This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 71%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Caller needs data action: 'Microsoft.KeyVault/vaults/keys/read' to perform action on resource: /subscriptions/8b36142b-c901-4202-89b7-89d1f7b06934/resourceGroups/reg-0-1/providers/Microsoft.KeyVault/vaults/pakey. For more information, please see: https://docs.microsoft.com/en-us/azure/key-vault/general/rbac-guide
Hi @shirure param , how are you adding the key? Make sure you have the correct permissions. You need to have the "Key Management" role or the "Owner" role to add keys.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @shirure param ,
The user adding the keys needs to have the permission:
'Microsoft.KeyVault/vaults/keys/read'
Please assign the Key Vault Reader role to the user, or add the custom role with the permissions above.
If you have trouble adding the role itself, please confirm that you have been assigned the role as "Owner" for the subscription. Users need to have the "Owner" role assigned in order to change the permission model. https://learn.microsoft.com/en-us/azure/key-vault/general/rbac-guide?tabs=azure-cli
If it's a service trying to access the keys, you need to make sure that the Key Vault access policies are configured correctly to allow that access.
If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions.