Running the below code, I can get all the Application IDs granted access to a particular Key Vault.
$KVName = 'My-Key-Vault-Name'
$KV = Get-AzKeyVault -VaultName $KVName
$accessPolicies = $KV.AccessPolicies
$accessPolicies
Result
Tenant ID : my-tenant-id
Object ID : my-object-id
Application ID : my-application-id
Display Name : some-fancy-name
Permissions to Keys : {Get, List}
Permissions to Secrets : {Get, List, Update, Create…}
Permissions to Certificates : {Get, List, Update, Create…}
Permissions to (Key Vault Managed) Storage : {}
However, I am trying to get the list of all Key Vaults a particular Application ID have been granted access to. Is this achievable via PowerShell?
Any help/hint will be really helpful.
Initially, fetch the Object ID of application from the response of your script:
Response:
To list all the Key Vaults the application has been granted access to by filtering based on Application Object ID, you can run below PowerShell script:
Response:
If you want to list all the Key Vaults the application has been granted access to by filtering based on Application ID, use below modified script: