How to get Add(or modify) AccessPolicy to Azure-Keyvault - caller user information in the REST APIs
up vote
0
down vote
favorite
Currently, given a keyvault, one can retrieve the Access Policies for the given KeyVault through REST apis(or Azure Powershell), but not the information about the creation of the access policies itself. So, is there a way to get the ObjectId (or the user) that added the Access Policy to the Keyvault along with the time of creation?
This information, about the calling user, is available when an alert is configured to trigger whenever there is an administrative change to the Keyvault in the Caller field. So, I am assuming this information is available.
This information will be very handy to track security incidents when we see suspicious principals added to the Access policies.
azure-keyvault azure-security
asked Nov 19 at 22:21
bsoundra
5182724
add a comment |
up vote
0
down vote
favorite
Currently, given a keyvault, one can retrieve the Access Policies for the given KeyVault through REST apis(or Azure Powershell), but not the information about the creation of the access policies itself. So, is there a way to get the ObjectId (or the user) that added the Access Policy to the Keyvault along with the time of creation?
This information, about the calling user, is available when an alert is configured to trigger whenever there is an administrative change to the Keyvault in the Caller field. So, I am assuming this information is available.
This information will be very handy to track security incidents when we see suspicious principals added to the Access policies.
azure-keyvault azure-security
asked Nov 19 at 22:21
bsoundra
5182724
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Currently, given a keyvault, one can retrieve the Access Policies for the given KeyVault through REST apis(or Azure Powershell), but not the information about the creation of the access policies itself. So, is there a way to get the ObjectId (or the user) that added the Access Policy to the Keyvault along with the time of creation?
This information, about the calling user, is available when an alert is configured to trigger whenever there is an administrative change to the Keyvault in the Caller field. So, I am assuming this information is available.
This information will be very handy to track security incidents when we see suspicious principals added to the Access policies.
azure-keyvault azure-security
asked Nov 19 at 22:21
bsoundra
5182724
Currently, given a keyvault, one can retrieve the Access Policies for the given KeyVault through REST apis(or Azure Powershell), but not the information about the creation of the access policies itself. So, is there a way to get the ObjectId (or the user) that added the Access Policy to the Keyvault along with the time of creation?
This information, about the calling user, is available when an alert is configured to trigger whenever there is an administrative change to the Keyvault in the Caller field. So, I am assuming this information is available.
This information will be very handy to track security incidents when we see suspicious principals added to the Access policies.
azure-keyvault azure-security
azure-keyvault azure-security
asked Nov 19 at 22:21
bsoundra
5182724
asked Nov 19 at 22:21
bsoundra
5182724
asked Nov 19 at 22:21
bsoundra
5182724
asked Nov 19 at 22:21
bsoundra
5182724
asked Nov 19 at 22:21
bsoundra
5182724
5182724
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53383491%2fhow-to-get-addor-modify-accesspolicy-to-azure-keyvault-caller-user-informati%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
