I used the following powershell commands to create an Azure Key Vault:
//https://learn.microsoft.com/en-us/azure/key-vault/key-vault-get-started
Login-AzureRmAccount –Environment (Get-AzureRmEnvironment –Name AzureCloud)
set-azureRMContext -SubscriptionId ( Get-AzureRmSubscription -SubscriptionName "Visual Studio Enterprise").SubscriptionId
// Register-AzureRmResourceProvider -ProviderNamespace "Microsoft.KeyVault" (if error occurs in subscription)
New-AzureRmResourceGroup –Name "VaVaultRG" –Location 'SouthCentralUS'
New-AzureRmKeyVault -VaultName "VaVault" -ResourceGroupName "VaVaultRG" -Location 'SouthCentralUS'
The instructions here tell me how to link a web application to KeyVault. This leverages (both? ... either??) Azure AD B2C / B2B
- How can I make my associate my KeyVault with a specific directory?
A Key Vault is associated with the Azure AD associated in the subscription where it was created by default. If you want to switch the Azure AD tenant, you can find guidelines here: https://learn.microsoft.com/en-us/azure/key-vault/key-vault-subscription-move-fix
The example PowerShell script there:
Here the TenantId is switched to the one which is currently active.
(Get-AzureRmContext).Tenant.TenantId
returns the GUID for the tenant.