In order for our organization to fully adopt Azure Key Vault for managing passwords and secrets we need to be able to support at a minimum allowing _ (underscrores) and other special characters in the naming convention as we have hundreds of names that contain underscores in them such as account_test, account_prd, etc..

Reading through the documentation online I can't find any technical reason as to why special characters aren't supported but this is a show stopper at this point for us until this is added/supported.

Currently, you can only back up each secret one at a time. I would like the ability to back all the secrets up and obviously, store them in an encrypted storage account or vault.

Portal experience for creating a Key Vault Managed Storage Account and/or for 'On-Boarding' a Storage Account into being managed by a given Key Vault Key

This is possible with PowerShell and AzureCLI (as described here: https://docs.microsoft.com/en-us/azure/key-vault/key-vault-ovw-storage-key) but there is not portal experience for doing this.

Originally mentioned in this Github Issue:
https://github.com/MicrosoftDocs/azure-docs/issues/10555

We are creating a solution where multiple services (backend servers from different departments, ...), will use key vault to retreive their access keys. It would be great to be able to give a backend service access to only the relevant entry (e.g. only to secret1 and certificate2).
The problem is, that a user that has access (to secrets for example), automatically has access to all secrets.

In other words: Add access policies to secrets, keys and certificates

You can create multiple versions for a given secret, however the api only allows a delete to be performed at the secret level and not for an individual version.

It’s important to know if keys / Secrets are updated in key vault so that necessary actions with consuming application can be taken when this occurs...

When I generate a manual type secret, it's impossible to save the multiple lines' secret(SSH private key) value, in fact, I think the input box should take text area as an option.

Many of our vendors require us to send them files via SFTP using their public encryption keys most of which are PGP keys. As we start to migrate our Managed File Transfer service to Azure we'd like to leverage storing these keys in Azure Key Vault

Is there a way that I can re-add my App Service Certificate to my Key Vault?
The reason I'm asking is that I accidentally deleted the certificate from the Key Vault. The App Service Certificate resource is still there, but the certificate no longer shows up in my Key Vault (obviously).

https://stackoverflow.com/questions/53202773/azure-manually-add-app-service-certificate-to-key-vault

As a compliance activity we remove secrets (app secrets, connection strings, etc) from code and upload them to Azure Key Vault. That provides an opportunity to roll them and have fresh secrets at the moment they are put into the vault.

The current key vault document is really messy, it's really hard to know the whole e2e workflow to setup a keyvault for a web app.
For example, where to get the client id and client password, how to connect the key vault with application, why there are so many old portal screenshots, why so many powershell scripts if we can just click some button via portal

Configuration secrets such as connection strings will change from one deployment slot to another. Adding the deployment slot concept to Key Vault would eliminate the need to hack that concept into the secret names and the code used to retrieve the secrets.