Reputation: 1511
unable to add Firewall Rule to Azure Key Vault using PowerShell
I want to add / remove firewall rules to Azure Key Vault. I am using the below cmdlets to achieve it. The cmdlets just run and do not output anything. And from the portal - firewall section of Key Vault, no rule gets updated.
I have tried all possible combinations. Like, adding/removing "/32", adding/removing "resource group", using "keyVault" object, etc., nothing seems to be working.
Are the cmdlets broken or am I missing anything? Please help me.
Remove-AzureRmKeyVaultNetworkRule -VaultName "testfwrulekeyvault" -IpAddressRange "3.3.3.3/32"
Add-AzureRmKeyVaultNetworkRule -VaultName "testfwrulekeyvault" -IpAddressRange "2.2.2.2"
Upvotes: 0
Views: 1928
Answers (1)
Reputation: 31424
It seems you need to enable the service endpoints of your Vnet and subnet. And at the end, you should update the key vault and set the default action to Deny to turn on the network rules. See all the steps about Configure Azure Key Vault firewalls and virtual networks.
Update
If you just want to add the rules through the Powershell command Add-AzureRmKeyVaultNetworkRule or Remove-AzureRmKeyVaultNetworkRule. Then it works when you execute them without error. See the screenshot:
Upvotes: 1
Related Questions
- Unable to Set-AzureRmKeyVaultAccessPolicy
- Update firewall rule of Azure KeyVault using Terraform
- Add-AzKeyVaultNetworkRule on Powershell script throwing error
- New-AzureRmKeyVault : 'vaultName' does not match expected pattern
- How to enable all the firewall rules on Azure Application Gateway via Powershell?
- Azure Key Vault: Secret not found error
- Azure Key Vault Add Access Policy with C#
- Unable to access Azure Key vault secret in a powershell script running on Azure Devops
- Cannot add a key to Azure Key Vault in PowerShell - 'Unauthorized'
- Key Vault returns 401 with access token (MSI PowerShell Function App)