Access policies for Keyvaults decommission
Hello, I'm having a question relating Access policies. Is it planned into some Azure plan to decommission Access policies for Keyvaults ? If yes could you tell/give the dead lines and official communication pages ? Thanks, JR
Cost Implications of Azure Key Vault with Diagnostic Settings and High Volume of Secrets
Hi, I have a specific use case for Azure Key Vault and need some clarification on cost implications. Here are the details of my scenario: Diagnostic Settings: I aim to enable diagnostic settings for Azure Key Vault and store the logs in Log Analytics.…
Access Policies not available
I've assigned the user- Key vault secrets user role, however I'm unable to see Access Policy. Please see the image for error. Also, I'm unable to switch to vault access policy, it says- there was an error.
Cannot Access Azure Key Vault from Python script via 'os.environ["VAULT_URL]" - Key Error: "VAULT_URL"
I am having trouble accessing my Azure Key vault from my python script (debugging before deployment), the script cannot find the environment variable "VAULT_URL" even though I have set this in my environment variables on my Function App on…
Azure Keyvault: The operation is not allowed by RBAC.
Hi, I am the owner of the subscription, i have created the azure keyvault and when I am trying to add a new secret, I get the following error message. The operation is not allowed by RBAC. If role assignments were recently changed, please wait…
Azure Databricks with Key vault backed secret using RBAC
Azure Key vault had launched the RBAC access model in 2021. This allows finer granular access to a particular secret or key or certificate. The previous model was access policies which doesn't allow this granular access. From my knowledge, Azure keyvault…
How to connect event grid with self-signed certificates
Hello everyone, I am trying to communicate with a Schneider PLC through Event Grid with an MQTT broker using self-signed certificates from Key Vault. I have uploaded certificates generated by Key Vault in .pem and .cer formats, but I receive an error:…
App Service Outbound connectivity not routing through VNET
I have configured keyvault with allow public access from vnet and specific ip address added the subnet delegated to app services created a app service with vnet integration and the outbound traffic to key vault is still going through public and not…
Insufficient Permissions for Import Certificate into Key Vault
I am an external user for one of my client accounts. I have owner permissions. I am trying to import a certificate into a key vault. The key vault has the Vault Access Policy. As the owner, I have full access to this resource. However, when I try to…
What are the best Practices for Storing Privileged Credentials in Azure Key Vault
Hi, I would like to leverage Azure Key Vault to store some privileged credentials (such as Linux root accounts or AD privileged accounts) and share them with specific teams. Since there are some naming restrictions in Azure Key Vault and secrets, such as…
Generate dynamic passwords with Azure Key Vault for Postgresql Database running in Azure VM
Hey guys, I have my open source postgresql deployed in Azure VMs. I would like to generate dynamic passwords for the database users using Azure Key Vault. Is it typically possible? If yes, can you please help down with steps or redirect me to right…
Getting error while trying to use Python 3.11 in Linux machine.
Getting below error while trying to use Python 3.11 in Linux machine. az keyvault: module 'inspect' has no attribute 'getargspec'
Seeking Tools or Scripts for Bulk Operations in Azure Key Vault
Hello, I am looking to utilize Azure Key Vault for storing our organization's secret data. Specifically, I need to perform bulk operations such as creating multiple key vaults, adding multiple secrets, and assigning permissions in an efficient manner. I…
Does azure China's encryption algorithm comply with OSCCA certification of China? For example, key vault
Hi Team, May I ask whether the encryption algorithms designed by Azure China service comply with or are certified by OSCCA algorithms in China? Similar to the documentation given by AWS, do we also meet this Chinese algorithm standard for some similar…
How to secure APIM subscription key when calling APIs from Web Client Application
Hello, What are some secure ways to pass the Azure API Management (APIM) subscription key while calling APIs, without exposing it in the browser network tab? Passing the key inside the header is not ideal as it can be exposed in the network tab. Would…
Automating the Client Secrets rotation using KeyVault or any methods before the expiry date?
I need to rotate the Client Secrets in my existing subscriptions before the expiry date. How can I achieve it for multiple subscriptions when using the suggested method ttps://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation? Can I…
how to get key info from other tenant
Hi according to this article:…
What permissions are required to allow app services to import a certificate from a keyvault that uses RBAC?
I have an azure app service and key vault that is using RBAC. I am unable to get the app service to import a certificate from key vault. I keep getting this error: Failed to import key vault certificate: ... . Error: The service does not have access…
Using key vault to customize the encryption keys at rest for Azure Database PostgreSQL imply any cost on for encrypt/decrypt operations?
Hi, Based on the pricing for Key Vault, encryption/decryption operations via API are charged. My question is, does this also imply cost for PostgreSQL DBaaS using custom encryption keys stored in Azure Key Vault or the cost for encrypting/decrypting…
ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established
We have a locally built a Spring boot sample client application to Access the Azure Key vault services and retrieve the secrets. The Application is built and packaged as WAR file and deployed in the external Tomcat server. We use the User Assigned…