Create Azure Key Vault via c# with RBAC.

Question

Hi,

I am using below code to create Azure Key vault and below is my code.

Where azure is an object of IAzure. This code is working fine. But when I am visiting this vault in Azure I can see "Permission" Model within "Acces Configuration" is set to "Vault access policy".

I want this vault to use "Azure role-based access control (recommended)" permission model.

azure.Vaults.Define(mymodel.vaultName) 
.WithRegion(mymodel.region)

 .WithExistingResourceGroup(mymodel.resourceGroup)

 .DefineAccessPolicy()

     .ForObjectId(azureClientApplication == null ? mymodel.clientObjectId : azureClientApplication.clientAppObjectId)

     .AllowCertificatePermissions(CertificatePermissions.Import, CertificatePermissions.Get, CertificatePermissions.List)

     .AllowSecretAllPermissions()

     .Attach()

 .Create();
			

Answer 1

Hi @ASR ,

The "EnableRbacAuthorization" parameter allows you to set the permission model to RBAC programmatically. You need to make sure this parameter is set to "true".

Powershell example:

Update-AzKeyVault -Name MyKeyVault -ResourceGroupName KeyVaults -EnableRbacAuthorization $true

C# example of setting the property:

[Newtonsoft.Json.JsonProperty(PropertyName="enableRbacAuthorization")] public bool? EnableRbacAuthorization { get; set; }

Let me know if either of these examples help and if you have further questions.

If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.