Microsoft Azure Key Vault

the microsoft azure key vault connector facilitates secure management and retrieval of secrets, keys, and certificates within the azure ecosystem microsoft azure key vault is a cloud service for securely storing and accessing secrets, keys, and certificates the azure key vault turbine connector enables swimlane turbine users to manage vaults, secrets, and access policies directly within their security workflows by integrating with azure key vault, users can automate the process of checking vault name availability, managing vaults, and updating access policies, ensuring secure and efficient secret management in their security operations limitations none to date supported versions this connector supports the latest version of the microsoft azure key vault rest api additional docs https //learn microsoft com/en us/rest/api/azure/?view=rest keyvault keyvault 2022 07 01#how to call azure rest apis with curl https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/check name availability https //learn microsoft com/en us/rest/api/authorization/?view=rest keyvault keyvault 2022 07 01 configuration prerequisites before you can use the microsoft azure key vault connector for turbine, ensure you have the following prerequisites oauth 2 0 client credentials authentication with the following parameters url the endpoint url for azure key vault services client id the application (client) id registered in azure ad client secret the secret key generated for the registered application in azure ad scope the scope of the access request, which determines the resources that the access token should be valid for authentication methods to effectively utilize the microsoft azure key vault connector within swimlane turbine, ensure you have the following prerequisites oauth 2 0 client credentials for authentication with these parameters url endpoint for microsoft azure key vault api access client id unique identifier for the application making the request client secret a secret known only to the application and the authorization server scopes permissions the application needs to function correctly capabilities this connector provides the following capabilities check vault name availability delete vault get deleted vault get deleted vaults list by subscription id get vaults list get vaults list by subscription purge deleted vault update access policy update vault vaults create or update vaults get vaults list by resource group check vault name availability checks that the vault name is valid and is not already in use microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/check name availability delete vault deletes the specified azure key vault microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/delete get deleted vault gets the deleted azure key vault microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/get deleted get deleted vaults list by subscription id gets information about the deleted vaults in a subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/list deleted get vaults list the list operation gets information about the vaults associated with the subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/list get vaults list by subscription the list operation gets information about the vaults associated with the subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/list by subscription purge deleted vault permanently deletes the specified vault aka purges the deleted azure key vault microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/purge deleted update access policy update access policies in a key vault in the specified subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/update access policy update vault update a key vault in the specified subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/update vaults create or update create or update a key vault in the specified subscription microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/create or update vaults get gets the specified azure key vault microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/get vaults list by resource group the list operation gets information about the vaults associated with the subscription and within the specified resource group microsoft azure key vault's documentation for this action can be found https //learn microsoft com/en us/rest/api/keyvault/keyvault/vaults/list by resource group configurations microsoft key vault oauth 2 0 client credentials authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required tenant id the tenant id string optional token url must start with https //login microsoftonline com/ and then continue with the tenant id, and then be prepended with /oauth2/v2 0/token string optional client id the client id string required client secret the client secret string required scope list of permission scopes for this action array required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions check vault name availability verifies the validity and availability of a vault name in microsoft azure key vault, requiring subscription id, api version, and vault details endpoint url /subscriptions/{{subscriptionid}}/providers/microsoft keyvault/checknameavailability method post input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call name string optional the vault name type string optional the type of resource, microsoft keyvault/vaults input example {"parameters" {"api version" "2022 07 01"},"json body" {"name" "sample vault","type" "microsoft keyvault/vaults"},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000"}} output parameter type description status code number http status code of the response reason string response reason phrase nameavailable boolean name of the resource output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"nameavailable"\ true}} delete vault removes a specified azure key vault, requiring subscription id, resource group name, vault name, and api version endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults/{{vaultname}} method delete input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the server belongs path parameters