Thank you for reaching out to the Microsoft Q&A platform.
If I understand your problem, you are encountering issues when using a managed identity to authenticate with Key Vault in a Batch account with User Subscription pool allocation mode. Here are a few suggestions that may help:
- If i understand your problem, you are encountering issues when using a managed identity to authenticate with Key Vault in a Batch account with User Subscription pool allocation mode. Here are a few suggestions that may help:
- Verify that the managed identity has the necessary permissions to access the Key Vault. You can do this by following these steps:
- Open the Azure portal and navigate to the Key Vault. b. Click on "Access policies" and verify that the managed identity has been granted the necessary permissions (e.g. "Get", "List", "Set", "Delete" for secrets). c. If the managed identity is not listed, click on "Add Access Policy" and select the managed identity from the list of available identities.
- Verify that the Batch account has been configured correctly to use the managed identity. You can do this by following these steps:
- Open the Azure portal and navigate to the Batch account. b. Click on "Identity" and verify that the managed identity has been enabled for the Batch account. c. If the managed identity is not enabled, click on "System-assigned" and toggle the switch to "On".
- Verify that the Batch account has been configured correctly to use User Subscription pool allocation mode. You can do this by following these steps:
- Open the Azure portal and navigate to the Batch account. b. Click on "Pools" and verify that the pool allocation mode is set to "User Subscription". c. If the pool allocation mode is not set correctly, click on "Configuration" and select "User Subscription" from the list of available options.
- Verify that the virtual network and subnet have been configured correctly to allow communication between the Batch account and the Key Vault. You can do this by following these steps:
- Open the Azure portal and navigate to the virtual network. Click on "Subnets" and verify that the Batch account and Key Vault are both located in the same subnet. If the Batch account and Key Vault are not located in the same subnet, move them to the same subnet.
If none of these suggestions resolve the issue, you may want to consider opening a support case with Microsoft to get further assistance.
If I have answered your query, please click "Accept as answer" as a token of appreciation