Do you have an idea or a suggestion for Azure Key Vault based on your experience?

← Azure Key Vault

ARM Template for KeyVault to have AccessPolicies non-mandatory

Hi,
It would be better for idempotency and the ability to create Keyvault first, with additional incrementally run ARM templates to have AccessPolicies as non-mandatory.

It is already possible to incrementally add AccessPolicies once you have a KeyVault, but it is not possible to create or update a Keyvault via ARM without specifying the AccessPolicies... which is a problem for update - you need to know all the existing AccessPolicies before you do the update or it will get reverted to whatever you specify.

23 votes

Sign in

Your name

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

Dan Byrne shared this idea · May 31, 2018 · Flag idea as inappropriate… · Admin →

3 comments

Add a comment…

Sign in

Your name

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

Filip Scherwin Lindboe commented · January 10, 2019 2:20 AM · Flag as inappropriate

I agree. I have a fully automated deployment using Azure DevOps. Here i have some access policies that needs to be assigned more dynamically according to context, so i am setting these through a script. Other access policies are static and is set using ARM template. But the fact that the access policies are being overwritten when deploying the ARM template has caused me some grief.
Toby Meyer commented · December 22, 2018 10:31 PM · Flag as inappropriate

This breaks incremental deployments in a fundamental way. I use other deployment actions to manipulate KV permissions programmatically & this makes it substantially more complex.
Anonymous commented · November 11, 2018 7:49 AM · Flag as inappropriate

Agreed.

Azure Key Vault: Other

Searching…

No results.
Clear search results

Give feedback
- (General Feedback) 3,627 ideas
- Additional Services 193 ideas
- Analytics Platform System 8 ideas
- API Apps 2 ideas
- API Management 372 ideas
- Application Insights 444 ideas
- Automation 380 ideas
- Azure Active Directory 2,516 ideas
- Azure Active Directory Application Requests 189 ideas
- Azure Alert Management 47 ideas
- Azure Analysis Services 117 ideas
- Azure Backup 318 ideas
- Azure Bot Service 40 ideas
- Azure Cloud Shell 167 ideas
- Azure Container Instances 62 ideas
- Azure Container Registry 44 ideas
- Azure Cosmos DB 282 ideas
- Azure CycleCloud 1 idea
- Azure Data Explorer 20 ideas
- Azure Database for MariaDB 5 ideas
- Azure Database for MySQL 39 ideas
- Azure Database for PostgreSQL 74 ideas
- Azure Database Migration Service 18 ideas
- Azure Databricks 31 ideas
- Azure DDoS Protection 6 ideas
- Azure Digital Twins 9 ideas
- Azure Event Grid 33 ideas
- Azure Functions 134 ideas
- Azure Governance 37 ideas
- Azure Government 68 ideas
- Azure IoT 206 ideas
- Azure IoT Central 35 ideas
- Azure IoT Device Catalog 5 ideas
- Azure IoT Edge 39 ideas
- Azure IoT Solution Accelerators 11 ideas
- Azure Key Vault 67 ideas
- Azure Kubernetes Service (AKS) 88 ideas
- Azure Management Groups 3 ideas
- Azure Maps 31 ideas
- Azure Marketplace 358 ideas
- Azure Media Services 209 ideas
- Azure Migrate 20 ideas
- Azure mobile app 169 ideas
- Azure Monitor 32 ideas
- Azure Pack 291 ideas
- Azure portal 1,968 ideas
- Azure Resource Manager 364 ideas
- Azure Search 194 ideas
- Azure Security Center 126 ideas
- Azure SignalR Service 3 ideas
- Azure Sphere 27 ideas
- Azure Stack 110 ideas
- Azure TCO Calculator 26 ideas
- Azure Time Series Insights 1 idea
- Batch 38 ideas
- Batch AI 7 ideas
- Biztalk Services 23 ideas
- Blockchain 30 ideas
- Cache 37 ideas
- CDN 71 ideas
- Cloud Services (Web and Worker Role) 266 ideas
- Cost Management 152 ideas
- Customer Insights 13 ideas
- Customer Lockbox for Microsoft Azure 0 ideas
- Data Catalog 101 ideas
- Data Factory 540 ideas
- Data Lake 321 ideas
- Data Science VM 18 ideas
- Diagnostics and Monitoring 178 ideas
- Event Hubs 4 ideas
- Global Infrastructure 16 ideas
- HDInsight 108 ideas
- Lab Services 228 ideas
- Log Analytics 819 ideas
- Logic Apps 1,066 ideas
- Machine Learning 416 ideas
- Mobile Engagement 19 ideas
- Networking 533 ideas
- Notification Hubs 38 ideas
- Scheduler 45 ideas
- Scripting and Command Line Tools 88 ideas
- SDK and Tools 123 ideas
- Security and Compliance 64 ideas
- Service Bus 163 ideas
- Service Fabric 260 ideas
- Signup and Billing 1,011 ideas
- Site Recovery 200 ideas
- SQL Data Sync 64 ideas
- SQL Data Warehouse 215 ideas
- SQL Database 480 ideas
- SQL Managed Instance 44 ideas
- SQL Server 8,792 ideas
- Storage 558 ideas
- StorSimple 44 ideas
- Stream Analytics 210 ideas
- Support Feedback 226 ideas
- System Center Data Protection Manager 91 ideas
- Update Management 94 ideas
- Virtual Machines 1,242 ideas
- Web Apps 259 ideas
Microsoft Azure