Using key vault to customize the encryption keys at rest for Azure Database PostgreSQL imply any cost on for encrypt/decrypt operations?
Hi, Based on the pricing for Key Vault, encryption/decryption operations via API are charged. My question is, does this also imply cost for PostgreSQL DBaaS using custom encryption keys stored in Azure Key Vault or the cost for encrypting/decrypting…
ClientCertificateCredential authentication failed: AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.
I am trying to authenticate locally without client_secret to another app deployed in azure. I have uploaded a certificate which is also present in the keyvault to app registration. Here is the error i see ClientCertificateCredential authentication…
Integrating Ajure Key Vault RBAC with Ajure DevOps
The specified Azure service connection needs to have "Get, List" secret management permissions on the selected key vault. Click "Authorize" to enable Azure Pipelines to set these permissions or maJust in time To link an Azure key…
[bug-keyvault-networking] - Keyvault networking not working properly
Steps to reproduce the bug: 1.Create Keyvault with default option 2.Add public ip in "Allow public access from specific virtual networks and IP addresses" & also add virtual network and apply. refresh the page 2-3 times , azure…
Microsoft Sales hub for partners t
Hello, I am looking for a Microsoft Sales hub for partners to access powerpoint presentations for customers, as Azure Key Vault, and other Microsoft/Azure services, boiler plate information, competitive matrix, reference architecture etc.
How to connect different Azure Id with Visual Studio 2022 Id
Can other people connect and use it with one ID(Tenant ID or Subscription ID, ...)? ( For Test Purpose ) If so, how can this be done? Thank you.
Web App add key vault certificate access error while identity has Key Vault Secrets User permission
I have an Azure App Service with custom domain. The certificate for this custom domain is stored in Key Vault. The web app has set it's identity on and has "Key Vault Secrets User" permission on the key vault. This key vault access…
Issue deploying using Azure CLI with client secret authentication in an Azure DevOps YAML file
We are having issues deploying a BICEP template with Azure CLI in our CI/CD pipeline using a client secret authentication method. The previous key had expired, so we cycled the client secret, added it to the Key Vault for our test environment, and…
Adding Key Vault Secret to Power Automate using Managed Identities.
Good morning MS Team, I am creating an application where different Power Automate Scripts are managing the Entra ID users and app registrations using an specific App registration with high-level permissions. Right now, I have the App Registration Id and…
Token-based login to SQL DB fails from App Service, works fine locally.
Using an Azure access token to connect to SQL DB works fine when running locally under Visual Studio. Deploying the web app to Azure App Service is fine. The deployed web app is unable to connect to the SQL DB: System.Data.SqlClient.SqlException…
cross-tenent application security concern
There is an cross tenant application, which used by customer tenant A and customer tenant B, both A and B grant permission to the Application to their own resources RA, RB. Does It possible tenant A be able access resource RB by the Application? In…
What other advantages does using Azure Key Vault have over on-prem?
For four months I've been developing a proof-of-concept console app, which uses Azure Key Vault for storing secrets. I've got it working fine. I also like the fact that Key Vault can be used for other things, such as keys and certificates. I believe that…
What implementation from Azure Key Vault is the correct to host EV Code Signing Certificate from GlobalSign?
Hi! We need to renew our Code Signing Certificate. Now we have the OV certificate but the new it's going to be the EV type. With the new requirements to buy and hold the EV Code Signing Certificate we think the best choice is store the certificate in…
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
How to get Azure key/key vault region?
In cross tenant scenario, like this, how to check the key region with only key/key vault url? I want to use it in create disk encryption set, but it require in same region. And it cost a lot, take a while to create. is there any way to get the region?…
Azure Devops Pipeline failing on azure key vault
We get this error : fail: AzureSignTool.SignCommand[0] Failed to retrieve certificate *** from Azure Key Vault. Please verify the name of the certificate and the permissions to the certificate. Error message: ClientSecretCredential authentication…
How to programally check if the user-assigned managed identity have access/permissions to the key from key vault in an other tenant?
Hi, There is two tenant A, B. tenant A have two application, 1. manageApp used by my program 2. CMEK-app using to get permisstion from tenant B by admin consent. And one user-assigned managed id configured as federated identity with the CMEK-app used…
Application running in AKS gets 403 forbidden by rbac when using service principal to fetch secret in keyvault.
The service principal has key vault secrets user in the resource group where the keyvault is. The pod authenticates with az --service-principal -n [app_id] -p [secret] --tenant [tenant id] The service principal have had keyvault admin role, but with…
How to export the secrets details in keyvaults using azure resource graph query?
How to export the secrets details in keyvaults using azure resource graph query
how to understand azure key vault access policy?
hi friend, i have create a service principal, a azure key vault, a secret scope called A and B under AKV . now i have grant get/list...permission to that service principal through access principal. it's mean that service principal can access both…