Closed cathalmchale closed 3 months ago
Hi @cathalmchale ..currently this is not supported by the service, and we have added this to our backlog. We will report back once we implement this.
Hi @Sachid26 - any update on this feature? Is there any work around?
Hi - Any update on this feature? Is there any work around?
Bump... Any update?
Bump... Any update?
Bump... Any update?
Bump... Any update?
Azure load testing service now supporting Azure keyvaults behind a firewall or a private virtual network.
If you restricted access to your Azure key vault by a firewall or virtual networking, follow these steps to grant access to trusted Azure services.
@Nagarjuna-Vipparthi Can we close the issue now?
Sure
On Mon, Apr 8, 2024, 10:47 Sulabh Upadhyay @.***> wrote:
@Nagarjuna-Vipparthi https://github.com/Nagarjuna-Vipparthi Can we close the issue now?
— Reply to this email directly, view it on GitHub https://github.com/microsoft/azure-load-testing/issues/117#issuecomment-2043322480, or unsubscribe https://github.com/notifications/unsubscribe-auth/AED5OBLQQ6BYGURWCAHDFGLY4LJ27AVCNFSM6AAAAAARXEFFFSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANBTGMZDENBYGA . You are receiving this because you commented.Message ID: @.***>
Requested feature is now supported. Closing the issue.
Describe the bug Azure Load Test can access Key Vault, only if setup to allow access from All public networks. If Key Vault chooses to limit public access to specific vnets, then Load Test can no longer fetch secrets. This is true even when the "allow trusted Microsoft services" option is selected:
To Reproduce Steps to reproduce the behavior:
Expected behavior Should be able to access the more private Key Vault - either by being able to specify a vnet when creating the Load Testing instance, or by having Azure Load Testing be a "trusted Microsoft resource" that can still gain access to the Key Vault.
Screenshots Private vs Public Key Vault. As in steps to repro, the access policies in both Key Vaults are the same, using the same identity. Then the same Load Test is used to trigger a success and a failure, varying only the URL of the Key Vault secret.
The more private Key Vault looks like this:
Additional context Have tried with both User managed and System managed identities.
AB#1665865