Reputation: 1
Unable to create Azure Key Vault secret inside our Microsoft Partner centre. "The operation "Set" is not enabled in this key vault's access policy."
We are managing our customers' azure subscriptions using Microsoft Partner Centre >> and using a username I create a new Azure Vault for a customer>> but when I tried to create a new Secret inside the Azure Vault , I got this error:-
The operation "Set" is not enabled in this key vault's access policy.
now when I access the Key Vault >> Access Policy >> I am unable to add the login username which I used to create the Key Vault inside the Key Vault access policy, where I am only able to add the office 365 admin:-
so any advice why i am able to create a new Key Vault, while i am unable to add Secrets inside it?
Upvotes: 0
Views: 2002
Answers (1)
Reputation: 16438
When you create the Key vault, you should add the CSP access policy rather than normal access policy.
After you click on it, you can specify CSP security group (it has shown the steps to get the group id).
Then the CSP user can create secret in this key vault after it's created.
Upvotes: 0
Related Questions
- Either this secret is disabled or you do not have the "Get" secret permission
- Azure key vault creation error: VaultAlreadyExists - I can't find the existing vault
- error while trying to decrypt using azure vault certificate key: "Operation returned an invalid status code 'Forbidden'"
- Unable to create secrets in Azure Key Vault if using Azure role-based access control
- The user, group or application does not have secrets get permission on key vault
- Can't use azure key vault ('New-AzureKeyVault' is not recognized) ('keyvault' is not an azure command)
- Cannot set secret value in Azure Key Vault
- Azure Key Vault: Secret not found error
- Cannot add a key to Azure Key Vault in PowerShell - 'Unauthorized'
- Create Azure Key Vault C# error remote server returned an error: (403) Forbidden