Description
General remarks
Aim of this issue is to provide clear documentation on how to use kamus-cli when using Azure KeyVault.
Is your feature request related to a problem? Please describe.
I've spend a lot of time trying to understand why I cannot encrypt secret with kamus using Azure KeyVault. It was unclear for me how I should use kamus-cli to encypt it and I was suspecting this is an issue. The problem was with permissions in Azure, but I've spent some time trying to fix it with CLI arguments. There are parameters like --auth-tenant
, --auth-application
and --auth-resource
and it is unclear when to use them.
Describe the solution you'd like
Documentation could contain description with example on how to use kamus-cli when using Azure KeyVault. Additionally it should explain when and how to use parameters --auth-tenant
, --auth-application
and --auth-resource
.
Describe alternatives you've considered
What would also help in my case is better error message, explaining what permissions are missing on service principal for Azure KeyVault. There is separate ticket #37 which can handle that.