search

Azure / azure-cli

Azure Command-Line Interface
MIT License
4.03k stars 3.01k forks source link

Azure Key Vault - Add network option "allow access from azure portal" #21424

Open SenorRagequit opened 2 years ago

SenorRagequit commented 2 years ago

Is your feature request related to a problem? Please describe.

We are using Terraform to create KeyVaults (KV) and add secrets to it.
The networking we have to use for the KV is pretty strict so that pretty much nothing leaves the network of the KV. But since we have that option enabled, we can't just start a Terraform Script in the Cloudshell from anywhere, we always have to use a jumphost or any server from inside the network itself which is annoying since all you do is start the script in the cloudshell.
As another option, we have to manually grab our current external azure cloudshell IP and add it to the networking firewall, so we can quickly add the secrets and then remove that IP again.

Describe the solution you'd like

A really easy solution would be to have the same checkbox option as the Azure CosmosDB, "Allow access from azure portal". grafik

Describe alternatives you've considered

See above

Additional context

yonzhan commented 2 years ago

key vault

ghost commented 2 years ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @RandalliLama, @schaabs, @jlichwa.

Issue Details
**Is your feature request related to a problem? Please describe.** We are using Terraform to create KeyVaults (KV) and add secrets to it. The networking we have to use for the KV is pretty strict so that pretty much nothing leaves the network of the KV. But since we have that option enabled, we can't just start a Terraform Script in the Cloudshell from anywhere, we always have to use a jumphost or any server from inside the network itself which is annoying since all you do is start the script in the cloudshell. As another option, we have to manually grab our current external azure cloudshell IP and add it to the networking firewall, so we can quickly add the secrets and then remove that IP again. **Describe the solution you'd like** A really easy solution would be to have the same checkbox option as the Azure CosmosDB, "Allow access from azure portal". ![grafik](https://user-images.githubusercontent.com/50502395/155415296-434907d3-aaa0-4416-99b1-af88c5d4a843.png) **Describe alternatives you've considered** See above **Additional context**
Author: SenorRagequit
Assignees: evelyn-ys
Labels: `KeyVault`, `Service Attention`, `customer-reported`, `feature-request`, `Auto-Assign`
Milestone: Backlog