Storing proxy credentials in Azure Key Vault - BlueCat Cloud Resolver - 1.7.2

BlueCat Cloud Resolver Administration Guide

Locale
English
Product name
BlueCat Cloud Resolver
Version
1.7.2
When configuring Cloud Resolver to retrieve the proxy credentials from an Azure Vault, you must configure the following configuration parameters:
  • CRS_VAULT_TYPE
  • CRS_VAULT_PROXY_USER_PATH
  • CRS_VAULT_PROXY_PASS_PATH

The CRS_VAULT_TYPE parameter must be set to csp to indicate that the vault service is provided by a cloud service provider.

To store your proxy credentials in Azure Key Vault, add new secrets to Key Vault where the name/value pairs correspond to the username and password of the proxy. For more information on adding secrets, refer to https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-portal#add-a-secret-to-key-vault.

Once you have created the Azure Key Vault secret, click the name of the newly created secrets that contains the proxy credentials. Use the relative values of the Secret Identifier as the CRS_VAULT_PROXY_USER_PATH and CRS_VAULT_PROXY_PASS_PATH parameter values within the Cloud Resolver configuration file.

The following is an example cloud-resolver.conf file with the configuration parameters to retrieve proxy credentials stored in Azure Key Vault:
CRS_VAULT_TYPE="csp"
CRS_VAULT_PROXY_USER_PATH="https://cloudresolver-proxy-test.vault.azure.net/secrets/proxy_username/a012345b6789c01d2ef3a45678901"
CRS_VAULT_PROXY_PASS_PATH="https://cloudresolver-proxy-test.vault.azure.net/secrets/proxy_pass/10a540a3fe2d10c987986b5432176"