Share via

Azure Resource Manager API - can't create Keyvault

Casper Rubæk 246 Reputation points
2021-05-24T17:32:47.357+00:00

I am trying to create a KeyVault using the Azure Resource Manager API.
I can successfully create other services such as API Management, but KeyVault always fails with "sku is invalid" when I use the API, even though I send the family property with the API request as well.

I have also tried creating the KeyVault using the Azure.ResourceManager.KeyVault SDK, but this does not complete as well. It does not throw any error or say what the issue is and my .Net Core console app returns with Success code 0.

What could be the reason behind this?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,194 questions
Accepted answer
  1. Saurabh Sharma 23,791 Reputation points Microsoft Employee
    2021-05-27T00:34:43.883+00:00

    @Casper Rubæk You need to add permissions like below -
    permissions = new Permissions { Secrets = new SecretPermissions[] { new SecretPermissions("get") } };
    Also, you need to pass access policy object as a List to Vault Properties like below -
    var vaultProperties = new VaultProperties(tenantId, new Sku(SkuName.Standard))
    {
    AccessPolicies = new List<AccessPolicyEntry>
    {
    accessPolicyEntry
    }
    };
    Also, you need to use WaitForCompletionAsync() which polls server to know when Key Vault create operation succeeds.
    Please find below the updated code to create a Key Vault - 

    Sku sku = new Sku(SkuName.Standard);  
                Permissions permissions = new Permissions()  
                {  
                    Secrets = new SecretPermissions[] { new SecretPermissions("get") }  
                };  
                AccessPolicyEntry accessPolicyEntry = new AccessPolicyEntry(tenantId, objectId, permissions1);  
                var vaultProperties1 = new VaultProperties(tenantId, new Sku(SkuName.Standard))  
                {  
                    AccessPolicies = new List<AccessPolicyEntry>  
                    {  
                        accessPolicyEntry1  
                    }                      
                };  
  
                VaultCreateOrUpdateParameters vaultCreateOrUpdateParameters = new VaultCreateOrUpdateParameters(region, vaultProperties1);  
                var rawResult = await vaults.StartCreateOrUpdateAsync(rgName, vaultName1, vaultCreateOrUpdateParameters);  
                var vault1 = (await rawResult.WaitForCompletionAsync()).Value;

    I have tested this and it works fine in my local.
    Also, please refer to this sample code for your reference to use Azure .NET SDK to create KeyVault.
    Please let me know if you have any questions.

    Thanks
    Saurabh

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest