Unable to upload files to azure blob storage account when using CMK keys
Hello, I'm trying to upload files to azure storage container with CMK keys and using azure key vault to store keys facing below error ERROR: Unable to acquire an access token for Key Vault from Azure Active Directory using the identity of this…
Azure DevOps YAML Pipeline trigger not working
Hey there I have a YAML Pipeline in azure Devops, but it pulls the code only from Main branch and ONLY gets triggered via main. I want it to be like Change made in Test ==> Pipeline Runs ==> Result Notified Please help me out ! trigger: …
How do we prove to Security Auditors that Microsoft is using "FIPS 140-2 Level 2 validated HSMs" for Azure Key Vault (Premium)
Hello Support, Could you please clarify the following: How do we prove to Security Auditors that Microsoft is actually using "FIPS 140-2 Level 2 validated HSMs" for storing keys in Azure Key Vault (PREMIUM) service? How do we prove that…
Can I connect directly to CosmosDB from ADF using the key vault?
I am trying to set up an azure key vault key to connect from Azure Data Factory directly to CosmosDB. I am following this link but it seems to be for a web app service. https://learn.microsoft.com/en-us/azure/cosmos-db/store-credentials-key-vault This…
Problem to generate blob storage SAS-token in WebApp
Hi, First I want to let you know that I'm beginner with Azure. I have a problem to generate SAS-token (view-access token) for my blob storage container in my webapp server code. I'll get an 403 (unauthorized) error when trying to generate the token. I…
I can bind keyvault certificate to webapp in US_MIDDLE but not US_EAST.
I am moving from US_MIDDLE to US_EAST but having issue to bind certificates to the new webapp in US_EAST. I had a 3-hours service window yesterday where I moved the database but were unable to enable the new app so I had to revert DNS settings to the old…
Same object id in SystemAssigned Identity of AppService and its slot
Hi. I have a problem with having both AppService and its slot the same object id of SystemAssigned identity. I've created these resources with Terraform. I'm using these IDs to assign these identities in KeyVault and this operation fails because you…
how to fix Remove-MgApplicationKey : Insufficient privileges to complete the operation ?
Hi all, I'm trying to make some graph powershell script to delete expired keys I gave require scope for connect-graph (my id is global admin) , but still showing Insufficient privileges to complete the operation. Please help this is the command on the…
Unable to view secrets and certificates from keyvault
Hi Team, I'm unable to view the secrets and certificates from keyvault. I've been connected to VPN but I can view them when I'm inside a Virtual machine with the VNet. I've verifies the private link and conditional forwarder and private endpoint and DNS…
Azure Key Vault PFX import not showing correct certificate details
I have problems with importing certificates into Azure Key Vault. I have created a cert/fullchain/privatekey using Letsencrypt certbot. Private key is a standard RSA 4096 key. I have tried importing both fullchain+privatekey and certonly+privatekey, with…
Retrieving Secret value from one ReourceGroup and apply to different ResourceGroup: BadRequest Error
Im trying to automate my secret creation. I have secret resource in different Resource Group that use the same secret value and Name. Im trying to retrieve the secret value in one Rg and apply to different Rg since they both are using the same secret…
How can we export metadata of Keyvault's Key/Secret/Certificate to Log Analytics Workspace
I have seen log categories in KeyVault but I don't find that we can export metadata of Key/Secret/Certificate can be exported into log analytics workspace. Admin actions on them is fine like create/delete, I can get them but I would like to capture all…
Enabling Diagnostics setting in Azure Key vault
While enabling Diagnostic setting in my Key vault, I have two option to store the logs workspace and storage account. few questions If I choose storage account to store the logs, will I be able to run KQL queries on key vault ? will the stored logs be…
Migrating secrets or keys from Azure Key Vault from one tenant to another tenant.
Hello, We currently use Azure key vault to store some credentials and secrets. I would like to know if I can migrate some (not all) secrets or credential from azure key vault to a new tenant Azure Key Vault. For example, i would like to migrate some…
Where to store secret token retrieved during runtime?
Hi Team, I'm trying to visualize and best way to implement a very common enterprise use case. I'm using ADF, Key Vault, Azure SQL data base as inventories. Requirement is to fetch some data from an exposed API. Before calling the API I need to generate…
No renewal event (1001) - Key Vault Virtual machine extension
How can I troubleshoot linkOnRenewal (IIS Certificate Rebind) using the Windows version of KV virtual machine extension? When I create a new version of the certificate in KV, then it installs cert but there is no renewal (1001) event in Windows Event…
Unable to access secrets in key vault - "The connection to data plane failed"
Hello, I created a new key vault and when trying to view/manage secrets I get the error across the top of the page saying: "The connection to data plane failed. Please refresh and try again. If Private Links are enabled on the vault and the issue…
Certificate "Data encipherment" key usage flag removed by CA but Key Vault decryption still works?
Hello, I have a question about the expected behaviour of the Azure Key Vault when a Certificate is finalized by merging the Key Vault Certificate with a signed request. When a Certificate is created in Azure Key Vault with the "Data…
Key Vault certificate
I have Local SQL server, I cannot to connect to this server through data factory as the integration runtime needs a secure connection through SSL certificate. then I'm creating a ssl certificate in key vault, then I imported this certificate while…
App Service Outbound connectivity not routing through VNET
I have configured keyvault with allow public access from vnet and specific ip address added the subnet delegated to app services created a app service with vnet integration and the outbound traffic to key vault is still going through public and not…