Skip to content

[FEATURE] Export key vault key metadata via data plane API #3265

New issue
New issue
Open
Feature
Open
[FEATURE] Export key vault key metadata via data plane API#3265
Feature
Labels
feature: in-flight-exportIssues that related to exporting resource data for in-flight analysis.
@BernieWhite

Description

@BernieWhite
BernieWhite
opened on Feb 27, 2025

Your suggestion

The rule Azure.KeyVault.AutoRotationPolicy requires reading the key rotation policy but that is only available from the data plane API.

Currently the export process doesn't handle this option, and additional considerations such as RBAC or access policy permissions to the Keys is required (as well as network connection via Intermet/ service firewall/ private endpoints depending on the configuration).

Export of this data can be enabled however:

  1. We need to take precautions that the key is not exported.
  2. This should be opt-in to connect to the data plane for customers that want to.
  3. Documentation needs to be built to support this.

Alternatives

n/a

Additional context

See #3261

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature: in-flight-exportIssues that related to exporting resource data for in-flight analysis.

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions