-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure Load Test is not recognized as a trusted resource to bypass Key Vault firewall #117
Comments
Hi @cathalmchale ..currently this is not supported by the service, and we have added this to our backlog. We will report back once we implement this. |
Hi @Sachid26 - any update on this feature? Is there any work around? |
Hi - Any update on this feature? Is there any work around? |
Bump... Any update? |
3 similar comments
Bump... Any update? |
Bump... Any update? |
Bump... Any update? |
Azure load testing service now supporting Azure keyvaults behind a firewall or a private virtual network. If you restricted access to your Azure key vault by a firewall or virtual networking, follow these steps to grant access to trusted Azure services. |
@Nagarjuna-Vipparthi Can we close the issue now? |
Sure
…On Mon, Apr 8, 2024, 10:47 Sulabh Upadhyay ***@***.***> wrote:
@Nagarjuna-Vipparthi <https://github.com/Nagarjuna-Vipparthi> Can we
close the issue now?
—
Reply to this email directly, view it on GitHub
<#117 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AED5OBLQQ6BYGURWCAHDFGLY4LJ27AVCNFSM6AAAAAARXEFFFSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANBTGMZDENBYGA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Requested feature is now supported. Closing the issue. |
Describe the bug
Azure Load Test can access Key Vault, only if setup to allow access from All public networks. If Key Vault chooses to limit public access to specific vnets, then Load Test can no longer fetch secrets. This is true even when the "allow trusted Microsoft services" option is selected:
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Should be able to access the more private Key Vault - either by being able to specify a vnet when creating the Load Testing instance, or by having Azure Load Testing be a "trusted Microsoft resource" that can still gain access to the Key Vault.
Screenshots
Private vs Public Key Vault. As in steps to repro, the access policies in both Key Vaults are the same, using the same identity. Then the same Load Test is used to trigger a success and a failure, varying only the URL of the Key Vault secret.
The more private Key Vault looks like this:
Additional context
Have tried with both User managed and System managed identities.
AB#1665865
The text was updated successfully, but these errors were encountered: