Unable to access secrets in key vault - "The connection to data plane failed"

Question

Unable to access secrets in key vault - "The connection to data plane failed"

Kav 36

Hello,

I created a new key vault and when trying to view/manage secrets I get the error across the top of the page saying:

"The connection to data plane failed. Please refresh and try again. If Private Links are enabled on the vault and the issue persists please follow the steps in the following link https://go.microsoft.com/fwlink/?linkid=2156688"

I have 'Key Vault Administrator' access over the vault

Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-10T12:15:23.49+00:00
Hi Kav,

The error message “The connection to data plane failed” indicates that there is a problem with the network connection between your client and the Azure Key Vault.

I understood you are trying to access from Azure Portal and you already have private endpoint enable on Key Vault. Based on that information take the below considerations:

Due to the connection trought private endpoint , you need to connect from inside of Virtual network (Az cli / API / Azure Portal) e.g. You can use a vnet connected on Virtual Network.

Validate that your private endpoint is correctly resolv by Private DNS Zone (Check your DNS settings to make sure that you can resolve the name of the Azure Key Vault)

Validate NSG rules permit communicationt o KeyVault

More detail:

https://learn.microsoft.com/en-us/azure/key-vault/general/network-security

https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service?tabs=portal

I hope this helps, If you have any other questions, feel free to ask.

Luis

If the information helped address your question, please Accept the answer.
Kav 36 Reputation points

2023-12-10T23:53:40.44+00:00

Hi @Luis Arias ,

I dont have 'private endpoint' enabled though, see screenshot.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-11T12:22:21.5433333+00:00

Hi Kav, in that case you need to add you public IP to Keyvault firewall:

You can get your public ip going to : https://ifconfig.me/

Or executing in your command console: curl ifconfig.me

Let me know if this works for you
Kav 36 Reputation points

2023-12-11T21:27:41.8066667+00:00

@Luis Arias ,
Its currently configured like so:
Kav 36 Reputation points

2023-12-11T21:33:48.61+00:00

@Luis Arias
Also when using 'Get-AzKeyVaultSecret' Im getting this error:
John Allen 60 Reputation points

2023-12-12T12:29:08.79+00:00

This just started happening for just one user recently. Accessing through the portal, no private endpoint, public IP added to firewall. Using Access policy user has “ALL”. User can open URL to a specific key or secret or even the URL to create a new. Can not open the page to list though.
John Allen 60 Reputation points

2023-12-12T12:34:20.6+00:00

All other users work find existing and new added to policy yesterday. I deleted and re added him to get a new objectID for his user in access policy, gave him vault access specific privileges in RBAC even though we are using access policy and not RBAC.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-12T13:24:24.7033333+00:00
Hi John,

I understood that is only happening with an specific user so , Here are a few potential points to check:

Check Access Policy: Make sure that the user has the correct access policy defined for the operation they are trying to perform. Besides you can follow the trobleshooting Keyvault access page (https://learn.microsoft.com/en-us/azure/key-vault/general/troubleshooting-access-issues)

You can enable monitor how and when your key vaults are accessed by enabling logging for Azure Key Vault. (https://learn.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault)

Let me know if I can help you with further assistance.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
John Allen 60 Reputation points

2023-12-12T13:59:15.5066667+00:00

Hi Luis. The user has all actions to keys secrets and certs in access policy. The fact that he can see a secret if he uses the direct url to it tells me he has access via policy and firewall
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-12T15:00:35.03+00:00

This one user , has "Reader " access on Keyvault?, The objective if that this user get access by portal . Isn't it?
John Allen 60 Reputation points

2023-12-12T22:54:19.65+00:00

I don’t think this is a user issue as he can log into one of our jump servers, go to portal and s and the vault fine. He uses the same vpn as everyone else does I added his public IP in anyway. The logs show he is logging successfully. He just gets the error message when going to initial secrets page that lists them all. I sent him a link to an individual secret and it works fine for him.
Kav 36 Reputation points

2023-12-12T23:16:13.0266667+00:00

@Luis Arias
Any idea with my original issue? It worked initially then stopped working.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-13T08:24:12.2133333+00:00
Hi John / Kav,

I understood both are working in the same issue, so here a sum up till now. Can you verify please?:

Main Problem: User cannot access to secret page on azure key vault, so here is where you have the error . Isn't it?:

Validation already executed please verify:

User already have network access ( Public Ip is already added to firewall rules)

User list secrets on keyvault log is permitted (Checked by Log Analytics)

User have the right access Policy ( Access to view secrets by portal require List Secret access policy)

Additional considerations:

Access to an individual secret doesn't mean that they have access to list all secrets on page.

Log login to Key vault doesn't mean they have access to key vault because login is trough azure AD.

Let me know your comments and correct me if any of this information is wrong.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Kav 36 Reputation points

2023-12-14T04:17:24.4433333+00:00
@Luis Arias ,
Comments and replied next to the questions below:

User already have network access ( Public Ip is already added to firewall rules): vault is open to all IP's as per above screenshot

User list secrets on keyvault log is permitted (Checked by Log Analytics): can you elaborate more on this?

User have the right access Policy ( Access to view secrets by portal require List Secret access policy): user has been given 'Key Vault Administrator' role to the whole vault, is this sufficient?
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-25T02:04:59.8933333+00:00

@Kav
User list secrets on key Vault log is a permission that allows a user to view the names and properties of all the secrets in a key vault, as well as the audit logs of the key vault operations. This permission is checked by Log Analytics, which is a service that collects, analyzes, and queries data from various sources, including Azure Key Vault.

The Key Vault Administrator role is a built-in role that grants full access to perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. To view the secrets in a key vault using the Azure portal, you need to have the ‘List’ permission in the ‘Secret Permissions’ section of the key vault access policy. This permission allows you to list the secrets in the key vault, which is necessary to view them in the Azure portal. for more details you can refer below documents.

Reference: https://learn.microsoft.com/en-us/azure/key-vault/general/basic-concepts#key-vault-roles
https://learn.microsoft.com/en-us/azure/key-vault/general/rbac-guide?tabs=azure-cli#azure-built-in-roles-for-key-vault-data-plane-operations
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-25T07:33:11.37+00:00

@Kav
Just checking in to see if the above answer provided by @Luis Arias

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Kav 36 Reputation points

2023-12-25T10:54:28.3833333+00:00

My key vault does not use access policies:

And the role I have is as follows:

So I should not be having a problem is my understanding.
Kav 36 Reputation points

2023-12-25T10:56:54.7733333+00:00

Hi,

I appreciate the help, but I did respond to that post already, it was not the solution as per my replies above.
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-26T12:18:22.2266667+00:00

@Kav
Thank you for replying back.
As you have Key vault Administrator role you have full access to the resource. In you case there is no issue is found. if you have any issue, please feel free to ask.
If the information provided by Luis Arias is helped to you, please Accept the answer.
Kav 36 Reputation points

2023-12-27T00:15:09.8+00:00

The issue is the original one that I posted, I am getting the error 'The connection to data plane failed'.
Kav 36 Reputation points

2023-12-27T00:16:36.7833333+00:00

The issue is still the original one I posted, I am getting the error "The connection to data plane failed"
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2024-01-25T20:03:17.54+00:00
@Kav

Thank you for your post and I apologize for the delayed response on this! Because it's been a while since you post this issue if you're still having problems, please let me know.

Note: If you'd like to work closer with our support team on this, I'd be happy to enable a one-time free technical support request for your subscription so you can work with our support engineers to get this issue resolved.

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
Kav 36 Reputation points

2024-01-29T00:04:58.0933333+00:00

Hi there, This is still with technical support, most recent response was to arrange a video call with me, i'll update the ticket once more is known, but its pretty clear there is an issue on the MS end. Appreciate the offer for one-time technical support, but I have already subscribed for support, though I may request a credit since this is an issue on the MS end.
TP 125.8K Reputation points Volunteer Moderator

2024-01-29T00:17:24.3066667+00:00

@Kav Thanks for the update.

4 answers

Your answer

Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-10T12:15:23.49+00:00

Hi Kav,

The error message “The connection to data plane failed” indicates that there is a problem with the network connection between your client and the Azure Key Vault.

I understood you are trying to access from Azure Portal and you already have private endpoint enable on Key Vault. Based on that information take the below considerations:

Due to the connection trought private endpoint , you need to connect from inside of Virtual network (Az cli / API / Azure Portal) e.g. You can use a vnet connected on Virtual Network.

Validate that your private endpoint is correctly resolv by Private DNS Zone (Check your DNS settings to make sure that you can resolve the name of the Azure Key Vault)

Validate NSG rules permit communicationt o KeyVault

More detail:

https://learn.microsoft.com/en-us/azure/key-vault/general/network-security

https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service?tabs=portal

I hope this helps, If you have any other questions, feel free to ask.

