An error occurred while saving the commentPeter commented
Who can explain in details what createMode=recover does and what is the consequence of using it? What is only officially documented is: "The vault's create mode to indicate whether the vault need to be recovered or not. - recover or default".
I tested and used this "recover" mode due to fact mentioned below. I do not want to wipe access policies which are applied grammatically out of the scope of ARM template.
What I noticed with createMode=recover is the fact that NetworkAcl defined in the keyvault ARM resource does not have any effect. And after successful arm deployment, the network access of KeyVault is still set for every network and not just for vnet as defined in the ARM. Is that expected behaviour?Peter supported this idea ·