How to programally check if the user-assigned managed identity have access/permissions to the key from key vault in an other tenant?
Hi, There is two tenant A, B. tenant A have two application, 1. manageApp used by my program 2. CMEK-app using to get permisstion from tenant B by admin consent. And one user-assigned managed id configured as federated identity with the CMEK-app used…
Issue in adding custom domain to azure front door standard tier
Hi All, Greetings!!! Whil performing a POC on azure front door standard tier and trying to add a custom domain to the Azure front door standard tier. I created a certificate in azure key vault with the subject as the intended custom domain ("CN=…
Adding Key Vault Secret to Power Automate using Managed Identities.
Good morning MS Team, I am creating an application where different Power Automate Scripts are managing the Entra ID users and app registrations using an specific App registration with high-level permissions. Right now, I have the App Registration Id and…
Assign RBAC "Key Vault Administrator" role to Azure App via C# (.NET SDK)
I use below C# code create KeyVault with RBAC permission model. using KeyVaultModels = Microsoft.Azure.Management.KeyVault.Models; KeyVaultModels.VaultProperties vaultProperties = new KeyVaultModels.VaultProperties() { EnableRbacAuthorization = true, …
I cannot delete a vault in Azure
I am receiving the error below when attempting to delete a vault. I removed any dependencies that I saw but I still receive the error. Any help would be appreciated. Vault Deletion Error Recovery Services Vault cannot be deleted as there are existing…
Key Vault Integration on the Roadmap?
Are there currently any plans to allow Credentials and encrypted variables to be sourced directly from Key Vault so that we don't have to use PowerShell in the script to query the vault? Normally this wouldn't be an issue but since we're protecting our…
How to connect azure Keyvault(Public Access Disabled) To Power automate cloud
Team, Please guide on how i can connect azure key vault(Public access disabled ) to Power automate flow in cloud. What i have done already> 1.Registered an application in Azure AD and assigned necessary persmissions on the keyvault. With public access…
Unexpected charges for key vault services
Hello. On the 4th april I created a key vault service due to a mistake, and although I incurred a cost of around £20 on the day, I deleted the service on the same day. But when I looked at it today (7th april), I found that the service was still showing…
No renewal event (1001) - Key Vault Virtual machine extension
How can I troubleshoot linkOnRenewal (IIS Certificate Rebind) using the Windows version of KV virtual machine extension? When I create a new version of the certificate in KV, then it installs cert but there is no renewal (1001) event in Windows Event…
How to support rolling restarts with AZ KeyVault csi driver
I have a providerClass setup like so: spec: provider: azure secretObjects: - secretName: keycloak-http type: Opaque data: - objectName: keycloak-password key: password - objectName: keycloak-user …
Backstage (https://backstage.io/) Application Deployment on AKS: Unable to expose Azure key vault secrets as environment variables
Hi Team, I have a backstage application running on k8 cluster (AKS) and have config which mounts azure secrets at location /mnt/secrets which is working as intended able to verify the secret has been mounted properly. Now the goal is exposing these as…
How to access Azure vault from AKS using Managed Identity
How to access Azure vault from AKS using Managed Identity. Im using java to get my Azure KeyVault secrets with key configured in Azure Vault. Below is my code snippet public String getSecrets(String secretKey) { ManagedIdentityCredential…
Azure Key Vault Metrics - Dimensions and Supported Values
Hi, I'm analyzing Azure Key Vault service metrics under the namespace Microsoft.KeyVault/vaults and came across this documentation. The documentation mentions 5 different dimensions (ActivityType, ActivityName, StatusCode, StatusCodeClass,…
Automating the Client Secrets rotation using KeyVault or any methods before the expiry date?
I need to rotate the Client Secrets in my existing subscriptions before the expiry date. How can I achieve it for multiple subscriptions when using the suggested method ttps://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation? Can I…
Create Azure Key Vault via c# with RBAC.
Hi, I am using below code to create Azure Key vault and below is my code. Where azure is an object of IAzure. This code is working fine. But when I am visiting this vault in Azure I can see "Permission" Model within "Acces…
Is there any way to assign an name identifier to Firewall IP address entries?
When I add Firewall exclusions to my Azure SQL Databases, I have options to set a Rule name along with start/end IP addresses. This makes it very useful to identify what an IP address relates to and work out if its still valid or needs to be updated (we…
Adding WorkAround =536870912 in the connection string in Key Vault
All, I am creating a copy activity to load data from SQL Server to Oracle table. Getting below error - { "errorCode": "2200", "message": "Failure happened on 'Sink' side.…
azure key vault implementation in MAUI
How to retrieve self signed certificate from Azure key vault and use that certificate for packaging MAUI app
Azure key vault requirement for code signing cert
Hello, Due to the updated requirements for Code-Signing certificates, I am currently searching for a cost-effective cloud HSM solution. However, I would like to double-confirm that for signing Windows Code-Signing certificates, the option "Managed…
Azure Keyvault: The operation is not allowed by RBAC.
Hi, I am the owner of the subscription, i have created the azure keyvault and when I am trying to add a new secret, I get the following error message. The operation is not allowed by RBAC. If role assignments were recently changed, please wait…