Luis

If the information helped address your question, please Accept the answer.
Kav 36 Reputation points

2023-12-10T23:53:40.44+00:00

Hi @Luis Arias ,

I dont have 'private endpoint' enabled though, see screenshot.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-11T12:22:21.5433333+00:00

Hi Kav, in that case you need to add you public IP to Keyvault firewall:

You can get your public ip going to : https://ifconfig.me/

Or executing in your command console: curl ifconfig.me

Let me know if this works for you
Kav 36 Reputation points

2023-12-11T21:27:41.8066667+00:00

@Luis Arias ,
Its currently configured like so:
Kav 36 Reputation points

2023-12-11T21:33:48.61+00:00

@Luis Arias
Also when using 'Get-AzKeyVaultSecret' Im getting this error:
John Allen 60 Reputation points

2023-12-12T12:29:08.79+00:00

This just started happening for just one user recently. Accessing through the portal, no private endpoint, public IP added to firewall. Using Access policy user has “ALL”. User can open URL to a specific key or secret or even the URL to create a new. Can not open the page to list though.
John Allen 60 Reputation points

2023-12-12T12:34:20.6+00:00

All other users work find existing and new added to policy yesterday. I deleted and re added him to get a new objectID for his user in access policy, gave him vault access specific privileges in RBAC even though we are using access policy and not RBAC.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-12T13:24:24.7033333+00:00

Hi John,

I understood that is only happening with an specific user so , Here are a few potential points to check:

Check Access Policy: Make sure that the user has the correct access policy defined for the operation they are trying to perform. Besides you can follow the trobleshooting Keyvault access page (https://learn.microsoft.com/en-us/azure/key-vault/general/troubleshooting-access-issues)

You can enable monitor how and when your key vaults are accessed by enabling logging for Azure Key Vault. (https://learn.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault)

Let me know if I can help you with further assistance.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
John Allen 60 Reputation points

2023-12-12T13:59:15.5066667+00:00

Hi Luis. The user has all actions to keys secrets and certs in access policy. The fact that he can see a secret if he uses the direct url to it tells me he has access via policy and firewall
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-12T15:00:35.03+00:00

This one user , has "Reader " access on Keyvault?, The objective if that this user get access by portal . Isn't it?
John Allen 60 Reputation points

2023-12-12T22:54:19.65+00:00

I don’t think this is a user issue as he can log into one of our jump servers, go to portal and s and the vault fine. He uses the same vpn as everyone else does I added his public IP in anyway. The logs show he is logging successfully. He just gets the error message when going to initial secrets page that lists them all. I sent him a link to an individual secret and it works fine for him.
Kav 36 Reputation points

2023-12-12T23:16:13.0266667+00:00

@Luis Arias
Any idea with my original issue? It worked initially then stopped working.
Luis Arias 8,621 Reputation points Volunteer Moderator

2023-12-13T08:24:12.2133333+00:00

Hi John / Kav,

I understood both are working in the same issue, so here a sum up till now. Can you verify please?:

Main Problem: User cannot access to secret page on azure key vault, so here is where you have the error . Isn't it?:

Validation already executed please verify:

User already have network access ( Public Ip is already added to firewall rules)

User list secrets on keyvault log is permitted (Checked by Log Analytics)

User have the right access Policy ( Access to view secrets by portal require List Secret access policy)

Additional considerations:

Access to an individual secret doesn't mean that they have access to list all secrets on page.

Log login to Key vault doesn't mean they have access to key vault because login is trough azure AD.

Let me know your comments and correct me if any of this information is wrong.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Kav 36 Reputation points

2023-12-14T04:17:24.4433333+00:00

@Luis Arias ,
Comments and replied next to the questions below:

User already have network access ( Public Ip is already added to firewall rules): vault is open to all IP's as per above screenshot

User list secrets on keyvault log is permitted (Checked by Log Analytics): can you elaborate more on this?

User have the right access Policy ( Access to view secrets by portal require List Secret access policy): user has been given 'Key Vault Administrator' role to the whole vault, is this sufficient?
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-25T02:04:59.8933333+00:00

@Kav
User list secrets on key Vault log is a permission that allows a user to view the names and properties of all the secrets in a key vault, as well as the audit logs of the key vault operations. This permission is checked by Log Analytics, which is a service that collects, analyzes, and queries data from various sources, including Azure Key Vault.

The Key Vault Administrator role is a built-in role that grants full access to perform all data plane operations on a key vault and all objects in it, including certificates, keys, and secrets. To view the secrets in a key vault using the Azure portal, you need to have the ‘List’ permission in the ‘Secret Permissions’ section of the key vault access policy. This permission allows you to list the secrets in the key vault, which is necessary to view them in the Azure portal. for more details you can refer below documents.

Reference: https://learn.microsoft.com/en-us/azure/key-vault/general/basic-concepts#key-vault-roles
https://learn.microsoft.com/en-us/azure/key-vault/general/rbac-guide?tabs=azure-cli#azure-built-in-roles-for-key-vault-data-plane-operations
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-25T07:33:11.37+00:00

@Kav
Just checking in to see if the above answer provided by @Luis Arias

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Kav 36 Reputation points

2023-12-25T10:54:28.3833333+00:00

My key vault does not use access policies:

And the role I have is as follows:

So I should not be having a problem is my understanding.
Kav 36 Reputation points

2023-12-25T10:56:54.7733333+00:00

Hi,

I appreciate the help, but I did respond to that post already, it was not the solution as per my replies above.
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-26T12:18:22.2266667+00:00

@Kav
Thank you for replying back.
As you have Key vault Administrator role you have full access to the resource. In you case there is no issue is found. if you have any issue, please feel free to ask.
If the information provided by Luis Arias is helped to you, please Accept the answer.
Kav 36 Reputation points

2023-12-27T00:15:09.8+00:00

The issue is the original one that I posted, I am getting the error 'The connection to data plane failed'.
Kav 36 Reputation points

2023-12-27T00:16:36.7833333+00:00

The issue is still the original one I posted, I am getting the error "The connection to data plane failed"
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2024-01-25T20:03:17.54+00:00

@Kav

Thank you for your post and I apologize for the delayed response on this! Because it's been a while since you post this issue if you're still having problems, please let me know.

Note: If you'd like to work closer with our support team on this, I'd be happy to enable a one-time free technical support request for your subscription so you can work with our support engineers to get this issue resolved.

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
Kav 36 Reputation points

2024-01-29T00:04:58.0933333+00:00

Hi there, This is still with technical support, most recent response was to arrange a video call with me, i'll update the ticket once more is known, but its pretty clear there is an issue on the MS end. Appreciate the offer for one-time technical support, but I have already subscribed for support, though I may request a credit since this is an issue on the MS end.
TP 125.8K Reputation points Volunteer Moderator

2024-01-29T00:17:24.3066667+00:00

@Kav Thanks for the update.

Answer 1

TP 125.8K Volunteer Moderator

Hi Kav,

From one of your comments above it appears you are getting 5xx error from Key Vault, which would need to be fixed by support (by creating new support request in portal), or perhaps if you didn't need the contents of the vault you could create a new one.

Please open Cloud Shell, run command similar to below, and post output in a comment. Output will hopefully give us better idea of the error you are getting as well as a potential clue of cause, etc.

Get-AzKeyVaultSecret -VaultName yourKeyVaultName -Debug

Do you remember last change that was made before it started returning an error? For example, a new secret was created, and then after that it was broken? Are there any characters in any of the secret names besides a-z 0-9?

Please click Accept Answer and upvote if the above was helpful.

Thanks.

-TP

Kav 36 Reputation points

2023-12-29T00:33:31.5333333+00:00

Hi @TP,

Attached is the debug output from cloud shell. I created the secret and it was visible for a period in the portal, then I started using PowerShell to interact with it and after that at some point it stopped working. It never worked in PowerShell either (e.g. using 'Set-Secret').

I tried creating a new secret in the portal and it gave an error "error occurred"

keylog.txt

So to log a ticket with support, it appears I need to pay for a support subscription, so then I need to pay MS to fix their own back end issue? :)
Kav 36 Reputation points

2023-12-29T00:39:36.8733333+00:00

I just created another key vault, it has the same issues immediately. Havent done anything with it.
Kav 36 Reputation points

2023-12-29T00:40:28.9033333+00:00

I just created another test key vault and it has the same issue, immediately, didnt do anything with it.
TP 125.8K Reputation points Volunteer Moderator

2023-12-29T00:54:14.43+00:00

Thanks. You can see it is returning InternalServerError from the API. Unfortunately you need at least Developer level support ($29/month) to create a new technical support request. What you could do is switch to Developer support and then set it to not automatically renew to keep the cost as low as possible. The idea would be to only pay for 1 month.

Or, perhaps retrieving the individual secrets still works and you could use this to make a backup of the existing secrets and re-create them on a new key vault. You need to know the name of all the existing secrets since list doesn't work. Once you have the new vault up and running you could delete the one that is giving an error.
Kav 36 Reputation points

2023-12-29T01:35:21.3433333+00:00

I created a new vault and it has the same error, fortunately I was in testing stage and it didnt hold any secrets I needed to extract. I guess i'll have to log a ticket with support and pay for subscription.

