How to resolve this error: Managed Identity (MI) is not set for this account while the encryption key source is \'Microsoft.KeyVault\

Tee, Tze Huat 30 Reputation points
2024-03-26T04:52:24.9066667+00:00

Currently I want to create a chat with Azure Open AI models using your own data. But, I am getting the error: Managed Identity (MI) is not set for this account while the encryption key source is 'Microsoft.KeyVault\ when I tried to call my api. I already enabled the system-assigned account under AI search and assigned the Blob Data Reader role to the system-assigned account. Please refer to my code below.

    messages = [{"role": "system", "content": "You are a helpful assistant."}] + conversation.messages

    response = client.chat.completions.create(
        model=deployment,
        messages=messages,
        extra_body={
            "dataSources": [
                {
                    "type": "AzureCognitiveSearch",
                    "parameters": {
                        "endpoint": search_endpoint,
                        "key": search_key,
                        "indexName": search_index_name,
                    }
                }
            ]
        }
    )

Azure AI Search
Azure AI Search
An Azure search service with built-in artificial intelligence capabilities that enrich information to help identify and explore relevant content at scale.
1,015 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,859 questions
Azure OpenAI Service
Azure OpenAI Service
An Azure service that provides access to OpenAI’s GPT-3 models with enterprise capabilities.
3,081 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vinodh247 20,991 Reputation points
    2024-03-26T06:42:17.9633333+00:00

    Hi ,

    Thanks for reaching out to Microsoft Q&A.

    The error message indicates that a Managed Identity (MI) is required for your account when trying to access encryption keys from Microsoft Key Vault. Do you see any specific errors in your key vault logs? if not try the following steps(if not yet) and let me know.

    • Assign MI to your application and then make sure that it has been granted the necessary permissions to access the keys stored in key vault.
    • Update the code or configuration settings in your application to utilize the Managed Identity endpoint for authentication when retrieving encryption keys
    • Verify that the URI in your application's configuration for the key vault URI

    Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.