Recently I experienced an odd error with Azure Key Vault, which confused me for a while, so I’m posting it here in case others hit the same problem. The issue occurred in my case when trying to add a secret using Infrastructure as Code, but I suspect it would occur when manually adding a secret via portal or CLI as well. When attempting to add the new secret, I got the error below:
How to use the Azure Key Vault CSI driver to create secrets as well as volume mounts, from your Azure Key Vault secrets.
Azure Key Vault now works with Azure RBAC and it’s time to move away from Access Policies
Azure Key Vault now integrates with third-party CA’s to let you automate the creation and renewal of SSL certificates.
In any application it is likely you are going to need access to some “secret” data, connection strings, API keys, passwords etc. It is essential that the applications that need them can access these secrets, but that they are also kept secure. One way of doing this is using Azure Keyvault; this is a secure store which can hold secrets, keys and certificates and allow applications to access them securely. Generally, Keyvault Secrets are accessed by the application making a call to the KeyVault API and providing the appropriate credentials (username/password, certificate or managed service identity).