vaultname string required the name of the vault to delete input example {"parameters" {"api version" "2022 07 01"},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample resource group","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {}} get deleted vault retrieves a deleted microsoft azure key vault using location, subscription id, vault name, and api version endpoint url /subscriptions/{{subscriptionid}}/providers/microsoft keyvault/locations/{{location}}/deletedvaults/{{vaultname}} method get input argument name type required description parameters api version string required client api version path parameters location string required the location of the deleted vault path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters vaultname string required the name of the vault input example {"parameters" {"api version" "2022 07 01"},"path parameters" {"location" "westus","subscriptionid" "00000000 0000 0000 0000 000000000000","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource type string type of the resource properties object output field properties properties vaultid string unique identifier properties location string output field properties location properties tags object output field properties tags properties deletiondate string date value properties scheduledpurgedate string date value properties purgeprotectionenabled boolean output field properties purgeprotectionenabled output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"id" "/subscriptions/00000000 0000 0000 0000 000000000000/providers/microsoft keyvault ","name" "sample vault","type" "microsoft keyvault/deletedvaults","properties" {"vaultid" "/subscriptions/00000000 0000 0000 0000 000000000000/resourcegroups/sample group/ ","location" get deleted vaults list by subscription id retrieve a list of deleted vaults within a specified azure subscription, requiring the subscription id and api version endpoint url /subscriptions/{{subscriptionid}}/providers/microsoft keyvault/deletedvaults method get input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call input example {"parameters" {"api version" "2022 07 01"},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000"}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value id string unique identifier value name string name of the resource value type string type of the resource value properties object value for the parameter value properties vaultid string unique identifier value properties location string value for the parameter value properties tags object value for the parameter value properties deletiondate string value for the parameter value properties scheduledpurgedate string value for the parameter value properties purgeprotectionenabled boolean value for the parameter nextlink string output field nextlink output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"value" \[{}],"nextlink" "https //management azure com/subscriptions/00000000 0000 0000 0000 000000000000/ "}} get vaults list retrieves a list of vaults associated with the azure subscription, allowing filtering and api version specification endpoint url /subscriptions/{{subscriptionid}}/resources method get input argument name type required description parameters $filter string required the filter to apply on the operation parameters api version string required azure resource manager api version parameters $top number optional maximum number of results to return path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azuresubscription the subscription id forms part of the uri for every service call input example {"parameters" {"$filter" "resourcetype eq 'microsoft keyvault/vaults'","api version" "2022 07 01","$top" 1},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000"}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value id string unique identifier value name string name of the resource value type string type of the resource value location string value for the parameter value tags object value for the parameter nextlink string output field nextlink output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"value" \[{}],"nextlink" "https //management azure com/subscriptions/00000000 0000 0000 0000 000000000000/ "}} get vaults list by subscription retrieve information about all azure key vault vaults within a specified subscription, requiring the subscription id and api version endpoint url /subscriptions/{{subscriptionid}}/providers/microsoft keyvault/vaults method get input argument name type required description parameters api version string required client api version parameters $top number optional maximum number of results to return path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call input example {"parameters" {"api version" "2022 07 01","$top" 1},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000"}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value id string unique identifier value name string name of the resource value type string type of the resource value location string value for the parameter value tags object value for the parameter value systemdata object response data value systemdata createdby string response data value systemdata createdbytype string response data value systemdata createdat string response data value systemdata lastmodifiedby string response data value systemdata lastmodifiedbytype string response data value systemdata lastmodifiedat string response data value properties object value for the parameter value properties sku object value for the parameter value properties sku family string value for the parameter value properties sku name string name of the resource value properties tenantid string unique identifier value properties accesspolicies array value for the parameter value properties accesspolicies tenantid string unique identifier value properties accesspolicies objectid string unique identifier value properties accesspolicies permissions object value for the parameter value properties accesspolicies permissions keys array value for the parameter output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"value" \[{}],"nextlink" "https //management azure com/subscriptions/00000000 0000 0000 0000 000000000000/ "}} purge deleted vault permanently removes a specified azure key vault from the deleted vaults, requiring location, subscription id, vault name, and api version endpoint url /subscriptions/{{subscriptionid}}/providers/microsoft keyvault/locations/{{location}}/deletedvaults/{{vaultname}}/purge method post input argument name type required description parameters api version string required client api version path parameters location string required the location of the deleted vault path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters vaultname string required the name of the vault input example {"parameters" {"api version" "2022 07 01"},"path parameters" {"location" "westus","subscriptionid" "00000000 0000 0000 0000 000000000000","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {}} update access policy updates the access policies of a specified azure key vault, requiring operation kind, resource group, subscription id, vault name, api version, and policy properties endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults/{{vaultname}}/accesspolicies/{{operationkind}} method put input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the vault belongs path parameters vaultname string required name of the vault path parameters operationkind string required name of the operation properties object optional properties of the access policy properties accesspolicies array optional access policies properties accesspolicies tenantid string optional the azure active directory tenant id that should be used for authenticating requests to the key vault properties accesspolicies objectid string optional the object id of a user, service principal or security group in the azure active directory tenant for the vault the object id must be unique for the list of access policies properties accesspolicies permissions object optional permissions to certificates properties accesspolicies permissions keys array optional keys properties accesspolicies permissions secrets array optional secrets properties accesspolicies permissions certificates array optional certificates input example {"parameters" {"api version" "2022 07 01"},"json body" {"properties" {"accesspolicies" \[{"tenantid" "00000000 0000 0000 0000 000000000000","objectid" "00000000 0000 0000 0000 000000000000","permissions" {"keys" \["encrypt"],"secrets" \["get"],"certificates" \["get"]}}]}},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample group","vaultname" "sample vault","operationkind" "add"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier type string type of the resource properties object output field properties properties accesspolicies array output field properties accesspolicies properties accesspolicies tenantid string unique identifier properties accesspolicies objectid string unique identifier properties accesspolicies permissions object output field properties accesspolicies permissions properties accesspolicies permissions keys array output field properties accesspolicies permissions keys properties accesspolicies permissions secrets array output field properties accesspolicies permissions secrets properties accesspolicies permissions certificates array output field properties accesspolicies permissions certificates output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"id" "/subscriptions/00000000 0000 0000 0000 000000000000/resourcegroups/sample group/ ","type" "microsoft keyvault/vaults/accesspolicies","properties" {"accesspolicies" \[]}}} update vault updates a specified microsoft azure key vault's properties within the given subscription, resource group, and vault name requires subscriptionid, resourcegroupname, vaultname, and api version endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults/{{vaultname}} method patch input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the server belongs path parameters vaultname string required name of the vault properties object optional properties of the vault properties tenantid string optional the azure active directory tenant id that should be used for authenticating requests to the key vault properties sku object optional sku details properties sku family string optional sku family name properties sku name string optional sku name to specify whether the key vault is a standard vault or a premium vault properties accesspolicies array optional parameter for update vault properties accesspolicies tenantid string optional the azure active directory tenant id that should be used for authenticating requests to the key vault properties accesspolicies objectid string optional the object id of a user, service principal or security group in the azure active directory tenant for the vault the object id must be unique for the list of access policies properties accesspolicies permissions object optional permissions the identity has for keys, secrets and certificates properties accesspolicies permissions keys array optional permissions to keys properties accesspolicies permissions secrets array optional permissions to secrets properties accesspolicies permissions certificates array optional permissions to certificates properties enabledfordeployment boolean optional property to specify whether azure virtual machines are permitted to retrieve certificates stored as secrets from the key vault properties enabledfordiskencryption boolean optional property to specify whether azure disk encryption is permitted to retrieve secrets from the vault and unwrap keys properties enabledfortemplatedeployment boolean optional property to specify whether azure resource manager is permitted to retrieve secrets from the key vault properties publicnetworkaccess string optional property to specify whether the vault will accept traffic from public internet if set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked this will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules tags object optional the tags that will be assigned to the key vault input example {"parameters" {"api version" "2022 07 01"},"json body" {"properties" {"tenantid" "00000000 