Reputation: 1
Azure Key Vault Accessibility from different Azure subscriptions
Say if I have 2 different azure subscriptions individually and I create an azure vault and store a private key in it's HSM backed azure key vault container of the 1st subscription AND from different azure subscription I want to access the private key for signing an application..
Would that be possible?
In short, manage and store HSM backed key in one azure subscription and sign or validate an application with that private key from another azure subscription... is it possible?
Upvotes: 0
Views: 515
Answers (1)
Reputation: 11411
Yes, It is possible when both the subscriptions are present on a Single tenant. So that you can assign required permissions on Management Plane and Data plane for the users or managed identities. As Managed HSM uses Azure AD authentication both the Subscriptions need to be in the same AzureAD tenant.
Reference:
Upvotes: 1
Related Questions
- Azure Application Access Only Key Vault Keys
- Azure Identity and Key Vault: How to use managed identities to authenticate?
- Azure key vault license
- Azure Keyvault to access resources from different azure subscriptions
- How to use managed identity to access key vault on different subscription of same tenant?
- Azure Key Vault Certificate based Authenication
- Azure Key vault basic
- azure key vault permisions
- Using Azure Key Vault in a separate Azure Web App
- Not able to set same name for Azure key Vault in different Subscription