Azure Server Authentication mysteriously stops functioning since last night
To debug the software, I'm using an Azure KeyVault which stores all connection strings (on a resource group specified for testing, which is a replica of the resource group for production). A user access policy is created in the KeyVaultrepresenting the…
Use API web app for DefaultAzureCredential
I created a key vault using .net and have added access policies which allows access for the api web application to create keys, secrets, and certificates. The goal would be able to create keys, secrets, and certificates through .net c# code. I tried…
What implementation from Azure Key Vault is the correct to host EV Code Signing Certificate from GlobalSign?
Hi! We need to renew our Code Signing Certificate. Now we have the OV certificate but the new it's going to be the EV type. With the new requirements to buy and hold the EV Code Signing Certificate we think the best choice is store the certificate in…
Adding Key Vault Secret to Power Automate using Managed Identities.
Good morning MS Team, I am creating an application where different Power Automate Scripts are managing the Entra ID users and app registrations using an specific App registration with high-level permissions. Right now, I have the App Registration Id and…
How to grant permission to the keyvault to fetch secrets.
I am trying to change the connection to the DB by using the keyvault -instead of hardcoding everything. I've seen then you can retrieve all of the "secrets" by generating your client (with the key vault) and then simply call the…
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
How to get Azure key/key vault region?
In cross tenant scenario, like this, how to check the key region with only key/key vault url? I want to use it in create disk encryption set, but it require in same region. And it cost a lot, take a while to create. is there any way to get the region?…
There is .pfx file on azure keyvault, I try to convert it into a byte array(Convert.FromBase64String), I am getting format exception
There is .pfx file on azure key vault, I try to convert it into a byte array(Convert.FromBase64String), I am getting below format exception PFX file containt Primary key and Certificate {"The input is not a valid Base-64 string as it contains a…
Azure Devops Pipeline failing on azure key vault
We get this error : fail: AzureSignTool.SignCommand[0] Failed to retrieve certificate *** from Azure Key Vault. Please verify the name of the certificate and the permissions to the certificate. Error message: ClientSecretCredential authentication…
cross-tenent application security concern
There is an cross tenant application, which used by customer tenant A and customer tenant B, both A and B grant permission to the Application to their own resources RA, RB. Does It possible tenant A be able access resource RB by the Application? In…
Assign RBAC "Key Vault Administrator" role to Azure App via C# (.NET SDK)
I use below C# code create KeyVault with RBAC permission model. using KeyVaultModels = Microsoft.Azure.Management.KeyVault.Models; KeyVaultModels.VaultProperties vaultProperties = new KeyVaultModels.VaultProperties() { EnableRbacAuthorization = true, …
How to connect azure Keyvault(Public Access Disabled) To Power automate cloud
Team, Please guide on how i can connect azure key vault(Public access disabled ) to Power automate flow in cloud. What i have done already> 1.Registered an application in Azure AD and assigned necessary persmissions on the keyvault. With public access…
I can't Delete my KeyVault Resource
I tried anything but i don't know what can i do to force keyvault deletion and remove this warning.
How to programally check if the user-assigned managed identity have access/permissions to the key from key vault in an other tenant?
Hi, There is two tenant A, B. tenant A have two application, 1. manageApp used by my program 2. CMEK-app using to get permisstion from tenant B by admin consent. And one user-assigned managed id configured as federated identity with the CMEK-app used…
Key Vault access while setting Networking IPS
Hi We have created a Key Vault and a secret in Azure Key Vault. We provided selected IP access in Networking while creating the vault and gave service account access to the Key Vault user. However, the service account was unable to read the secret from…
Application running in AKS gets 403 forbidden by rbac when using service principal to fetch secret in keyvault.
The service principal has key vault secrets user in the resource group where the keyvault is. The pod authenticates with az --service-principal -n [app_id] -p [secret] --tenant [tenant id] The service principal have had keyvault admin role, but with…
SSL certificate
I'm new to the subject, I would like to use an SSL certificate from another certification company within Azure so I can access a web application that I have running within an Azure VM, https://xpto.meudominio.com.br, I don't know how do and whether I can…
How to sign with azure key vault in linux?
Hello, how can I use Azure key vault to sign my JAVA code? My compilation machine is Linux, and I found that Azure sign tool seems to be only available on Windows. If my compilation machine is Linux, how can I access key vault for signing.
How to mask or hide OCP apim subscription key from being displayed in azure portal
Can we hide/mask OCP apim subscription key which is called from KeyVault to display in azure portal apim policies.
Automating the Client Secrets rotation using KeyVault or any methods before the expiry date?
I need to rotate the Client Secrets in my existing subscriptions before the expiry date. How can I achieve it for multiple subscriptions when using the suggested method ttps://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation? Can I…