0000 0000 0000 000000000000","sku" {"family" "a","name" "standard"},"accesspolicies" \[{"tenantid" "00000000 0000 0000 0000 000000000000","objectid" "00000000 0000 0000 0000 000000000000","permissions" {"keys" \["encrypt","decrypt","wrapkey","unwrapkey","sign","verify","get","list","create","update","import","delete","backup","restore","recover","purge"],"secrets" \["get","list","set","delete","backup","restore","recover","purge"],"certificates" \["get","list","delete","create","import","update","managecontacts","getissuers","listissuers","setissuers","deleteissuers","manageissuers","recover","purge"]}}],"enabledfordeployment"\ true,"enabledfordiskencryption"\ true,"enabledfortemplatedeployment"\ true,"publicnetworkaccess" "enabled"},"tags" {}},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample resource group","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource type string type of the resource location string output field location tags object output field tags systemdata object response data systemdata createdby string response data systemdata createdbytype string response data systemdata createdat string response data systemdata lastmodifiedby string response data systemdata lastmodifiedbytype string response data systemdata lastmodifiedat string response data properties object output field properties properties sku object output field properties sku properties sku family string output field properties sku family properties sku name string name of the resource properties tenantid string unique identifier properties networkacls object output field properties networkacls properties networkacls bypass string output field properties networkacls bypass properties networkacls defaultaction string output field properties networkacls defaultaction properties networkacls iprules array output field properties networkacls iprules properties networkacls iprules value string value for the parameter properties networkacls virtualnetworkrules array output field properties networkacls virtualnetworkrules output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"id" "/subscriptions/00000000 0000 0000 0000 000000000000/resourcegroups/sample resour ","name" "sample vault","type" "microsoft keyvault/vaults","location" "westus","tags" {},"systemdata" {"createdby" "keyvaultuser1","createdbytype" "user","createdat" "2020 01 01t12 00 00 vaults create or update create or update a microsoft azure key vault within a specified subscription, requiring details like location and properties endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults/{{vaultname}} method put input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the server belongs path parameters vaultname string required name of the vault location string optional the supported azure location where the key vault should be created tags object optional the tags that will be assigned to the key vault properties object optional properties of the vault properties tenantid string optional the azure active directory tenant id that should be used for authenticating requests to the key vault properties sku object optional sku details properties sku family string optional sku family name properties sku name string optional sku name to specify whether the key vault is a standard vault or a premium vault properties accesspolicies array optional parameter for vaults create or update properties accesspolicies tenantid string optional the azure active directory tenant id that should be used for authenticating requests to the key vault properties accesspolicies objectid string optional object id properties accesspolicies permissions object optional permissions properties accesspolicies permissions keys array optional permissions to keys properties accesspolicies permissions secrets array optional permissions to secrets properties accesspolicies permissions certificates array optional permissions to certificates properties enabledfordeployment boolean optional property to specify whether azure virtual machines are permitted to retrieve certificates stored as secrets from the key vault properties enabledfordiskencryption boolean optional property to specify whether azure disk encryption is permitted to retrieve secrets from the vault and unwrap keys properties enabledfortemplatedeployment boolean optional property to specify whether azure resource manager is permitted to retrieve secrets from the key vault properties publicnetworkaccess string optional property to specify whether the vault will accept traffic from public internet if set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked input example {"parameters" {"api version" "2022 07 01"},"json body" {"location" "westus","tags" {},"properties" {"tenantid" "00000000 0000 0000 0000 000000000000","sku" {"family" "a","name" "standard"},"accesspolicies" \[{"tenantid" "00000000 0000 0000 0000 000000000000","objectid" "00000000 0000 0000 0000 000000000000","permissions" {"keys" \["encrypt","decrypt","wrapkey","unwrapkey","sign","verify","get","list","create","update","import","delete","backup","restore","recover","purge"],"secrets" \["get","list","set","delete","backup","restore","recover","purge"],"certificates" \["get","list","delete","create","import","update","managecontacts","getissuers","listissuers","setissuers","deleteissuers","manageissuers","recover","purge"]}}],"enabledfordeployment"\ true,"enabledfordiskencryption"\ true,"enabledfortemplatedeployment"\ true,"publicnetworkaccess" "enabled"}},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample resource group","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource type string type of the resource location string output field location tags object output field tags systemdata object response data systemdata createdby string response data systemdata createdbytype string response data systemdata createdat string response data systemdata lastmodifiedby string response data systemdata lastmodifiedbytype string response data systemdata lastmodifiedat string response data properties object output field properties properties sku object output field properties sku