Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,175 questions
2 answers
One of the answers was accepted by the question author.
How to grant App access to Azure Key Vault with read-only access to public keys only?
Is it possible to assign a role to an Azure app service to access keys in a Key Vault, but the application should only have access to the public keys only? Thanks in advance for your time.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 92%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Azure Vault on Standalone ASPNET Core WebApp
If I develop ASPNET Core 3.1 Webapp and distribute the Docker to Clients and like to secure symmmetric secret key for the WebApp access. Each docker will have their individual secret key. My Question is 1) Would someone with access to the Docker-Compose…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 52%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
Import Cert into Key vault using REST API/cURL
I am trying to import Let's Encrypt Base64-encoded cert and private key using below REST API but its failing: https://video2.skills-academy.com/en-us/rest/api/keyvault/importcertificate/importcertificate?source=docs#jsonwebkeytype The command I am…
asked 2020-11-12T03:56:27.397+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 24%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDL%3C/text%3E%3C/svg%3E)
Digit Labs
1
Reputation point
commented 2020-11-27T14:48:01.413+00:00
Digit Labs
1
Reputation point
2 answers
One of the answers was accepted by the question author.
Azure account key
hello guys, trying to use Microsoft Sustainability Calculator. While filling up the form it's asking for an account key. We tried the storage account key but doesn't seem to work. Is there an Azure account key? (not azure storage account key) If…
asked 2020-11-26T10:45:00.643+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 65%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
chris_nawig
41
Reputation points
accepted 2020-11-26T11:38:01.613+00:00
chris_nawig
41
Reputation points
1 answer
One of the answers was accepted by the question author.
is there a timelimit on a KEK to import BYOK into Azure Keyvault
Is there a timelimit on the KEK to import BYOK from a customer HSM. AWS has a timelimit of 24 hours for a similar process. Since we have some issues importing keys, i want to make sure this is not the issue we are facing. thanks and regards, …
asked 2020-11-10T13:20:00.307+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 17%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
Franck Marteaux
111
Reputation points
accepted 2020-11-26T09:56:50.957+00:00
Franck Marteaux
111
Reputation points
1 answer
know if key vault is platform or customer managed
How do I tell if a VM, or a backup is encrypted using a platform managed or a customer-managed key vault? I have a client who has multiple VMs, and uses Azure to backup in a different region and has established at least 1 key vault. How do I tell what…
asked 2020-11-10T14:24:08.457+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 7.000000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELP%3C/text%3E%3C/svg%3E)
Lynette Patterson
1
Reputation point
commented 2020-11-26T00:18:13.633+00:00
James Hamil
22,981
Reputation points Microsoft Employee
0 answers
KeyVault access 403 - Forbidden: Access is denied.
Hi Team, I have created KeyVault in Azure and assigned permission to user. (Added in access policies) He is able to access from portal.azure.com, But can't able to acces using Vault name like (https://snf-app-ep04dw.vault.azure.net/) Getting 403…
asked 2020-11-23T03:45:08.417+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 46%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Vijay Kumar
2,026
Reputation points
commented 2020-11-25T16:28:03.323+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
1 answer
sync autorenewed certificate in keyvault with AKS secrets
I'm storing TLS certificates of AKS in Azure Keyvault certificates. When these certificates in Key Vault auto renews, how that can be automatically synced with AKS secrets with out devops?
asked 2020-11-20T13:27:44.88+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 31%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Pratim Das, Partha C
306
Reputation points
commented 2020-11-25T01:59:44.543+00:00
Pratim Das, Partha C
306
Reputation points
1 answer
One of the answers was accepted by the question author.
Can not activate a Managed HSM
Hi, I tried to follow the quickstart to create and activate a managed HSM: https://video2.skills-academy.com/en-us/azure/key-vault/managed-hsm/quick-create-cli Unfortunately, the download security domain command is failed so it prevents me from activating my…
asked 2020-11-02T09:17:05.88+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 92%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECT%3C/text%3E%3C/svg%3E)
Cao Trong Thang
66
Reputation points
accepted 2020-11-23T03:47:04.8+00:00
Cao Trong Thang
66
Reputation points
1 answer
One of the answers was accepted by the question author.
error downloading credentials from vault
I urgently need to perform a backup recovery and I get an error when I try to download vault credentials. I never saw that error. Anybody know?
