Lost an access to key vault resource (kv-aoms-p-we1) due to the connection to data plane failed error

2023-11-09T08:30:27.5766667+00:00

Hi, we lost the access to key vault resource in azure portal due to the connection to data plane failed error. we couldn't access even multiple refreshes. please check it as high priority and do the needful. Thanks

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
967 questions
Azure Cloud Services
Azure Cloud Services
An Azure platform as a service offer that is used to deploy web and cloud applications.
588 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
662 questions
Microsoft Entra Private Access
Microsoft Entra Private Access
Microsoft Entra Private Access provides secure and deep identity-aware, Zero Trust network access to all private apps and resources.
21 questions
{count} votes

Accepted answer
  1. Akshay-MSFT 12,311 Reputation points Microsoft Employee
    2023-11-09T10:45:31.3766667+00:00

    @Kumar, Yeduru Vinod (Allianz Technology)

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are getting error: "The connection to the data plane failed. Please refresh and try again", while trying to access Key Vault from admin portal (Azure).

    Please do correct me if this is not the case by responding in the comments section:

    This error could occur when under the following conditions:

    • A firewall rule that is blocking traffic to the Azure Key Vault.
    • A DNS issue that is preventing your client from resolving the name of the Azure Key Vault.
    • A connectivity issue between your client and the Azure Key Vault.

    To validate private link connection:

    Create a virtual machine by following the steps in Create a Windows virtual machine in the Azure portal

    In the "Networking" tab:

    1. Specify Virtual network and Subnet. You can create a new virtual network or select an existing one. If selecting an existing one, make sure the region matches.
    2. Specify a Public IP resource.
    3. In the "NIC network security group", select "None".
    4. In the "Load balancing", select "No".

    Open the command line and run the following command:

    nslookup <your-key-vault-name>.vault.azure.net
    
    • If you run the ns lookup command to resolve the IP address of a key vault over a public endpoint, you'll see a result that looks like this:
    c:\ >nslookup <your-key-vault-name>.vault.azure.net
    Non-authoritative answer:
    Name:    
    Address:  (public IP address)
    Aliases:  <your-key-vault-name>.vault.azure.net
    
    • If you run the ns lookup command to resolve the IP address of a key vault over a private endpoint, you'll see a result that looks like this:
    c:\ >nslookup your_vault_name.vault.azure.net
    
    Non-authoritative answer:
    Name:    
    Address:  10.1.0.5 (private IP address)
    Aliases:  <your-key-vault-name>.vault.azure.net
              <your-key-vault-name>.privatelink.vaultcore.azure.net
    

    If you are getting public IP then its an issue with the private endpoint configuration, however if you get private endpoint, then you need to follow the Troubleshooting Guide

    • If your Private Link is correctly configured or if you aren't using a Private Link
    • If you aren't experiencing any connectivity issues

    This error message can also be caused by a Tenant Mismatch - if you recently deployed your Key Vault to a subscription that contains a different Tenant ID, or the subscription that owned the KV was moved to a different Tenant. For more info - The connection to Data Plane Failed. In order to resolve a potential Tenant Mismatch issue, you can update your Key Vault's Tenant ID. For more info - Moving an Azure Key Vault to another subscription.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful