With infrastructure, security can’t be an afterthought. It no longer works to merely check boxes haphazardly. Using keys but having them hardcoded. Working with access control but relying on the same stale passwords month over month.
Security needs to be carefully woven in with your infrastructure and apps. I’m proud to share that we’ve added an important connector to the MuleSoft ecosystem. With a deeply integrated MuleSoft connector for Azure Key Vault, developers and architects can now more easily align with the best practices in infrastructure security.
Azure Key Vault: Protect your team’s secrets
Azure Key Vault is a cloud service for storing and accessing secrets in a centralized location. A secret is anything that you want to more securely control access to: passwords, API keys, tokens, certificates, or cryptographic keys.
By centralizing secrets storage and management, Azure Key Vault strengthens your security posture by:
- Reducing the chance of accidental data leaks. E.g. Instead of storing database credentials within code as hard-coded values, developers can store credentials – and fetch – from Azure Key Vault
- Securely storing keys and secrets, with multiple options and standards to define the level of access control
- Monitoring key access with logs on when and how your secrets are being used
Many developers leverage the benefits of Azure Key Vault to simplify their application and infrastructure security. Bringing an out-of-the-box integration to Anypoint Platform will help MuleSoft customers as well.
Azure Key Vault Connector: Secure your Mule apps with less effort
We’re excited to share that the Azure Key Vault Connector for MuleSoft is live on Exchange and available to use in all your Mule apps.
The connector lets you incorporate Azure Key Vault in your Mule apps by dragging and dropping on Anypoint Platform, giving you several benefits:
- Make compliance easier with key rotation and version control for secrets. Use key and password versions in the connector to automatically rotate keys for authenticating to applications and encrypting data.
- Authenticate to connectors before deploying. Use Custom Configuration Properties Provider from MuleSoft to retrieve secrets before Runtime activation – allowing you to fetch secrets from Azure Key Vault and authenticate to connectors before your Mule app executes.
- Encrypt and decrypt messages faster. Use a built-in cryptography cache to preserve keys for a configurable duration, reducing the need for you to fetch secrets one at a time from Key Vault and saving you time.
Ways to Use the MuleSoft Connector for Azure Key Vault
Use the Custom Configuration Properties Provider from MuleSoft to fetch, store, and use global properties, including credentials, helping you store secrets more securely.
Fetch certificates from Key Vault and use the File Connector to save them into a file.
Leverage version control for secrets. By being able to assign versions to secrets, you can more effectively rotate keys every n days and meet your security requirements. And by always defaulting to the latest version, refreshing keys is a whole lot easier.
Be able to get secrets, and use them to make an HTTP request.
Encrypt a message with the Key Vault connector and send the encrypted message to Azure Service Bus with the Azure Service Bus connector.
Secure your workflows without the work
The Anypoint Connector for Azure Key Vault represents MuleSoft’s continued focus on helping you connect and secure your apps, data, and devices. Now, you can more effectively align with your security team’s best practices – without the effort.
To get started, check out the Anypoint Connector for Azure Key Vault on Exchange.