Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Export key vault key metadata via data plane API #3265

Open
BernieWhite opened this issue Feb 27, 2025 · 0 comments
Open

[FEATURE] Export key vault key metadata via data plane API #3265

BernieWhite opened this issue Feb 27, 2025 · 0 comments
Labels
feature: in-flight-export Issues that related to exporting resource data for in-flight analysis.

Comments

@BernieWhite
Copy link
Collaborator

Your suggestion

The rule Azure.KeyVault.AutoRotationPolicy requires reading the key rotation policy but that is only available from the data plane API.

Currently the export process doesn't handle this option, and additional considerations such as RBAC or access policy permissions to the Keys is required (as well as network connection via Intermet/ service firewall/ private endpoints depending on the configuration).

Export of this data can be enabled however:

  1. We need to take precautions that the key is not exported.
  2. This should be opt-in to connect to the data plane for customers that want to.
  3. Documentation needs to be built to support this.

Alternatives

n/a

Additional context

See #3261
@BernieWhite BernieWhite added the feature: in-flight-export Issues that related to exporting resource data for in-flight analysis. label Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature: in-flight-export Issues that related to exporting resource data for in-flight analysis.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BernieWhite