Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,194 questions
3 answers
The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective.
I am the owner but got "The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective. " when trying to create a certificate
asked 2024-06-08T23:33:02.3266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 47%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAW%3C/text%3E%3C/svg%3E)
Alan W Zhang
0
Reputation points
answered 2024-07-27T15:49:22.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 82%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPJ%3C/text%3E%3C/svg%3E)
Purushottam J
0
Reputation points
2 answers
Azure Key Vault HSM Key Attestation for Code Signing Certificate
Hello, I recently had to renew my previous code signing certificate and now they are only available on physical tokens. I have the certificate on a YubiKey 5 NFC FIPS, and since I cannot have it on more than one YubiKey at a time I was having a look at…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 1%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 81%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
0 answers
Azure Key Vault VM Extensions Version 3.0 not deploying KeyExportable: true or Accounts: Network Service
I am setting keyExportable to a certificate in Azure Key Vault VM extensions and it is not getting set to exportable on the test VM following a successful deployment. Any help would be greatly appreciated. I am using version 3.0 to mark the private key…
asked 2024-07-26T23:01:04.76+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 10%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
AJ Valenty
0
Reputation points Microsoft Employee
asked 2024-07-26T23:01:04.76+00:00
AJ Valenty
0
Reputation points Microsoft Employee
0 answers
Replacing System.Security.Cryptography.Xml.SignedXml with Azure Keyvault Sign API
We have a service that signs an XML document using System.Security.Cryptography.Xml.SignedXml and a X509Certificate2. We use the following signature method Signature.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256U. We wan't to change the signing…
asked 2024-07-18T14:38:33.33+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 27%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sylvain Bouchard
0
Reputation points
commented 2024-07-26T08:45:04.6733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
6,845
Reputation points Microsoft Vendor
1 answer
Can't access to "Get my Verified ID" in https://myaccount.microsoft.com/
Good morning, I am following the guide: https://learn.microsoft.com/en-us/entra/verified-id/verifiable-credentials-configure-tenant-quick, and fulfilling all the requirements, I can't access to “Get my Verified ID”. It should be noted that I am using a…
asked 2024-07-25T11:31:15.85+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 4%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
MOD Administrator
0
Reputation points
commented 2024-07-26T07:26:38.24+00:00
MOD Administrator
0
Reputation points
0 answers
Failed to save the status of AppGW when creating a https protocol listener with a cert generated in Key vault
When I am trying to add a listener for https incoming traffic with a cert I generated in the key vault which is self-signed. The Application Gateway status cannot be saved successfully no matter I associate it with a public frontend IP address or a…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 62%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EY%3C/text%3E%3C/svg%3E)
1 answer
Unable to load secrets when creating a linked service using Synapse
Hello - I have this setup and but I am facing some issues: Created a key Vault Public access disabled Created private endpoint for the key vault Create Private DNS records/Zones and link so all is working and I can see them I created secrets for Oracle…
asked 2024-07-25T13:03:57.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 46%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Xhevahir Mehalla
0
Reputation points
answered 2024-07-25T20:03:59.3+00:00
Luis Arias
6,136
Reputation points
1 answer
How to fix the VM's issue during the boot. failing with the key vault secret saying does not exists
After the Crowdstrike impact downtime, the VM is not booting up. During the booting process the VM is throwing up with an error message "The resource operation completed with terminal provisioning state failed., "keyVaultSecretDOestNotExist, …
asked 2024-07-23T16:18:00.6833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 31%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
Althaf Hussain Shaik
0
Reputation points
edited an answer 2024-07-24T22:26:47.4733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT
36,411
Reputation points Microsoft Employee
1 answer
How a connection can get client secret value from GetSecret Action?
I am creating a Logic App and have a 'GetSecret' action to retrieve a secret from Azure Key Vault. In the next step, I need to create a connection to another tenant using a service principal, which requires the client secret obtained from the previous…
asked 2024-07-22T19:57:09.8933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 80%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Merin Mary
0
Reputation points
commented 2024-07-24T19:43:24.5866667+00:00
Azar
22,510
Reputation points MVP
1 answer
data factory managed identity is not being identified as a trusted service by keyvault
We have an issue with an ADF pipeline, when attempting to reach a secret from a KV in the same RG, the connection fails with the following error: "Client address is not authorized, and caller is not a trusted service" The setup is made…
asked 2024-07-23T21:23:39.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 10%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Reyes Monsalve, Ruben Dario
26
Reputation points
commented 2024-07-24T19:13:33.1366667+00:00
Reyes Monsalve, Ruben Dario
26
Reputation points
1 answer
One of the answers was accepted by the question author.
azure key vault value
Is it possible to have a | in a secret in your key vault? I can't find info on this and when I tested it out the value seems to be stopped at the |. So my example would be I have value of: 123|abc after saving the secret and hitting the "show…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 26%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJY%3C/text%3E%3C/svg%3E)
2 answers
Issues Connecting to Azure Key Vault Data Plane on Mac with Azure VPN Client
Hello everyone, I am experiencing an issue with accessing my Azure Key Vault on my Mac. The error message I receive is: The connection to data plane failed. Please refresh and try again. If Private Links are enabled on the vault and the issue persists…
asked 2024-07-17T13:03:49.3133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 53%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Shon Pazarker
0
Reputation points Microsoft Employee
commented 2024-07-24T10:09:15.09+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Akhilesh
7,235
Reputation points Microsoft Vendor
2 answers
Can We Bring Our Own Key to Access Azure AI Services Instead of Using the Microsoft Default Key?
