You Azure user must have "Encrypt" and "Decrypt" Access Policy for the key.
KEY_VAULT_NAME="PASTE-YOUR-KEY-VAULT-NAME-HERE" KEY_NAME="PASTE-YOUR-KEY-NAME-HERE" KV=$(az keyvault key show --name $KEY_NAME --vault-name $KEY_VAULT_NAME | jq -r ".key.kid") sops --encrypt --azure-kv $KV file-decrypted > file-encrypted sops --decrypt file-encrypted
https://github.com/mozilla/sops
Last updated 3 years ago