Hi! All :slightly_smiling_face: . I am trying to s...
# azure
Hi! All 🙂 . I am trying to store some secrets in a previously existing keyvault using azure native. When I run
pulumi up
I get the following error:
cannot check existence of resource '/subscriptions/SubscriptionId/resourceGroups/ResourceGroupName/providers/Microsoft.KeyVault/vaults/KeyvaultName/secrets/J7LOPKWUD2HP2WY3': status code 403, {"error":{"code":"AuthorizationFailed","message":"The client 'xxxxx' with object id 'xxxxx' does not have authorization to perform action 'Microsoft.KeyVault/vaults/secrets/read' over scope '/subscriptions/SubscriptionId/resourceGroups/ResourceGroupName/providers/Microsoft.KeyVault/vaults/KeyvaultName/secrets/J7LOPKWUD2HP2WY3' or the scope is invalid. If access was recently granted, please refresh your credentials."}}
ARM_CLIENT_ID, ARM_CLIENT_SECRET and ARM_SUBSCRIPTION_ID are set as environment variables and tested since creating a simple python program using
they work perfect. Could anyone assist here? What am I missing? Should I introduce extra code not using pulumi to save the secrets to a keyvault?
Finally some permissions were missing at the subscription