Currently, our company has to add the secrets manually, one by one, in Azure Key Vault, which is a tedious process. If the tool can provide a bulk option where we can have a CSV file and upload it, after which it switches all the keys and values from the CSV file and creates the secrets all at once, it would be helpful.
I have five to ten years of experience with Azure Key Vault. I am a customer of the product.
Stability-wise, I rate the solution an eight out of ten.
Compared to all the cloud providers in the market, like AWS or GCP, I feel that Azure's stability is low. Azure has been in the news quite a lot of times for security breaches and other security-related stuff.
Scalability-wise, I rate the solution a nine out of ten.
I can't give a rating to the technical support because they have different support plans, and my company sticks to its basic support plan in which we get only community support and basic ticketing support, so you don't get to interact with the chat or any live customer executive.
As long as the IAM permissions, the roles, and other permissions are clear, the deployment process is pretty easy.
My company deploys everything through Terraform scripts. Figuring out the TerraForm scripts from scratch took around eight to twelve weeks. The deployment part takes around minutes to a maximum of an hour. The infrastructure deployment doesn't take more than a few hours, especially if the Terraform files and configurations are correct.
A maximum of two people are required to take care of the product's deployment process.
Azure Key Vault is expensive. I rate the product price a nine on a scale of one to ten, where one is low price, and ten is high price. Currently, the tool's monthly licensing costs are around 1,800 USD for all the environments combined, including the production and pre-production environments.
I know that AWS KMS and AWS Secrets Manager are similar to Azure Key Vault.
I use the tool to manage encryption keys and secrets in our application. In our company's production environment, we have some secrets and certificates that need to be accessed by the Kubernetes cluster, which is why we store those secrets in Azure Key Vault. In Kubernetes, we have a SecretProviderClass, which helps us access those keys from Azure Key Vault and then give them to our applications.
Speaking about how Azure Key Vault plays a crucial role in our company's security strategy, in Kubernetes, you have to define environment variables for the application. In my company, we have around 60 to 70 environment variables, and most of them are sensitive. In Kubernetes, you define YAML files, and you can't directly use any values in YAML files and commit them to the GitHub commit because you will basically see the text values in YAML files. Instead, we store it in Azure Key Vault and then access those keys and values as variables for our company's applications.
In terms of the benefits of cryptographic key management features, I would say that my company has used only the secret option in the tool, so we haven't checked out the keys and certificates. In my company, we just store key-value pairs for variables in Azure Key Vault.
The product's integration capabilities are good.
The tool has a pretty good firewall, which allows my company to access only private networks and certain IP addresses. Everything else is good with the product.
My company doesn't use the policies in the product since we rely on roles and role assignments.
One person is enough to take care of the maintenance of the solution.
The product helps my company comply with the industry regulations since I believe that Azure Key Vault has its own set of SLAs and compliances, which we have gone through. I think Azure has some default compliance for each and every resource, which would be enough considering that I work in a very small organization where we didn't think of going into the details related to it.
Azure is a very good platform, but it is a bit expensive. I think the price is justified because of the reduced complexity and the way it handles things, considering that Azure manages certain things better than its competitors. The tool is a bit expensive, but the management and configurations would be less expensive from the user's side.
I rate the tool a nine out of ten.