While trying to give access policy (Azure key vault) to my Azure data factory through PowerShell, I am getting error below:
Set-AzKeyVaultAccessPolicy : Operation returned an invalid status code 'BadRequest' At line:64 char:1
- Set-AzKeyVaultAccessPolicy -VaultName $keyvaultname -ServicePrincipal ...
+ CategoryInfo : CloseError: (:) [Set-AzKeyVaultAccessPolicy], Gr aphErrorException + FullyQualifiedErrorId : Microsoft.Azure.Commands.KeyVault.SetAzureKeyVau ltAccessPolicy
Any help would be really appreciated. Thanks in advance.
This is the script I am trying to execute:
## select subcription
$subcription='Visual Studio Enterprise – MPN'
Select-AzSubscription $subcription
## create a new resource group
$resourcegroupname=”gho-rg-dev”
$location="eastus"
$rg=New-AzResourceGroup `
-Name $resourcegroupname `
-Location $location
## create the storage account
$storageAccountName = "ghostoragelab"
$skuName = "Standard_LRS"
$storageAccount = New-AzStorageAccount -ResourceGroupName $resourcegroupname `
-Name $storageAccountName `
-Location $location `
-SkuName $skuName
$storageaccountkey=(Get-AzStorageAccountkey -ResourceGroupName $resourcegroupname -Name $storageAccount.StorageAccountName).Value[0]
##create azure data factory
$datafactoryname='lab-factory-dev'
$df= New-AzDataFactoryV2 `
-ResourceGroupName $resourcegroupname -Name $datafactoryname -Location $location
## creating the azure key vault
$keyvaultname="labkeydev"
$keyvault=New-AzKeyVault -ResourceGroupName $resourcegroupname -Name $keyvaultname `
-Location $location
# creating the secret key in keyvault
Set-AzKeyVaultSecret -VaultName $keyvaultname -Name "secret-access-key"`
-SecretValue(ConvertTo-SecureString -String $storageaccountkey -AsPlainText -Force)
#Give access policy to the datafactory thorugh keyvault
*## this is where script is failing*
Set-AzKeyVaultAccessPolicy -VaultName $keyvaultname -ServicePrincipalName $df.DataFactoryId -PermissionsToSecrets Get
