Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,309 questions
1 answer
local password can store in azure keyvult?
we are managing admin credentials with cyberark, would like to manage local credential with keyvault, what is possibility. share the details
asked 2024-10-29T08:49:00.5133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 23%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
AkhileshKumar Gupta
0
Reputation points
answered 2024-11-01T14:40:17.42+00:00
Timmy Malmgren
1,211
Reputation points
2 answers
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
asked 2023-10-19T05:18:01.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 37%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
himani ghildiyal
10
Reputation points
commented 2024-11-01T13:28:32.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 33%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
Sergei Wallgren
0
Reputation points
1 answer
Set-AzSqlInstanceTransparentDataEncryptionProtector Configuration Error
Error: Set-AzSqlInstanceTransparentDataEncryptionProtector: Long running operation failed with status 'Failed'. Additional Info:'The requested server key was not found.' The keyid that i used is already the one generated in the…
asked 2024-10-25T01:39:39.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 49%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Ald Christian Santos
0
Reputation points
commented 2024-11-01T08:10:03.3033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
32,991
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Key Vault - Cannot get the access policies information by Azure PowerShell
Hi All, I’m working on enabling Azure Key Vault backup. I need to gather secrets, keys, certificates, and access policies, then save them to a storage account. However, I’ve encountered an issue where the Azure Key Vault cannot retrieve the access…
asked 2024-11-01T06:50:21.72+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 68%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
cchrischeung
20
Reputation points
accepted 2024-11-01T07:54:10.5333333+00:00
cchrischeung
20
Reputation points
0 answers
How to set up a MTLS connection from azure devops pipeline to target external api without exporting private key
Our client application is azure devops pipeline and we would like to connect to target api that requires MTLS authentication. Hence we are required to store private key and certificates. We identified one security threat that in order to establish…
asked 2024-11-01T07:53:29.74+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 77%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHC%3C/text%3E%3C/svg%3E)
Harmesh Choubisa
0
Reputation points
asked 2024-11-01T07:53:29.74+00:00
Harmesh Choubisa
0
Reputation points
2 answers
Cannot Import Certificate into Azure Key Vault
I am trying to import a certificate into Azure Key Vault but getting the error "The parameter keyVaultCsmId has an invalid value."
asked 2024-07-04T08:09:26.8666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 57.00000000000001%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Carolyn Schroeder
186
Reputation points
commented 2024-10-31T13:52:14.4+00:00
Carolyn Schroeder
186
Reputation points
1 answer
One of the answers was accepted by the question author.
How to correctly create a key in KeyValut with custom policy?
I want to use the Azure Portal to create a key in KeyValut for release to test the feature Secure Key Release feature with AKV and Azure Confidential Computing (ACC). First, I think I have to set up a correct KeyValut access policy for my SNP-CVM. As…
asked 2024-10-26T04:17:14.8833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 46%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Joey
125
Reputation points
commented 2024-10-31T02:36:27.97+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Xenia-MSFT
2,520
Reputation points Microsoft Vendor
1 answer
How to fetch certificate from azure key vault using Ansible
Hello,Currently we are storing certificate in azure key vault.and manually binding certificate to iis service.but need a way to automate fetch certificate from azure key vault using Ansible and then automate binding.
asked 2023-12-07T01:28:57.44+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 15%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Ankita Rani Patro
176
Reputation points
commented 2024-10-30T12:05:28.26+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 17%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sebastiaan Mangoentinojo
0
Reputation points
0 answers
Elaboration needed on Azure Key Soverignty
Hello, we came across this key sovereignty notion on Azure page and would like more clarification on the statement "Key sovereignty means that a customer's organization has full and exclusive control over who can access keys and change key…
asked 2024-10-16T12:06:11.64+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 56.00000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPA%3C/text%3E%3C/svg%3E)
PUA Anthony
0
Reputation points
commented 2024-10-30T09:51:56.0633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
11,790
Reputation points Microsoft Vendor
1 answer
Azure Key Vault -
Hello, i am very new to AKV. We have Dev, UAT and Prod SQL environments (on prem) and every quarter we refresh the data in Dev and UAT from Prod by restoring the production database to these downstream environments. If we enable TDE and use AKV to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 17%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
Unable to delete the Azure KeyVault Purge Protection
Hi Team, I have created a Key Vault HSM with Purge Protection enabled, but I am unable to delete the Purge Protection. I am encountering the following error: Failed to purge managed HSM "aeshsmpoc" of subscription "Payperuse" with…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 77%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
Troubleshooting "The specified X.509 certificate content is invalid" Error When Importing to Azure Key Vault
I encountered the error "The specified X.509 certificate content is invalid. Error: One or more X.509 properties are invalid." while attempting to import a certificate from Cybersource into Azure Key Vault. The command used was: az keyvault…
asked 2024-10-17T04:17:38.08+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 62%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
Harmanjeet Singh Deol
0
Reputation points
commented 2024-10-29T04:25:37.9066667+00:00
Givary-MSFT
32,991
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 53%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
1 answer
How to fix (ResourceGroupNotFound) learn- issue
When running az keyvault set-policy -n <keyvault-name> --key-permissions get --spn <clientId>, I get the error: (ResourceGroupNotFound) Resource group 'learn-863f910a-xxxx-xxxx-xxxx-4c6f3e30d049' could not be found. Code:…
asked 2024-10-16T02:03:39.7266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 82%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Sven Hoelbling
0
Reputation points
commented 2024-10-28T17:50:03.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAV%3C/text%3E%3C/svg%3E)
Akhilesh Vallamkonda
10,150
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Azure CLI prompts "Failed to connect to MSI" when creating keys in KeyVault
I want to create an exportable key in AKV with the attached SKR policy as described here (here ): az keyvault key create --exportable true --vault-name "vault name from step 1" --kty RSA-HSM --name "keyname" --policy…
2 answers
java.lang.NoClassDefFoundError: Could not initialize class com.azure.identity.implementation.RegionalAuthority
Describe the bug We are in process of writing PT scripts (using JMeter) so that they can be executed using Azure Load test tool. As part of this project, we need to store our test login credentials in Azure key vault so that these PT scripts can read…
asked 2024-10-16T22:19:29.19+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 65%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navjot
46
Reputation points
answered 2024-10-25T19:53:30.7566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Raja Pothuraju
7,135
Reputation points Microsoft Vendor
1 answer
Cloud Service Extended Support Key vault access keys and secrets
I am in the process of migrating Cloud Service Classic to Cloud Service Extended Support which I also want to get working with Key Vault. The application has been successfully migrated and without any KV changes to code/webconfig it publishes fine. Once…
asked 2021-09-10T17:08:09.383+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 6%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Steven Brown
6
Reputation points
commented 2024-10-25T19:17:24.4233333+00:00
Steven Brown
6
Reputation points
3 answers
One of the answers was accepted by the question author.
How do I use a private dns zone or custom record or private IP to connect to Azure Key Vault and Azure Storage with https over private endpoint?
This question applies to both Azure Key vault and Azure Storage, but I'll be demonstrating with just the key vault to give a tangible example. I have a node app running on a VM and another in a Container Apps environment. I want to grant them the ability…
asked 2023-11-03T17:36:32.8633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 19%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
awf09j
35
Reputation points
answered 2024-10-25T17:48:46.4633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 27%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Schroeder, Michael (CTR)
31
Reputation points
1 answer
Customer question regarding MS Key rotation
What is Microsoft Azure's Key Vault encryption key rotation policy and how often are the keys rotated?
asked 2024-10-24T20:55:42.8666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 66%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAO%3C/text%3E%3C/svg%3E)
Aileen O'Brien (CELA)
0
Reputation points Microsoft Employee
commented 2024-10-25T17:38:42.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 89%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEJ%3C/text%3E%3C/svg%3E)
Erica James
0
Reputation points Microsoft Employee
1 answer
"Successfully imported Key Vault Certificate, but failed to configure SSL binding"
I have a number of certificates in my Azure Key Vault, which were all generated the same way. I also have a number of Web App Services, which were all created the same way. But sometimes, when I add a custom domain to an App Service, and then try to bind…
asked 2024-10-03T22:26:02.0266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 92%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Lee Reams
0
Reputation points
commented 2024-10-25T11:22:41.8933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 59%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SnehaAgrawal-MSFT
21,686
Reputation points