0

I am deploying an Azure Key Vault with ARM templates and would like to add a Service Principal to the Access Control Policies. Therefore I create an App in the Azure Active Directory and get the Object Id of the App:

enter image description here

Then I add the entry to the parameter file:

"accessPolicies": {
    "value": [
        {
            "objectId": "xxx",
            "tenantId": "xxx",
            "permissions": {
                "keys": [
                    "Get",
                    "List",
                    "Update",
                    "Create",
                    "Import",
                    "Delete",
                    "Recover",
                    "Backup",
                    "Restore"
                ],
                "secrets": [
                    "Get",
                    "List",
                    "Set",
                    "Delete",
                    "Recover",
                    "Backup",
                    "Restore"
                ],
                "certificates": [
                "Get",
                "List",
                "Update",
                "Create",
                "Import",
                "Delete",
                "Recover",
                "Backup",
                "Restore",
                "ManageContacts",
                "ManageIssuers",
                "GetIssuers",
                "ListIssuers",
                "SetIssuers",
                "DeleteIssuers"
                ]
            }
        }
    ]
}

But in a subsequent Azure Key Vault task I get an Access Denied error.

What do I have to do to be able to add a Service Principal to the Azure Key Vault via Template deployment with proper access rights?

Improve this question

1 Answer 1

Reset to default
1

The issue is that the "wrong" object id is selected. Instead of getting the object id from App registrations it is necessary to get it from Enterprise applications

enter image description here

Another option to get there via the UI is clicking on Managed application in local directory -> Properties

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.