I'm used to use GCP's secret manager. There, we can create a secret and give a specific READ permission for one specific service account. I mean, let's say we create a secret ABC and a service account "getsecretaccount", I can…
I need to add roles for my app service so that it can access the secret in Azure key-vault where Can I find the scope for the secret? resource "azurerm_role_assignment" "GetKey" { scope = ????????? # how can I find…
I have a Bicep template where I create an App Service in which I need to link a SSL certificate that exists in Key Vault (both in same resource group). The Key Vault has Azure RBAC enabled. I use the…
I'm getting a token from Azure KeyVault. I setup the keyvault in Program.cs file. It works as long as the Azure account in Visual Studio got access. obviously once that account doesn't have access, an error is thrown. How do…
Is there a python sdk call to download the publickey in .pem format from the azure keyvault. Yes, we can download the publickey using the Az CLI "az keyvault key download " and directly using the azure portal, but we…
I have an Azure resource group and a user managed identity which has access to my Azure KeyVault but I do not seem to understand how this should work locally. I want to access my dev environment keyvault when running…
I am using let's encrypt certificate and azure key vault to automate renewal process using this repo: https://github.com/brent-robinson/posh-acme-azure-example I have installed the module Az.KeyVault using yaml on azure devops pipeline: # Install the Az PowerShell modules our script will need…
Trying to assign permissions for the app service deployment slot to keyvault and having a hell of a time getting it { "tenantId": "[subscription().tenantId]", "objectId": "[resourceId('Microsoft.Web/sites/slots', parameters('azureAppService').webSiteName, 'DEV').identity.principalId]", "permissions": { "secrets": [ "Get" ] } } Not sure what I'm…
There was some dependency incompatibility occurring because we were using an older version of azure keyvault (azure-keyvault-secrets-spring-boot-starter 2.2.1) but it got updated and we are upgrading it to azure-spring-boot-starter-keyvault-secrets 4.0.0. Now the keyvault isn't being connected maybe because the application.yml…
AzureKeyVault@1 task retrieves all the secrets, some of the secrets are displayed as *** whereas some newly created ones are shown as plain text. A part of my pipeline: steps: - task: AzureKeyVault@1 displayName: Download secrets from KeyVault inputs: azureSubscription:…