Set Microsoft Defender for Key Vault to the Standard tier
March 21, 2025 ยท View on GitHub
SYNOPSIS
Enable Microsoft Defender for Key Vault.
DESCRIPTION
Microsoft Defender for Key Vault provides additional protection for keys and secrets stored in Key Vaults. It does this by detecting unusual and potentially harmful attempts to access or exploit Key Vault accounts. This protection is provided by analyzing telemetry from Key Vault and Microsoft Defender for Cloud.
When anomalous activities occur, Defender for Key Vault shows alerts to relevant members of your organization. These alerts include the details of the suspicious activity and recommendations on how to investigate and remediate threats.
Microsoft Defender for Key Vault can be enabled at the subscription level for all Key Vaults in the subscription. Azure Policy can be used to automatically enable Microsoft Defender for Key Vault a subscription.
RECOMMENDATION
Consider using Microsoft Defender for Key Vault to provide additional protection to Key Vaults.
EXAMPLES
Configure with Azure template
To enable Microsoft Defender for Key Vault:
- Set the
Standardpricing tier for Microsoft Defender for Key Vault.
For example:
{
"type": "Microsoft.Security/pricings",
"apiVersion": "2024-01-01",
"name": "KeyVaults",
"properties": {
"pricingTier": "Standard"
}
}
Configure with Bicep
To enable Microsoft Defender for Key Vault:
- Set the
Standardpricing tier for Microsoft Defender for Key Vault.
For example:
resource defenderForKeyVaults 'Microsoft.Security/pricings@2024-01-01' = {
name: 'KeyVaults'
properties: {
pricingTier: 'Standard'
}
}
Configure with Azure CLI
To enable Microsoft Defender for Key Vault:
- Set the
Standardpricing tier for Microsoft Defender for Key Vault.
For example:
az security pricing create -n 'KeyVaults' --tier 'standard'
Configure with Azure PowerShell
To enable Microsoft Defender for Key Vault:
- Set the
Standardpricing tier for Microsoft Defender for Key Vault.
For example:
Set-AzSecurityPricing -Name 'KeyVaults' -PricingTier 'Standard'
LINKS
- SE:10 Monitoring and threat detection
- What is Microsoft Defender for Cloud?
- Overview of Microsoft Defender for Key Vault
- Quickstart: Enable enhanced security features
- Azure security baseline for Key Vault
- LT-1: Enable threat detection capabilities
- Azure Policy built-in policy definitions
- Azure deployment reference