How To: Configure Key Vault for a Single Gateway
Previous"Unable to find a tag containing the vault's name in the VMSS" ErrorNextNGINX Error: Upstream Sent Too Big Header While Reading Response Header from Upstream
Last updated
Last updated
When using CloudGuard WAF Gateway in Azure, deploying a VMSS requires the certificates to be hosted in a Key Vault, while a Single Gateway does not. This guide explains the steps that need to be taken in order to configure using Azure Key Vault with a CloudGuard WAF Single Gateway deployment and / or attaching it to an existing VMSS deployment.
WHAT TO DO?
Click on Identity on the left menu
Click on System Assigned tab → Turn On the Status bar.
Click Save
Click on Access Policy
Click on Create
Click Next
On Principal tab, search for the VMSS name and choose it
Click Next twice
Click Create
Click on Tags
Add a new tag → Name: vault; Value: Key Vault name
Click Apply
Choose permissions: Secret permissions → Get, List; Certificate Permissions: Get, List
