Unable to remove network rule in vault

Nitin Naidu (Consultant) 46 Reputation points
2023-03-02T14:49:00.7566667+00:00

az keyvault network-rule list --name XX-keyvault-prod

{
  "bypass": "AzureServices",
  "defaultAction": "Deny",
  "ipRules": [],
  "virtualNetworkRules": []
}

az keyvault network-rule remove --name fhio-keyvault-prod

After running the remove command it does not remove the network rule. FYI: I created the vault with Terraform and this network rule was automatically created. Due to this rule I am unable to add secrets with terraform.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,105 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 16,026 Reputation points Microsoft Employee
    2023-03-13T09:43:45.14+00:00

    Hello ,

    The remove command won't work until atleast one Access and network configuration is defined. As per Terraform The Default Action to use when no rules match from ip_rules / virtual_network_subnet_ids. Possible values are Allow and Deny.

    User's image

    Solution: Add the subnet of network from which you are accessing the keyvault.

    User's image

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes/No), and share your feedback if the suggestion works as per your business need. This will help us and others in the community as well.

    0 comments No comments