properties sku family string output field properties sku family properties sku name string name of the resource properties tenantid string unique identifier properties networkacls object output field properties networkacls properties networkacls bypass string output field properties networkacls bypass properties networkacls defaultaction string output field properties networkacls defaultaction properties networkacls iprules array output field properties networkacls iprules properties networkacls iprules value string value for the parameter properties networkacls virtualnetworkrules array output field properties networkacls virtualnetworkrules output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"id" "/subscriptions/00000000 0000 0000 0000 000000000000/resourcegroups/sample resour ","name" "sample vault","type" "microsoft keyvault/vaults","location" "westus","tags" {},"systemdata" {"createdby" "keyvaultuser1","createdbytype" "user","createdat" "2020 01 01t12 00 00 vaults get retrieves the specified azure key vault using subscription id, resource group name, and vault name an 'api version' parameter is required endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults/{{vaultname}} method get input argument name type required description parameters api version string required client api version path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the vault belongs path parameters vaultname string required the name of the vault input example {"parameters" {"api version" "2022 07 01"},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample resource group","vaultname" "sample vault"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource type string type of the resource location string output field location tags object output field tags systemdata object response data systemdata createdby string response data systemdata createdbytype string response data systemdata createdat string response data systemdata lastmodifiedby string response data systemdata lastmodifiedbytype string response data systemdata lastmodifiedat string response data properties object output field properties properties sku object output field properties sku properties sku family string output field properties sku family properties sku name string name of the resource properties tenantid string unique identifier properties accesspolicies array output field properties accesspolicies properties accesspolicies tenantid string unique identifier properties accesspolicies objectid string unique identifier properties accesspolicies permissions object output field properties accesspolicies permissions properties accesspolicies permissions keys array output field properties accesspolicies permissions keys properties accesspolicies permissions secrets array output field properties accesspolicies permissions secrets output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"id" "/subscriptions/00000000 0000 0000 0000 000000000000/resourcegroups/sample resour ","name" "sample vault","type" "microsoft keyvault/vaults","location" "westus","tags" {},"systemdata" {"createdby" "keyvaultuser1","createdbytype" "user","createdat" "2020 01 01t12 00 00 vaults list by resource group retrieves information about azure key vault vaults within a specified resource group and subscription endpoint url /subscriptions/{{subscriptionid}}/resourcegroups/{{resourcegroupname}}/providers/microsoft keyvault/vaults method get input argument name type required description parameters api version string required the name of the resource group to which the vault belongs parameters $top number optional maximum number of results to return path parameters subscriptionid string required subscription credentials which uniquely identify microsoft azure subscription the subscription id forms part of the uri for every service call path parameters resourcegroupname string required the name of the resource group to which the vault belongs input example {"parameters" {"api version" "2022 07 01","$top" 1},"path parameters" {"subscriptionid" "00000000 0000 0000 0000 000000000000","resourcegroupname" "sample group"}} output parameter type description status code number http status code of the response reason string response reason phrase value array value for the parameter value id string unique identifier value name string name of the resource value type string type of the resource value location string value for the parameter value tags object value for the parameter value systemdata object response data value systemdata createdby string response data value systemdata createdbytype string response data value systemdata createdat string response data value systemdata lastmodifiedby string response data value systemdata lastmodifiedbytype string response data value systemdata lastmodifiedat string response data value properties object value for the parameter value properties sku object value for the parameter value properties sku family string value for the parameter value properties sku name string name of the resource value properties tenantid string unique identifier value properties accesspolicies array value for the parameter value properties accesspolicies tenantid string unique identifier value properties accesspolicies objectid string unique identifier value properties accesspolicies permissions object value for the parameter value properties accesspolicies permissions keys array value for the parameter output example {"status code" 200,"response headers" {"content type" "text/html; charset=utf 8","x hsci cache time" "2024 12 18t12 01 22 328z","content encoding" "gzip","expires" "mon, 18 dec 2024 12 08 57 gmt"},"reason" "ok","json body" {"value" \[{}],"nextlink" "https //management azure com/subscriptions/00000000 0000 0000 0000 000000000000/ "}} response headers header description example content encoding http response header content encoding gzip content type the media type of the resource text/html; charset=utf 8 expires the date/time after which the response is considered stale mon, 18 dec 2024 12 08 57 gmt x hsci cache time http response header x hsci cache time 2024 12 18t12 01 22 328z