Cannot acces keyvault secrets through service endpoint in a VSTS release

We're trying to download secrets with the download key vault secrets release task in VSTS. The service principal is add in the key vault's access policies, all rights are checked, including get,...

KeyVaultErrorException: Operation returned an invalid status code 'Forbidden'

I'm trying to set up my web app, hosted in Azure to read settings from Azure KeyVault. I've been following this guide: https://anthonychu.ca/post/secrets-aspnet-core-key-vault-msi/ The example...

End-to-end encryption with Azure CosmosDB vs Storage

We develop a cloud based SaaS solution suitable for multiple tenants. For very sensitive data, we need to isolate tenants and provide end-to-end encryption for users assigned to this tenant. Not...

Generate RSA Key in Azure KeyVault using ARM Template

I want to create RSA Key in Azure Key Vault using ARM template All what I found is a REST API to do it https://docs.microsoft.com/en-us/rest/api/keyvault/createkey/createkey any ideas if this...

Azure KeyVault - Sign JWT Token

I began using Azure Keyvault to store private keys for my application. I have a use case where I need to sign a JWT token with an RSA private key. When I had the private key in my application...

ARM template error Bad JSON content found in the request

I am trying to deploy an ARM template using the Azure DevOps release pipeline. Azure KeyVault is one of the resources in the template. the deployment is successful when I use the Powershell...

Use a certificate in the keyvault to access multi-tenant application in other tenant

We have a multi-tenant application in our Azure AD tenant. It is authorized in some other tenants (we know which ones). And it has multiple certificates registered to it to be used as client...

Prevent KeyVault from updating secrets using Terraform

I'm building a terraform template to create Azure resources including Keyvault Secrets. The customer Subscription policy doesn't allow anyone to update/delete/view keyvault secrets. If I run...

How to connect Azure-key-vault with a AKS pod?

I have nodeJs application with docker file deployed in AKS with HelmChart, and I have azure key vault with some keys in Azure Portal and I need to connect my running POD with that KeyVault.

How can I permanently purge an entire azure keyvault that's been created with soft delete enabled?

When you create an azure keyvault with soft delete enabled that keyvault persists even if you delete it and re-create it from scratch. When soft-delete is enabled, resources marked as deleted...

Keyvault backup not supported

There is no support from Azure for Azure Key vault backup(existing options are error prone when it comes to automation). There is soft delete and I can reset passwords and put it back in keyvault,...

Visual Studio 2019 Azure KeyVault configuration error when publish

I want to deploy my project to Azure in an App Service I have just created. Also, I created a KeyVault for all my settings. When I try to deploy to app to the service, I have to configure the...

How to check if key with the given name exists in the keyvault?

I have keyvault named myKeyVault and there might be a key inside called myKey. I'm reading documentation of Azure CLI:...

Getting an access token for Azure Key Vault in Rider using Azure CLI

I am currently trying to get keyvault integration in our project. I am running Ubuntu (FF) and working in Rider. Things i have done in order to achieve this is: Create an access policy for my AD...

Azure Key Vault download certificate with private key

I am trying to download the certificates that I have on several KeyVaults including their private keys. Through Azure Portal I can do it without issues just going to the KeyVault, selecting the...

How to bulk create and update Azure Key Vault secrets using scripts?

I have a scenerio where I need to fetch the secret list from 'A' azure key vault and then create them in 'B' azure keyvault. But the values will have to changes/updated while creating secrets in...

Error "The parameter keyVaultCsmId has an invalid value" while adding App Service Certificates to KeyVault

I have generated a wildcard certificate using Azure's App Service Certificate. After this Azure asks you to configure the certificate in a KeyVault, and this is where I am getting stuck. I have a...

Using apache-airflow-providers-snowflake on airflow (no module named Snowflake)

I have installed package apache-airflow-providers-snowflake on airflow on docker and i am getting error No module named Snowflake Please refer attachment (check the error mentioned for the...

Can't access KeyVault when running in Visual Studio

I have an App Service that I am developing that needs to access a KeyVault. After getting some assistance from some people on Stackoverflow, I got it to the point where the App Service can access...

RequestFailedException/403 Forbidden errors accessing Azure Key Vault with role based access policies

I have a scenario where I'm getting the below exception when trying to debug an ASP.NET Core Web Application in Visual Studio that has connected services for Azure Key Vault and Azure Application...

How do you decrypt blobs with Azure KeyVault keys in Azure.Storage v12

Our code is currently using the old Microsoft.WindowsAzure.Storage libraries for blob storage access in Azure. I am trying to use the new v12 Azure.Storage.Blobs libraries to replace the old ones,...

What is the recommended way to handle Client secret expiry in AzureAD - App Registration?

I have Azure B2C instance having Azure AD as one of the External identity providers, to establish trust b/w B2C and Azure AD i have registered an App in Azure AD, this App registration is...

How to get the certifcate from Key vaults using power shell script?

I need help on this scenario. we have a cert in azure key vault which needs to be download to a windows VM for our .net application to run on iis. I am able to upload the cert to Azure keyvault...

Azure DevOps Service tags are not available in Network Security Group

I am trying to connect Azure DevOps with Azure KeyVault by whitelisting the IP addresses of Azure DevOps into the key vault. Now I need to add the service tag of Azure DevOps into KeyVault. I am...

Integrate Azure Key Vault With Azure Kubernetes Service using Managed Identity

I'm setting up Keyvault integration with k8s in Azure. I can mount a volume with secrets using the csi driver in Azure using Managed identities. I can verify the secret is mounted by exec-ing...

How to wait for group permission to have been applied?

Short Version: I am creating an Azure Active Directory Group, an Azure KeyVault to which the group has access, a key in that vault, a PostgresServer whose principal is a member of the group. The...

Sign JWT token using Azure Key Vault

I'm using a private key to sign a JWT token, which works as expected. However, I'd like to leverage Azure Key Vault to do the signing for me, so that the private key doesn't leave KeyVault. I'm...

Azure Key Vault using manage identity in AKS

I am deploying in Azure AKS a regular deployment and i want to use keyvault to store my secrets to get access to a database. This is my deployment file: apiVersion: apps/v1 kind:...

Access to Azure KeyVault with Azure.Identity in Xamarin.Forms application

I have a Xamarin.Forms application. I need an Azure Storage to store some data. I don't want to store the Shared Access Signature (SAS) in my application, obviously. In my application, I've...

App Service Managed Identity and Key Vault the right way

I am currently trying to deploy out a resource group using azure bicep, however, I am running into an issue using key vault for my azure app service. I would like to know if I am actually doing...