The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective.
I am the owner but got "The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective. " when trying to create a certificate
Azure Key Vault HSM Key Attestation for Code Signing Certificate
Hello, I recently had to renew my previous code signing certificate and now they are only available on physical tokens. I have the certificate on a YubiKey 5 NFC FIPS, and since I cannot have it on more than one YubiKey at a time I was having a look at…
Azure Key Vault VM Extensions Version 3.0 not deploying KeyExportable: true or Accounts: Network Service
I am setting keyExportable to a certificate in Azure Key Vault VM extensions and it is not getting set to exportable on the test VM following a successful deployment. Any help would be greatly appreciated. I am using version 3.0 to mark the private key…
Replacing System.Security.Cryptography.Xml.SignedXml with Azure Keyvault Sign API
We have a service that signs an XML document using System.Security.Cryptography.Xml.SignedXml and a X509Certificate2. We use the following signature method Signature.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256U. We wan't to change the signing…
Can't access to "Get my Verified ID" in https://myaccount.microsoft.com/
Good morning, I am following the guide: https://learn.microsoft.com/en-us/entra/verified-id/verifiable-credentials-configure-tenant-quick, and fulfilling all the requirements, I can't access to “Get my Verified ID”. It should be noted that I am using a…
Failed to save the status of AppGW when creating a https protocol listener with a cert generated in Key vault
When I am trying to add a listener for https incoming traffic with a cert I generated in the key vault which is self-signed. The Application Gateway status cannot be saved successfully no matter I associate it with a public frontend IP address or a…
Unable to load secrets when creating a linked service using Synapse
Hello - I have this setup and but I am facing some issues: Created a key Vault Public access disabled Created private endpoint for the key vault Create Private DNS records/Zones and link so all is working and I can see them I created secrets for Oracle…
![](https://techprofile.blob.core.windows.net/images/Ui4mhP2_BgAAAAAAAAAAAA.png?8DBD40)
How to fix the VM's issue during the boot. failing with the key vault secret saying does not exists
After the Crowdstrike impact downtime, the VM is not booting up. During the booting process the VM is throwing up with an error message "The resource operation completed with terminal provisioning state failed., "keyVaultSecretDOestNotExist, …
How a connection can get client secret value from GetSecret Action?
I am creating a Logic App and have a 'GetSecret' action to retrieve a secret from Azure Key Vault. In the next step, I need to create a connection to another tenant using a service principal, which requires the client secret obtained from the previous…
![](https://techprofile.blob.core.windows.net/images/rnwqhQqer0-oefliFOISMA.png?8DC41C)
data factory managed identity is not being identified as a trusted service by keyvault
We have an issue with an ADF pipeline, when attempting to reach a secret from a KV in the same RG, the connection fails with the following error: "Client address is not authorized, and caller is not a trusted service" The setup is made…
azure key vault value
Is it possible to have a | in a secret in your key vault? I can't find info on this and when I tested it out the value seems to be stopped at the |. So my example would be I have value of: 123|abc after saving the secret and hitting the "show…
Issues Connecting to Azure Key Vault Data Plane on Mac with Azure VPN Client
Hello everyone, I am experiencing an issue with accessing my Azure Key Vault on my Mac. The error message I receive is: The connection to data plane failed. Please refresh and try again. If Private Links are enabled on the vault and the issue persists…
Can We Bring Our Own Key to Access Azure AI Services Instead of Using the Microsoft Default Key?
Hi everyone, I'm looking into using Azure AI services for our projects, and I have a question regarding encryption keys. Is it possible to bring our own key and use it to access the Azure AI services instead of using the default key provided by…
Is it possible to resolve Azure KeyVault public DNS records with Private IP without creating a virtual link to a peered VNet?
I have created a private endpoint for my Azure KeyVault with a private DNS zone and linked it to my subnet. There is a VNet which is peered to the VNet of the KeyVault, and the two VNets can communicate using private IPs. However, the peer VNet cannot…
Secured Vault in SQL Server: to store Salt value
Scope : data anonymization on the fly i.e. create views on top of the physical table and keep the anonymized views in a separate schema. One of the key technique is to tokenize the key identifiers for cross schema correlation. Idea is to tokenize the…
Replacing System.Security.Cryptography.Xml.SignedXml with Azure Keyvault Sign API
We have a service that signs an XML document using System.Security.Cryptography.Xml.SignedXml and a X509Certificate2. We use the following signature method Signature.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256U. We wan't to change the signing…
how to import only the public side of an RSA key
We have data to be exported via Azure Blob Storage that we want to encrypt with the recipent's RSA public key. However, the only way I can find to import a public key (without the private key) to is as a Key Vault Secret. Unfortunately, secrets don't…
What is the cause of the following error - "getting assigned identities for pod <namespace>/<pod_name> in CREATED state failed after 20 attempts, retry duration [5]s" , while connecting to IMDS endpoint from a pod in AKS.
I am trying to connect to Azure Key vault via user assigned managed identity from a pod of AKS. I have provided the necessary RBAC role to the identity. I have created Azure Identity and Azure Identity Binding. I have updated my deployment with…
VNet integrated flex consumption app unable to connect to KeyVault via service endpoint
Hi, I have a question about vnet integrated flex function apps and accessing other resources privately using service endpoints Situation: I have Flex consumption app successfully deployed and vnet integrated so all outbound traffic is via the virtual…
![](https://techprofile.blob.core.windows.net/images/lvNaBJBqh0eurOu4q2bQSQ.png?8DA4E8)
"Authority Key Identifier Extension is malformed" when importing CA-signed certificate to Azure Key Vault
When I try to import a CA-signed certificate to Azure Key Vault in both .pfx or .pem format, I'm getting the following error: CODE BadParameter MESSAGE The specified X.509 certificate content is invalid. Error: x.509 authority key identifier extension…