asked 2020-11-18T21:19:34.293+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 23%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Ricardo Parras
116
Reputation points
accepted 2020-11-19T03:15:39.67+00:00
Ricardo Parras
116
Reputation points
0 answers
CH CharanKanalaCreated on November 13, 2020 Microsoft.Azure.KeyVault Deprecated ? Unable to use Azure.Security.KeyVault.Secret package with .NET Framework based applications
Hi, Below site says that Microsoft.Azure.KeyVault package has been deprecated and use package Azure.Security.KeyVault.Secrets instead. https://www.nuget.org/packages/Microsoft.Azure.KeyVault/ I have developed an Azure Function with .NET Framework…
asked 2020-11-13T11:49:23.517+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 33%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Charan Kanala
1
Reputation point
commented 2020-11-13T22:28:32.113+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
List of Azure Data Storage Services that support BYOK
Hi, Could you confirm the list of "Azure Data Storage" Services that support BYOK (Bring Your Own Key), please. Thanks
asked 2020-11-12T15:03:17.587+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 76%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Raju Golla
41
Reputation points
accepted 2020-11-12T18:31:07.663+00:00
Raju Golla
41
Reputation points
2 answers
KeyVault Secrets read acces for guest users access packages
Hey, we're trying to set up a key vault in a way, that specific guest users in our Azure Active Directory can read the secrets in it. For that we set up a access package, which allows guest from a specific connected organization to be added to a group,…
asked 2020-10-30T16:38:39.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 69%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKV%3C/text%3E%3C/svg%3E)
Kai Vermeegen
1
Reputation point
commented 2020-11-09T19:27:40.317+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
2 answers
Generating SAS tokens for files inside my blob storage containers via key vault
Hi, I have a Microservice which is the owner of a specific blob storage. Because I don't want to store any storage keys in configuration files of the microservice, I would like to use Key Vault to generate SAS Tokens for me. Key Vault then will…
asked 2020-10-29T13:56:08.48+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 93%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Jean-Pierre Broeders
1
Reputation point
commented 2020-11-05T23:00:18.207+00:00
deherman-MSFT
35,011
Reputation points Microsoft Employee
2 answers
Unable to retrieve OAuth access token using Azure Key vault scope with Client credentials grant type
I am trying to use Azure Key vault scope in my Oauth 2.0 request to retrieve the access token using Client credentials grant type from another cloud provider.(IBM Cloud) From IBM cloud the request is been received to Azure Oauth endpoint in the below…
asked 2020-09-21T12:23:58.517+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 77%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pavani Muddana
1
Reputation point
commented 2020-11-05T07:54:30.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
soumi-MSFT
11,761
Reputation points Microsoft Employee
1 answer
Can on-premises app perform Azure AD Integrated authentication to Azure KeyVault
I read on this link , that we can use AD Integrated authentication to access Azure Key Vault from on-premises application . I know Azure Key Vault supports different authentication types like Managed Identity, by using certificate or by presenting client…
asked 2020-10-28T14:04:13.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 71%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
MS Techie
2,686
Reputation points
commented 2020-11-02T17:33:20.123+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
4 answers
Issue certificate renew using HSM vault REST API
Hi, I've created a rootCA using the following API: https://video2.skills-academy.com/en-us/rest/api/keyvault/createcertificate/createcertificate POST {vaultBaseUrl}/certificates/{certificate-name}/create?api-version=7.1 It was created for 20…
asked 2020-10-25T13:16:03.743+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 92%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Roie Rachamim
1
Reputation point
commented 2020-10-30T21:49:37.607+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
0 answers
Regarding storing/rotating azure storage account keys in Azure Key Vault and grant them for programmatic access / to mount the drive in VM
Hi Folks, I have a doubt and need assistance to clarify below mentioned with regard to storing/rotating azure storage account keys in Azure Key Vault and grant them for programmatic access / to mount the drive in VM. Hypothetically, if we are in a…
asked 2020-10-28T13:29:40.857+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 55.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Rizmi Razik
1
Reputation point
commented 2020-10-30T15:32:40.98+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Key Vault authentication
Hi, What is the best way of setting up authentication for key vault when you have the following? One Key Vault for each Subscription Dedicated resource group for each Key Vault Questions: Management plane - RBAC Should it be dedicated…
asked 2020-10-23T14:01:23.697+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 43%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Linda Renate Andersen
196
Reputation points
accepted 2020-10-29T12:25:42.817+00:00
Linda Renate Andersen
196
Reputation points
3 answers
Authorize with Key Vault in Powershell
Hey everyone I am trying to get an overview over our O365-Licences in PRTG. I was able to see all licences after running this script on a sensor in PRTG: https://github.com/debold/PRTG-O365Licensing The problem is that I had to run the skript…
asked 2020-10-26T15:08:41.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 34%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
taa66
1
Reputation point
answered 2020-10-27T21:48:12.523+00:00
JamesTran-MSFT
36,531
Reputation points Microsoft Employee