Cannot add a key to Azure Key Vault in PowerShell - 'Unauthorized'

Question

Okay so I am following the tutorial here: https://learn.microsoft.com/en-us/azure/key-vault/key-vault-get-started. I am fine till the section Add a key or secret to the key vault

Basically it asks you to do this to a valid key vault:

$key = Add-AzureKeyVaultKey -VaultName 'DjangoKeyVault' -Name 'DjangoKey' -Destination 'Software'

It returns

Add-AzureKeyVaultKey : Operation returned an invalid status code 'Unauthorized'

I have tried this using Power Shell Command locally and logging into my Azure Account remotely. I can verify the subscription and that the vault exists. I can also use the 'PowerShellPreview' in Azure directly and get the same deal. How in the world can I be the admin of the Azure site, logged in with elevated permissions, and not have authorization? Do I need to set up Azure AD?

Answer 1

I test the command, it works fine on my side.

Also, I could reproduced your issue with a wrong VaultName, so I think you could check it first.

Besides, here is some information for you to refer. I use my account to run the command in the PowerShell ISE, my account is an owner of the subscription, the keyvault was created by my account.

How in the world can I be the admin of the Azure site, logged in with elevated permissions, and not have authorization? Do I need to set up Azure AD?

You could try to do the steps below.

1.Add your account in the Access control (IAM) in the key vault.

2.Add your account in Access policies -> Add new