This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 12%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPE%3C/text%3E%3C/svg%3E)
I'm creating a solution template (potentially azure managed application) which has a keyvault. I would like to add the access policy for the user who deploys the resource so that secrets can be viewed by the user creating the deployment without manually adding afterwards. However, I cannot see a way to get this from the createUiDefinition file. There is a UI controls for ServicePrincipalSelector and ManagedIdentitySelector but neither can select users. However, the Key Vault resource does provide support for this. Is it possible in the createUiDefinition? Alternatively, I would be happy to just access the objectId from the user if that were available somewhere in the ARM template (i.e. output from az ad signed-in-user show | jq .id)? Does anyone have any suggestions?
Thanks, Paul
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
@Paul Edwards Thanks for your question. I am checking with product team and will provide a response soon.