Error encountered when retrieving secret from the Key Vault

Sully Khalifa 0 Reputation points
2023-05-18T09:22:25.47+00:00

Hi,

I am having issues starting a VM that has failed to start. I tried to search the internet for similar cases but I was unable to find any.

If someone has encountered the below error or know to resolve, please let me know.

Error encountered when retrieving secret from the Key Vault with URL: https://prod-moodkv.vault.azure.net/secrets/60F76508-4F97-449F-A570-877647D9F385/de645c159edb478fb9d06c77d5b2b1d3. Make sure that the secret exists and Key Vault is enabled for volume encryption. (Code: DiskEncryptionInternalError)
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,100 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,079 questions
Azure Disk Storage
Azure Disk Storage
A high-performance, durable block storage designed to be used with Azure Virtual Machines and Azure VMware Solution.
570 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jackson Martins 9,636 Reputation points MVP
    2023-05-18T13:28:33.6833333+00:00

    Hi @Sully Khalifa

    try the steps below:

    Verify and Enable Azure Disk Encryption: Make sure that the "Azure Disk Encryption for volume encryption" feature is enabled. If not, enable it. This feature ensures that all data stored on Azure disks is secure. After enabling it, save your changes and try to start the Virtual Machine (VM) again.

    1. Redeploy the Virtual Machine: If the previous step does not resolve the issue, consider redeploying the VM. This will create a new instance of your machine on new server hardware in Azure, which can help solve intermittent or hard-to-diagnose issues.

    User's image

    3.Confirm the Validity of the Secret in the Key Vault: Ensure that the secret you are trying to access in the Key Vault is within its expiration period. If the secret has expired, you will not be able to access it, which can cause the error. You need to renew or extend the validity of the secret to continue accessing it.

    Get in touch if you need more help with this issue.

    --please don't forget to "[Accept the answer]" if the reply is helpful--

  2. JamesTran-MSFT 36,361 Reputation points Microsoft Employee
    2023-05-18T22:01:12.6933333+00:00

    @Sully Khalifa

    Thank you for your post!

    Error Message:

    Error encountered when retrieving secret from the Key Vault with URL: https://prod-moodkv.vault.azure.net/secrets/...9F385/...2b1d3. Make sure that the secret exists and Key Vault is enabled for volume encryption. (Code: DiskEncryptionInternalError)

    I understand that you were trying to setup a scaling plan for your VM and ended up deleting the scaling plan, which could've caused the error message above. Since you confirmed your KV is enabled for Volume Encryption and the Secret your VM is trying to retrieve doesn't exist, can you share some more details so I can gain a better understanding of your issue.

    • Was your VM working with Azure Disk Encryption prior to creating/deleting the scaling plan?
    • Can you ensure that after deleting the scaling plan, your VM still has the correct Access Policy permissions to retrieve the KV Secret?
    • Within your prod-moodkv Vault under the Secrets page, select "Manage deleted secrets" to ensure the Secret isn't in a delete state and can be restored.

    User's image

    If you're still having issues and would like to work closer with our support team on this, please let me know and I'd be happy to enable your subscription for a one-time free technical support request.

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.