Azure Keyvault: The operation is not allowed by RBAC.

Dat AU DUONG 385 Reputation points
2023-09-17T04:23:34.2066667+00:00

Hi,

I am the owner of the subscription, i have created the azure keyvault and when I am trying to add a new secret, I get the following error message.

The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective. 

I've checked the key vault, I've added myself as the owner even though I am the owner of the subscription but still doesn't help.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,286 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Dat AU DUONG 385 Reputation points
    2023-09-17T04:29:48.1833333+00:00

    Resolved:
    Even though I am the subscription / keyvault owner - I need to assign myself as the "Key Vault Administrator" role

    31 people found this answer helpful.

  2. Akshay-MSFT 17,866 Reputation points Microsoft Employee
    2023-09-18T05:45:07.45+00:00

    @Dat AU DUONG

    Thank you for posting your query. I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue: Admin is getting "Azure Keyvault: The operation is not allowed by RBAC" while trying to add secret to KeyVault, even though you are subscription owner.

    Solution: Admin must have Key Vault administrator role while using RBAC. Once assigned you were able to add secret in KeyVault.

    If you have any other questions or are still running into more issues, please let me know.
    Thank you again for your time and patience throughout this issue.

    Thanks,

    Akshay Kaushik

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    6 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.