Key Vault - Allow using AD Groups (RBAC) on Keys and Secret level
I am an infrastructure admin, and i would like to use a single keyvault where i can maintain secrets and keys and use RBAC to allow users, Groups, Service Principals to insure they only have access to what they need. this would simplify my administration of this service, perhaps adding folders/group tags to secrets within the keyvault and setting permissions based on those would also be an option
Work on extending RBAC integration with Key Vault to be able to create certificate/secrets/keys permission. Also ability to manage keys, secrets, certificates permissions across key vaults : management group, subscription, resource group level.(Edited by admin)
Justin King commented
Which means it is by far the #1 request for Key Vault. Considering we are in Q4 2019 ... think this can at least hit the backlog?
Omer Zubair commented
+1. item level security i.e RBAC per secret/cert level
Fernando Simonazzi commented
Pradeep Kumar Reddy commented
Can anyone please tell me how to configure same scenario in my azure subscription.
Laurent [@MSFT] commented
RBAC at the secret, key and certificate level!