Search code examples

How to add new access policy to Azure key vault without deleting all existing access policies. Using Azure SDK for .net Azure.ResourceManager.KeyVault

The question is in the title, I cannot find a way to add Access Policies to a key vault without deleting all the existing access policies. I have asked the same question in the project github, without any help there yet.

I am using Azure.ResourceManager.KeyVault version 1.2.3


  • I got a working answer in the github thread now.

    IdentityAccessPermissions accessPermissions = new IdentityAccessPermissions()
        Secrets =
    KeyVaultAccessPolicy accessPolicy = new KeyVaultAccessPolicy(tenantId, principalId1, accessPermissions);
    var accessPolicies = new List<KeyVaultAccessPolicy>() { accessPolicy };
    var updateProperties = new KeyVaultAccessPolicyProperties(accessPolicies);
    var updateParameters = new KeyVaultAccessPolicyParameters(updateProperties);
    keyVault.UpdateAccessPolicy(AccessPolicyUpdateKind.Add, updateParameters);

    Actually, I already tried that, but didn't know it was working since it wasn't showing in the keyvault instances access policies. I had to get the keyvault instance again to get the added access policy.

    vaultCollection = resourceGroup.GetKeyVaults();
    keyVault = vaultCollection.First(x => x.Id == keyVault.Id);

    Now, the keyVault contains the added access policy.