中,你创建了一个密钥保管库并在其中存储了一个密钥。In this quickstart, you created a Key Vault and stored a key in it. 若要详细了解 Key Vault 以及如何将其与应用程序集成,请继续阅读以下文章。To learn more about Key Vault and how to integrate it with your applications, continue on to the articles below.