No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<https://github.com/pulumi/pulumi-azure-native/issues/3000|#3000 Unable to create secrets using azure_native library>
Issue created by <https://github.com/fernanvarelamews|fernanvarelamews>
Hi! All :slightly_smiling_face: . I am trying to store &lt;<https://www.pulumi.com/registry/packages/azure-native/api-docs/keyvault/secret/%7Csome|https://www.pulumi.com/registry/packages/azure-native/api-docs/keyvault/secret/|some> secrets&gt; in a previously existing keyvault using azure native. When I run `pulumi up` I get the following error:

`cannot check existence of resource '/subscriptions/SubscriptionId/resourceGroups/ResourceGroupName/providers/Microsoft.KeyVault/vaults/KeyvaultName/secrets/J7LOPKWUD2HP2WY3': status code 403, {"error":{"code":"AuthorizationFailed","message":"The client 'xxxxx' with object id 'xxxxx' does not have authorization to perform action 'Microsoft.KeyVault/vaults/secrets/read' over scope '/subscriptions/SubscriptionId/resourceGroups/ResourceGroupName/providers/Microsoft.KeyVault/vaults/KeyvaultName/secrets/J7LOPKWUD2HP2WY3' or the scope is invalid. If access was recently granted, please refresh your credentials."}}`

ARM_CLIENT_ID, ARM_CLIENT_SECRET and ARM_SUBSCRIPTION_ID are set as environment variables and tested since creating a simple python program using `azure.keyvault.secrets` and `azure.identity` they work perfect.

Could anyone assist here? What am I missing? Should I introduce extra code not using pulumi to save the secrets to a keyvault?

<https://pulumi-community.slack.com/archives/CRVK66N5U/p1704446819783639|Slack Message>
<https://github.com/pulumi/pulumi-azure-native|pulumi/pulumi-azure-native>