I understand paying for support when the system is operating as expected, but paying for support when the vendor has technical issues is a bit of a stretch :) Anyway... not your/anyones problem.
TP 125.8K Reputation points Volunteer Moderator

2023-12-29T01:54:42.5433333+00:00

If you want to experiment, couple things you could try to isolate the issue: 1) create a new vault using portal, only this time select Vault access policy (instead of RBAC) on Access configuration tab and then Create 2) create a new Entra ID user, sign in with this user and see if you create vault with new user if the same issue occurs

Of course you shouldn't have to do either of above, I just mentioned it in case you wanted to try and narrow down the cause. It needs to fixed either way since what is happening to you isn't normal.
Kav 36 Reputation points

2023-12-29T02:03:03.67+00:00

Ah interesting, didnt know you could create a vault using 'access policy', thought it was deprecated.

OK so I created a new vault with 'access policy' instead of RBAC and it works fine!

So issue is with RBAC... I have now also logged a ticket with support, see what they say.
TP 125.8K Reputation points Volunteer Moderator

2024-01-03T06:11:05.35+00:00

@Kav Any update?
Kav 36 Reputation points

2024-01-03T23:47:11.9933333+00:00

Still waiting for support to get back to me after my first reply.
Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2024-01-04T06:26:44.6833333+00:00

@Kav
Would you please share the support case number so that we will help you to solve the issue quickly.
Kav 36 Reputation points

2024-01-04T06:52:17.85+00:00

Sure, TrackingID#2312290030000145
Kav 36 Reputation points

2024-01-04T06:52:27.2+00:00

Sure, TrackingID#2312290030000145

Answer 2

Hi @Kav
Thank you for posting your query on Q&A I apologize for the delayed response!

I Understand that when you trying to view/manage secrets you are getting the following error message.

The connection to data plane failed. Please refresh and try again. If Private Links are enabled on the vault and the issue persists please follow the steps in the following link https://go.microsoft.com/fwlink/?linkid=2156688"

The error message states that there is a problem with network connection between Azure key vault and client it could be following reasons.

A Firewall rule is blocking traffic to the Azure Key Vault. Check your firewall rules to make sure that traffic to the Azure Key Vault is not being blocked.
A connectivity issue between your client and the Azure Key Vault. Check the connectivity between your client and the Azure Key Vault.
Ensure that you are using the correct subscription and resource group for the Azure Key Vault and Azure Key Vault is not in a deleted state.
Make sure that your Private Link is correct configured. More details please go through the below documents. Diagnose private links configuration issues on Azure Key Vault
Azure Private Link Troubleshooting Guide

If your Private Link is correctly configured or if you aren't using a Private Link or If you aren't experiencing any connectivity issues the error message might also be cause by a Tenant Mismatch if you recently deployed your Key Vault to a subscription that contains a different Tenant ID, or the subscription that owned the KV was moved to a different Tenant.

For More Info - The connection to Data Plane Failed
To resolve a potential Tenant Mismatch issue, you can update your Key Vault's Tenant ID. For more info - Moving an Azure Key Vault to another subscription.
I hope this Answer helps!

Thanks,
Akhilesh.

If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

Akhilesh Vallamkonda 15,320 Reputation points Microsoft External Staff Moderator

2023-12-28T12:48:23.5566667+00:00

Hi @Kav

Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Kav 36 Reputation points

2023-12-28T23:39:33.6866667+00:00

Hi @Akhilesh,

Unfortunately it is none of those things:

Not a firewall issue, keep in mind this is happening on the portal UI

There is no connectivity issue

Definitely using the correct tenant etc, again this is all occuring on the portal UI and the vault is not in a deleted state

As stated before, we are not using private vaults, as above screenshots the vault is open to all public networks
Ali 0 Reputation points Microsoft External Staff

2024-02-23T14:32:04.83+00:00

Hello Kav, did you solve your issue? I have the completely same problem now; do you have any suggestion for me?

Answer 3

Please make sure that the key vault data plane is in the same tenant(directory) as the tenant(directory) you are in.

In the key vault overview pane, you will see the "Directory ID" of the key vault data plane.

When you click on your name at the top right corner, you will see a link to "change directory". Make sure that the directory you see in the key vault overview pane is selected.

If you don't see the directory, then you do not have access to the data plane of the key vault.

Note that you can manage the key vault if you have RBAC permissions and you are in a different directory, but you cannot access the data (keys, secrets, certificates) if you are not in the same directory as the key vault.

Hope this helps...

Answer 4

Jerrill Johnson 0

I had this issue and had forgotten to remove an entry in my hosts file that pointed the keyvault URL to 127.0.0.1 that I had added to simulate client failures the week before. Hope this saves someone a minute in the future.

Share via

Unable to access secrets in key vault - "The connection to data plane failed"

4 answers

Your answer