My Scenario:

In my case, we are configuring the application to be available in the two regions to have high availability. During the configuration, we observed, having more number secretes in the region1 and its very difficult to move one by one to the region2 (ie., moving to key vault in another region) so though to automate this process instead manual so without more manual and error we can Copy All Secrets From One Key Vault To Another In Azure. This blog will help you to understand How To Copy Secrets From KeyVault To Another In Azure using PowerShell script.

To clone a secret between key vaults, we need to perform two steps:

  1. Retrieve/export the secret value from the source key vault.
  2. Import this value into the destination key vault.

You can also refer below link to learn how to maintain your secrets in key vault and access in YAML pipeline

Step 1: Install Azure AZ module

Use the below cmdlet to Install the Azure PowerShell module if not already installed

Step 2: Set Source and destination Key Vault name

Step 3:ย  Connect the Azure portal to access the Key Vault (non-interactive mode)

As we are doing the automation, so you can’t use Connect-AzAccount (which will make the popup to authenticate), if want to execute without any manual intervention then use az login with non-interactive mode as shown in below.

Step 4:ย  Get the all the secrets name from the source KV

Step 5: Copy Secrets From source to destination KV.

The below script will loop based on the number of key names to fetch both name of the key and its value from the source key Vault and started to set the key and value in the destination KvName.

Full code