# Advance Settings: Key Vault Store

Connecting your own key vault enhances security by providing centralized, encrypted storage for sensitive data. It simplifies compliance with regulatory requirements through robust access control and audit capabilities.

Spydra offers a Hashicorp Vault for each organization to store node-related keys, credentials, and certificates. Users can access "Advanced Settings" in the hosting tab when creating a network. Users can connect managed key vault services like Azure Key Vault or AWS Key Manager to store keys and certificates during network setup.

<figure><img src="/files/gzouhTkO0GHlCvxdJzR8" alt=""><figcaption></figcaption></figure>

However, user's will not be able to switch back to Spydra's default Hashicorp vault once your key vault is connected.

#### <mark style="color:blue;">Connecting Azure Key Vault</mark>

* Uncheck the 'Default' Spydra managed Hashicorp vault option.
* Choose Azure Key Vault as your 'External Vault Source'.

When selecting the source, if you've previously connected an Azure Key Vault, it will appear as an option. Otherwise, you'll need to connect a new Azure Key Vault

To proceed and connect your Azure Key Vault, ensure the vault details are correct:

1. **Vault Name**: Use a descriptive name for easy identification. Example- Blockchain Azure keys.
2. **Application ID**
3. **Tenant ID**
4. **Application Secret**
5. **Key Vault URL**

{% hint style="success" %}
Find details in your Azure Key Vault account by referring to [Azure's documentation](https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-net?tabs=azure-cli#setup).
{% endhint %}

#### <mark style="color:blue;">Connecting AWS Key Manager</mark>

* Uncheck the 'Default' Spydra managed Hashicorp vault option.
* Choose AWS Key Manager as your 'External Vault Source'.

When selecting the source, if you've previously connected an AWS Key Manager, it will appear as an option. Otherwise, you'll need to connect a new AWS Key Manager.

To proceed and connect your AWS Key Manager, ensure the vault details are correct:

1. **Vault Name**: Use a descriptive name for easy identification. Example- Blockchain Azure keys.
2. **AWS Access Key**
3. **AWS secret key**
4. **Region**

{% hint style="success" %}
Find details in your AWS Key Manager account by referring to [AWS Key Manager's documentation.](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html)
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.spydra.app/how-to/private-network/networks/advance-settings-key-vault-store.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.