I have created a new keyvault using the quickstart article :-
https://learn.microsoft.com/en-us/azure/key-vault/secrets/quick-create-powershell
But when I get to the part where it asks to use "Set-AzKeyVaultSecret" to create the secret on the vault I get the error:-
"Set-AzKeyVaultSecret: Operation returned an invalid status code 'Forbidden'"
I have even set the vault networking setting to allow access from "All networks" and still get the same error.
"Set-AzKeyVaultAccessPolicy " command was also run to give my account access as per the above microsoft article.
I even tried from a VM in the same resource group/ subnet in Azure and got same error.
I also changed the networking of the vault to "Private endpoint and selected networks" and allowed the subnet on which this VM resides. But still the same error.
This subnet is part of the bigger Vnet that is managed by another team in my organization.
The vault uri is in the format "https://abcd.vault.azure.net/". That resolves to "40.79.x.x" IP address from this VM. So does that mean that even though the VM is in same resource group, it still travels over the internet to access the keyvault?
How can I troubleshoot this or resolve this?
Is there any logging on the keyvault that will show me the source IP that shows up on the keyvault side when I run the "Set-AzKeyVaultSecret" command on this VM?
I think it might be my organizations public IP address or proxy server address, but need to double check that before allowing that IP on the key vault networking.
What else could be the issue?