Use API web app for DefaultAzureCredential
I created a key vault using .net and have added access policies which allows access for the api web application to create keys, secrets, and certificates. The goal would be able to create keys, secrets, and certificates through .net c# code. I tried…
How to export the secrets details in keyvaults using azure resource graph query?
How to export the secrets details in keyvaults using azure resource graph query
Monitor Azure keyvault Key\Secret\Certificate Expiry
we are looking for a mechanism to alert on Keyvault Key\Secret\Certificate when it is nearby expiry without using any automation(runbook\Webhook) is there any possibility?
There is .pfx file on azure keyvault, I try to convert it into a byte array(Convert.FromBase64String), I am getting format exception
There is .pfx file on azure key vault, I try to convert it into a byte array(Convert.FromBase64String), I am getting below format exception PFX file containt Primary key and Certificate {"The input is not a valid Base-64 string as it contains a…
What implementation from Azure Key Vault is the correct to host EV Code Signing Certificate from GlobalSign?
Hi! We need to renew our Code Signing Certificate. Now we have the OV certificate but the new it's going to be the EV type. With the new requirements to buy and hold the EV Code Signing Certificate we think the best choice is store the certificate in…
How to grant permission to the keyvault to fetch secrets.
I am trying to change the connection to the DB by using the keyvault -instead of hardcoding everything. I've seen then you can retrieve all of the "secrets" by generating your client (with the key vault) and then simply call the…
How to connect azure Keyvault(Public Access Disabled) To Power automate cloud
Team, Please guide on how i can connect azure key vault(Public access disabled ) to Power automate flow in cloud. What i have done already> 1.Registered an application in Azure AD and assigned necessary persmissions on the keyvault. With public access…
how to understand azure key vault access policy?
hi friend, i have create a service principal, a azure key vault, a secret scope called A and B under AKV . now i have grant get/list...permission to that service principal through access principal. it's mean that service principal can access both…
Key Vault Reference in web app config now says 'AccessToKeyVaultDenied'
A while back I setup a RBAC key vault. I followed some guide where I added a connection string under my Wep App => Configuration. All was green after that and worked. Now, however, I noticed that this happend Never seen this before. First thought it…
Assign RBAC "Key Vault Administrator" role to Azure App via C# (.NET SDK)
I use below C# code create KeyVault with RBAC permission model. using KeyVaultModels = Microsoft.Azure.Management.KeyVault.Models; KeyVaultModels.VaultProperties vaultProperties = new KeyVaultModels.VaultProperties() { EnableRbacAuthorization = true, …
Adding Key Vault Secret to Power Automate using Managed Identities.
Good morning MS Team, I am creating an application where different Power Automate Scripts are managing the Entra ID users and app registrations using an specific App registration with high-level permissions. Right now, I have the App Registration Id and…
Automating the Client Secrets rotation using KeyVault or any methods before the expiry date?
I need to rotate the Client Secrets in my existing subscriptions before the expiry date. How can I achieve it for multiple subscriptions when using the suggested method ttps://learn.microsoft.com/en-us/azure/key-vault/secrets/tutorial-rotation? Can I…
How to programally check if the user-assigned managed identity have access/permissions to the key from key vault in an other tenant?
Hi, There is two tenant A, B. tenant A have two application, 1. manageApp used by my program 2. CMEK-app using to get permisstion from tenant B by admin consent. And one user-assigned managed id configured as federated identity with the CMEK-app used…
Issue while adding custom domain to azure front door standard tier
Hi All, Greetings!!! As a part of a POC while trying to add a custom domain to the Azure front door standard tier, I created a certificate in azure key vault with the subject as the intended custom domain ("CN= <custom domain>"). CNAME…
I cannot delete a vault in Azure
I am receiving the error below when attempting to delete a vault. I removed any dependencies that I saw but I still receive the error. Any help would be appreciated. Vault Deletion Error Recovery Services Vault cannot be deleted as there are existing…
Key Vault Integration on the Roadmap?
Are there currently any plans to allow Credentials and encrypted variables to be sourced directly from Key Vault so that we don't have to use PowerShell in the script to query the vault? Normally this wouldn't be an issue but since we're protecting our…
Unexpected charges for key vault services
Hello. On the 4th april I created a key vault service due to a mistake, and although I incurred a cost of around £20 on the day, I deleted the service on the same day. But when I looked at it today (7th april), I found that the service was still showing…
No renewal event (1001) - Key Vault Virtual machine extension
How can I troubleshoot linkOnRenewal (IIS Certificate Rebind) using the Windows version of KV virtual machine extension? When I create a new version of the certificate in KV, then it installs cert but there is no renewal (1001) event in Windows Event…
How to support rolling restarts with AZ KeyVault csi driver
I have a providerClass setup like so: spec: provider: azure secretObjects: - secretName: keycloak-http type: Opaque data: - objectName: keycloak-password key: password - objectName: keycloak-user …
Backstage (https://backstage.io/) Application Deployment on AKS: Unable to expose Azure key vault secrets as environment variables
Hi Team, I have a backstage application running on k8 cluster (AKS) and have config which mounts azure secrets at location /mnt/secrets which is working as intended able to verify the secret has been mounted properly. Now the goal is exposing these as…