This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 1%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
I am trying to create a key vault and selected only the option Azure Disk encryption for volume encryption under Access policy.
For networking it was left to default i.e. all networks. But the deployment is failing for key vault. I have attached the screenshot of the error.
For reference I am following the process of "Create and encrypt a Windows virtual machine with the Azure portal"
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
Hello @Satyam,
Thank you for posting your query on Microsoft Q&A.
I am checking this and will get back to you with further inputs.
Thanks,
Raja Pothuraju.
Hello @Satyam,
Thank you for your time and patience.
It seems you're trying to create a Key Vault and encountered a 'BadRequest' error because 'enabledForDeployment' is set to true without including 'AzureServices' in 'networkAcls.bypass'.
To resolve this issue, I recommend modifying the network settings to 'selected networks', enabling 'allow trusted services', and then applying these changes to your environment.
Please let me know if this helps resolve the issue.
Thanks,
Raja Pothuraju.
Hello @Satyam,
Following up to see if the above suggestion was helpful. And, if you have any further query do let us know.
Hello @Sean Charles Pugosa,
Following up to see if the above suggestion was helpful. And, if you have any further query do let us know.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 39%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEM%3C/text%3E%3C/svg%3E)
I can confirm that I had the same error and following your suggestion helped.
Steps I took:
I went to Key Valut>Netrowking and selected "Allow public access from specific virtual networks and IP addresses" After that checked the box below "Allow trusted Microsoft services to bypass this firewall"
Hello @Elshan Mammadli,
That’s great to hear! Thank you for sharing this information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 25%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZA%3C/text%3E%3C/svg%3E)
I was able to fix by doing that as well. I would think 'allow all public IP' should take care of all microsoft services by default but no, Keyvault needed that specific setting and bypass microsoft.
Thank you @Elshan Mammadli