I’m working on enabling Azure Key Vault backup. I need to gather secrets, keys, certificates, and access policies, then save them to a storage account. However, I’ve encountered an issue where the Azure Key Vault cannot retrieve the access policies information, even though I have Key Vault Administrator permissions.
This problem does not occur in other key vaults I’ve tested. I would like to know if there is an issue with my PowerShell script or a misconfiguration in the key vault.
My test case:
1. 2 Key Vaults with same data and configuration and the Key Vault Administrator granted for both key vaults.
2. My PowerShell test result.
PS C:\Users\azureadmin> $keyVaultAccessPolicies = Get-AzKeyVault -VaultName kv-eas-kvauto-01
PS C:\Users\azureadmin> Write-Output $keyVaultAccessPolicies.AccessPolicies
Tenant ID : xxxxxx-xxxxxx-xxxxx-xxxxx-xxxxxx
Object ID : xxxxxx-xxxx-xxxx-xxxx-xxxx
Application ID :
Display Name : xxxxxxxxxxxxxxx
Permissions to Keys : {Get, List, Update, Create...}
Permissions to Secrets : {Get, List, Set, Delete...}
Permissions to Certificates : {Get, List, Update, Create...}
Permissions to (Key Vault Managed) Storage : {}
PS C:\Users\azureadmin> $keyVaultAccessPolicies = Get-AzKeyVault -VaultName kv-eas-kvauto-02
PS C:\Users\azureadmin> Write-Output $keyVaultAccessPolicies.AccessPolicies
PS C:\Users\azureadmin>
