WIll there be an On-Premise version of the Azure Key Vault? RRS feed

  • Question

  • Will there be an option some time in the future to run the Azure Key Vault on premise, like an installable piece of software?

    Some customer segments will want to run and secure their own Key Vault infrastructure.  Without an on-premise solution, it would be difficult to build an eco-system of applications that could use the Azure Key Vault APIs, etc.

    Longer term, some organizations may be more comfortable using cloud-based Key vaults, but it may take some time.  If they don't use the APIs, when they do become 'more comfortable', they will go through a painful dev and retest process. 

    I think there were some discussions about shimming in a service provider for CAPI to point to Azure Key Vault, but you've said it's a lower priority.

    I am familiar with CAPI, MS CNG, PKCS11 and HSM integration.

    Any chance of making it happen? :)  The Microsoft API seems neater, as it abstracts or hides a lot of the HSM load-balancing, slot/key handle addressing, etc.  I still haven't 'solved' the P11 parity problem for .Net / Windows integrations.

    I know that there was a cloud-first, on premise feature parity statement made a while ago.

    Azure Stack is out in beta for folks to run Azure on-premise.

    • Edited by jf888 Monday, March 14, 2016 12:58 PM fix typo
    Monday, March 14, 2016 12:57 PM

All replies

  • Any chance to get an answer to this question here?
    Wednesday, November 14, 2018 8:27 AM
  • I'm a Product manager on the Enterprise and Security team at Microsoft, and we'd like to talk to customers who are interested in this. Please reply privately to me. thanks, Deepak
    Tuesday, December 3, 2019 3:47 AM