Hi everyone, I'm looking into using Azure AI services for our projects, and I have a question regarding encryption keys. Is it possible to bring our own key and use it to access the Azure AI services instead of using the default key provided by…
asked 2024-07-19T15:12:09.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 79%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENK%3C/text%3E%3C/svg%3E)
Niket Kumar Singh
300
Reputation points
edited a comment 2024-07-23T19:59:52.63+00:00
Niket Kumar Singh
300
Reputation points
1 answer
Is it possible to resolve Azure KeyVault public DNS records with Private IP without creating a virtual link to a peered VNet?
I have created a private endpoint for my Azure KeyVault with a private DNS zone and linked it to my subnet. There is a VNet which is peered to the VNet of the KeyVault, and the two VNets can communicate using private IPs. However, the peer VNet cannot…
asked 2024-07-22T15:11:59.98+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 2%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Gerald Prendi
0
Reputation points
commented 2024-07-23T08:04:25.93+00:00
Gerald Prendi
0
Reputation points
0 answers
Secured Vault in SQL Server: to store Salt value
Scope : data anonymization on the fly i.e. create views on top of the physical table and keep the anonymized views in a separate schema. One of the key technique is to tokenize the key identifiers for cross schema correlation. Idea is to tokenize the…
asked 2024-07-18T05:26:18.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 52%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Aravindhan Ravichandran
20
Reputation points
commented 2024-07-23T02:41:28.0866667+00:00
Aravindhan Ravichandran
20
Reputation points
0 answers
Replacing System.Security.Cryptography.Xml.SignedXml with Azure Keyvault Sign API
We have a service that signs an XML document using System.Security.Cryptography.Xml.SignedXml and a X509Certificate2. We use the following signature method Signature.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256U. We wan't to change the signing…
asked 2024-07-22T14:08:18.3833333+00:00
Sylvain Bouchard
0
Reputation points
commented 2024-07-23T00:19:49.7666667+00:00
Marilee Turscak-MSFT
36,411
Reputation points Microsoft Employee
1 answer
how to import only the public side of an RSA key
We have data to be exported via Azure Blob Storage that we want to encrypt with the recipent's RSA public key. However, the only way I can find to import a public key (without the private key) to is as a Key Vault Secret. Unfortunately, secrets don't…
asked 2024-07-18T14:36:11.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 93%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Moyer, Todd
80
Reputation points
commented 2024-07-19T18:50:29.7066667+00:00
Moyer, Todd
80
Reputation points
2 answers
One of the answers was accepted by the question author.
What is the cause of the following error - "getting assigned identities for pod <namespace>/<pod_name> in CREATED state failed after 20 attempts, retry duration [5]s" , while connecting to IMDS endpoint from a pod in AKS.
I am trying to connect to Azure Key vault via user assigned managed identity from a pod of AKS. I have provided the necessary RBAC role to the identity. I have created Azure Identity and Azure Identity Binding. I have updated my deployment with…
asked 2024-07-08T17:50:19.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 12%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMV%3C/text%3E%3C/svg%3E)
Mahalingam Vignesh
20
Reputation points
accepted 2024-07-19T09:14:53.7433333+00:00
Mahalingam Vignesh
20
Reputation points
1 answer
VNet integrated flex consumption app unable to connect to KeyVault via service endpoint
Hi, I have a question about vnet integrated flex function apps and accessing other resources privately using service endpoints Situation: I have Flex consumption app successfully deployed and vnet integrated so all outbound traffic is via the virtual…
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,194 questions
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,681 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,093 questions
asked 2024-06-30T23:05:51.97+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 85%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
David
20
Reputation points
edited the question 2024-07-18T13:53:27.6733333+00:00
KapilAnanth-MSFT
41,566
Reputation points Microsoft Employee
1 answer
"Authority Key Identifier Extension is malformed" when importing CA-signed certificate to Azure Key Vault
When I try to import a CA-signed certificate to Azure Key Vault in both .pfx or .pem format, I'm getting the following error: CODE BadParameter MESSAGE The specified X.509 certificate content is invalid. Error: x.509 authority key identifier extension…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 57.00000000000001%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)