Thank you for reaching Microsoft Q&A!
I understand that in your Key Vault but when you trying to add the certificate in the secret section of Frontdoor, you are getting the following error "Failed to create the secret. We don't have permission to access this secret. Go to access policies in your key vault account to give Microsoft.AzureFrontDoor-cdn or managed identities permission to get secrets".
To be able to add the certificate to the secret section of Front Door, the below 2 steps must be completed first and sometimes, it may take more than 1 try. So request you to check if both the below steps have been completed and re-try them just to be sure and then try adding the certificate:
- Register Azure Front Door: Register the service principal for Azure Front Door as an app in your Azure Active Directory (Azure AD) by using Azure PowerShell or the Azure CLI. The Application Id is "205478c0-bd83-4e1b-a9d6-db63a3e1e1c8" Refer: https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-https-custom-domain#register-azure-front-door
- Grant Azure Front Door access to your key vault: In your key vault account, select Access policies and create a new access policy with Get Secret & Certificate permissions to allow Front Door to retrieve the certificate. In Select principal, search for 205478c0-bd83-4e1b-a9d6-db63a3e1e1c8, and select Microsoft.AzureFrontDoor-Cdn Refer: https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-https-custom-domain#grant-azure-front-door-access-to-your-key-vault
Kindly let us know if the above helps. Do let us know if you any further queries by responding in the comments section.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.