Skip to content

docs: add Azure RBAC role assignment best practice for Azure Key Vault#1688

Open
maor-klir wants to merge 4 commits into
Azure:mainfrom
maor-klir:docs/update-quick-start
Open

docs: add Azure RBAC role assignment best practice for Azure Key Vault#1688
maor-klir wants to merge 4 commits into
Azure:mainfrom
maor-klir:docs/update-quick-start

Conversation

@maor-klir

Copy link
Copy Markdown

Reason for Change:

Improves documentation and follows Microsoft's recommendation for improved security when managing an Azure Key Vault

Requirements

  • squashed commits
  • included documentation
  • added unit tests and e2e tests (if applicable).

Issue Fixed:

Please answer the following questions with yes/no:

Does this change contain code from or inspired by another project? If so, did you notify the maintainers and provide attribution?

  • yes
  • no

Notes for Reviewers:
Added documentation and code snippets

Signed-off-by: Maor Klir <maor.klir@gmail.com>
Copilot AI review requested due to automatic review settings December 8, 2025 20:05

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances the Azure Key Vault documentation by adding Microsoft's recommended Azure RBAC permission model alongside the legacy access policy approach, improving security guidance for users.

Key Changes

  • Adds Microsoft's official recommendation to use Azure RBAC instead of legacy Key Vault access policies
  • Provides complete Azure RBAC code examples for both Azure AD Applications and User-Assigned Managed Identities
  • Maintains backward compatibility by keeping legacy access policy examples with clear labels

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread docs/book/src/quick-start.md Outdated
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@maor-klir

maor-klir commented Dec 17, 2025

Copy link
Copy Markdown
Author

Hi code owners (@aramase, @enj, @stlaz),

Just a friendly ping that this PR is ready for a final review.

Thanks!

@aramase aramase left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR!

The better approach is to remove the legacy access policy commands and instead document using RBAC to access Key Vault in the quick start.

Comment thread docs/book/src/quick-start.md Outdated
Comment thread docs/book/src/quick-start.md Outdated
Removed legacy Key Vault access policy examples. Updated role description for Azure RBAC.

@maor-klir maor-klir left a comment

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for replying, I have followed your suggestions

Comment thread docs/book/src/quick-start.md Outdated
Comment thread docs/book/src/quick-start.md Outdated
@maor-klir maor-klir requested a review from aramase January 8, 2026 16:40
@maor-klir

Copy link
Copy Markdown
Author

Hi @aramase , could you please have a look?
I have made the necessary changes, thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants