我在尝试解决密钥时收到错误。
KeyVaultKeyResolver cloudResolver = new KeyVaultKeyResolver(GetToken);
string keyvaultUrl = Microsoft.Azure.CloudConfigurationManager.GetSetting("KeyVaultUrl");
var rsa = cloudResolver.ResolveKeyAsync(keyvaultUrl, CancellationToken.None).GetAwaiter().GetResult();
BlobEncryptionPolicy policy = new BlobEncryptionPolicy(rsa, null);
BlobRequestOptions options = new BlobRequestOptions() { EncryptionPolicy = policy };
例外说:
Data: System.Collections.ListDictionaryInternal
User Name: uberserve
Message: Operation "get" is not allowed
Stack Trace: at Microsoft.Azure.KeyVault.KeyVaultClient.<Do>d__11b`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Azure.KeyVault.KeyVaultClient.<GetKeyAsync>d__5d.MoveNext()
实施遵循http://blogs.technet.com/b/kv/archive/2015/06/02/azure-key-vault-step-by-step.aspx
我不太确定我在哪里出错了。建议请。
访问策略是根据powershell中的博客文章使用:
配置的PS C:\> Set-AzureRmKeyVaultAccessPolicy -VaultName FirstLookVault -ServicePrincipalName '06b430c8-3689-4b5f-b954-566affefbd0c' -PermissionsToSecrets get -PermissionsToKeys wrapKey, unwrapKey,decrypt,encrypt