Closed DrDallas closed 2 years ago
Register-SecretVault
does not test vault functionality but only registers it to the SecretManagement database. Test-SecretVault
is intended to verify the extension vault is functioning properly. It is up to the extension vault to provide good user messages, but you might get more information by looking closer at the error record returned by the extension vault, for example any inner exceptions associated with it.
But I agree that the initial errorrecord message should be more helpful. Please create an issue with the Az.KeyVault.Extension repo since that is where the error is originating from.
I have opened an issue with Az.KeyVault.
Consider the following commands:
The
Test-SecretValue
function returns:The problem is that
$mySubscription
is not a string, but, instead, aSelected.Microsoft.Azure.Commands.Profile.Models.PSAzureSubscription
. and$myKeyVaultName
is aSelected.Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultIdentityItem
.Register-SecretVault
should have returned some sort of error during registration because either (1) the registration failed or (2) incorrect data/data types were supplied.When
$mySubscription
and$myKeyVaultName
are strings with the appropriate values, thenTest-SecretVault
works as expected. This works:Either
Microsoft.PowerShell.SecretManagement
orAz.KeyVault.Extension
should return some sort of error, or, at a minimum,Test-SecretVault
should return better error messages during registration because, as is seen in the code example above, the current user was logged in to the Azure account subscription.