ARM template keyvault secret upload/push is not working

Issue Details

I am not sure what the problem is. I have a template that creates a few resources, then a key vault, then tries to save some of the output of the resources to the key vault as secrets. It is this secret save that was failing.

So I shortened the template to try to find the root cause, until I was left with just:

keyvault.json:

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "kv_name": {
      "type": "string"
    }
  },
  "functions": [],
  "resources": [
    {
      "type": "Microsoft.KeyVault/vaults/secrets",
      "name": "[concat(parameters('kv_name'), '/', 'container_server')]",
      "apiVersion": "2019-09-01",
      "properties": {
        "value": "whatever"
      }
    }
  ]
}

The key vault already exists. I have set the access policy to give me (my AD user ID) full authority for all secrets on the vault, and there is no network firewall, it is open.

Then I run, on the CLI:

az deployment group create -f ./keyvault.json -g <myRG>

This is as bare-bones as I can imagine. Everything else is working, except for the secrets, which I have shrunk down to the template shown above.

I keep getting the following unfortunately useless error:

Deployment failed. Correlation ID: f4ccf19c-b6a1-4e46-9604-81d29044e957. {
  "error": {
    "code": "BadRequest",
    "message": ""
  }
}

Empty message, unhelpful "BadRequest" code. :(

Any ideas what is happening? There is no other possible security issue that could be blocking it. I am able to upload secrets myself via the portal. I am able to launch other services, so I think my IAM credentials should be fine.

Azure / azure-quickstart-templates

ARM template keyvault secret upload/push is not working #8935

Issue Details