Microsoft Azure Key Vault Setup | Managed Guardian Service Documentation

Managed Guardian Service Documentation

Home Support Contact Us About

Go to your Azure Homepage ()
In the search field type App Registration, or follow this link

Add a new App and name it, to be able to identify it in the future e.g. “MGS Azure Key Vault”.

Save the Application (client) ID and Directory (tenant) ID for future usage.

Go to Certificates & secrets -> Client Secrets.

Click on New client secret, fill in the fields, create, and copy the created secret Value for future usage.

For the Name field, enter a unique identifier for your secret (for example: hedera-operator-key). You will use this secret name as the “Operator Key Vault Secret” (Secret Id) when configuring the Guardian application.
For the Value field, enter your private key in the following JSON format:
```
{ "privateKey": "YOUR_KEY" }
```
Replace YOUR_KEY with your actual Hedera private key, copied from HashPack.
Click Create to save the secret.

Go back to you Azure home page, click on Create a resource

Search for Key Vault and click Create.

Fill in the required fields and click Review + Create

From the Azure home page go to your newly created keyvault -> Access Configuration and select Vault access policy. Click Apply to save changes.

Click Go to access policies and then click Create

In the Create an access policy dialog, check marks for secret management as bellow, click next

In the Principal dialog find and select you App from step 3 (either by name or by client ID), click next.

On Application (Optional) Dialog click next, And on the Review and Create dialog click Create.