Unable to set secret value in Azure Key Vault

Question

Unable to set secret value in Azure Key Vault

I am trying to create a secret value using Azure Key Vault. I follow the tutorial from Microsoft located here ... https://azure.microsoft.com/en-us/documentation/articles/key-vault-get-started/

I managed to create a keystore using ...

New-AzureRmKeyVault -VaultName 'MyKeyVaultName' -ResourceGroupName 'MyResourceGroup' -Location 'West US'

I can also verify that it was created using ...

Get-AzureRmKeyVault

I can create a secret value using the following ...

$secretvalue = ConvertTo-SecureString 'Pa$$w0rd' -AsPlainText -Force

However, when I try to install the key ...

$secret = Set-AzureKeyVaultSecret -VaultName 'MyKeyVaultName' -Name 'SQLPassword' -SecretValue $secretvalue

I get an error

Set-AzureKeyVaultSecret : Operation "set" is not allowed

I thought I got all access to Key Vault by creating it? Do I need to add specific permissions?

Here is a screen capture of the error from powershell

+6

azure-keyvault

webworm Mar 17 '16 at 20:34

source share

2 answers

The problem you are facing is that you are not creating a key for Add-AzureKeyVaultKey privacy, you need to call Add-AzureKeyVaultKey to create this key. Like this...

 $vault = Get-AzureRmKeyVault $secretvalue = ConvertTo-SecureString 'Pa$$w0rd' ` -AsPlainText -Force $key = Add-AzureKeyVaultKey -VaultName $vault.VaultName ` -Name Test01 ` -Destination Software (Get-AzureKeyVaultSecret -VaultName $vault.VaultName ` -Name test01).SecretValueText

which returns

Pa $$ w0rd

+2

Michael b Apr 11 '16 at 18:22

source share

Lars · Accepted Answer · 2016-04-11T17:19:03+0000

There is probably a problem with access permissions. Try the following:

 Set-AzureRmKeyVaultAccessPolicy –VaultName '{your vault name}' –UserPrincipalName '{your account email}' –PermissionsToKeys all –PermissionsToSecrets all

Unable to set secret value in Azure Key Vault

More articles: