We are managing our customers' azure subscriptions using Microsoft Partner Centre >> and using a username I create a new Azure Vault for a customer>> but when I tried to create a new Secret inside the Azure Vault , I got this error:-
The operation "Set" is not enabled in this key vault's access policy.
now when I access the Key Vault >> Access Policy >> I am unable to add the login username which I used to create the Key Vault inside the Key Vault access policy, where I am only able to add the office 365 admin:-
so any advice why i am able to create a new Key Vault, while i am unable to add Secrets inside it?
When you create the Key vault, you should add the CSP access policy rather than normal access policy.
After you click on it, you can specify CSP security group (it has shown the steps to get the group id).
Then the CSP user can create secret in this key vault after it's created.