Document process for adding secrets for redis and storage to keyvault with secrets-tool

terraform/README.md

@@ -133,6 +133,42 @@ module "keyvault" {
 }
 ```
 
+## Setting the Redis key in KeyVault
+Redis auth is provided by a simple key that is randomly generated by Azure. This is a simple task for `secrets-tool`.
+
+First, get the key from the portal. You can navigate to the redis cluster, and click on either "Show Keys", or "Access Keys"
+
+![Redis Keys](images/redis-keys.png)
+
+In order to set the secret, make sure you specify the keyvault that is used by the application. In dev, its simply called "keyvault", where the operator keyvault has a different name.
+
+```
+secrets-tool secrets --keyvault https://cloudzero-dev-keyvault.vault.azure.net/ create --key REDIS-PASSWORD --value "<redis key>"
+```
+You'll see output similar to the following if it was successful
+
+```
+2020-01-17 14:04:42,996 - utils.keyvault.secrets - DEBUG - Set value for key: REDIS-PASSWORD
+```
+
+## Setting the Azure Storage Key
+Azure storage is very similar to how Redis has a generated key. This generated key is what is used at the time of writing this doc.
+
+Grab the key from the "Access Keys" tab on the cloud storage bucket
+
+![Cloud Storage Keys](images/azure-storage.png)
+
+Now create the secret in KeyVault. This secret should also be in the application specific KeyVault.
+
+```
+secrets-tool secrets --keyvault https://cloudzero-dev-keyvault.vault.azure.net/ create --key AZURE-STORAGE-KEY --value "<storage key>"
+```
+You'll see output similar to the following if it was successful
+
+```
+2020-01-17 14:14:59,426 - utils.keyvault.secrets - DEBUG - Set value for key: AZURE-STORAGE-KEY
+```
+
 # Shutting down and environment
 To shutdown and remove an environment completely as to not incur any costs you would need to run a `terraform destroy`.