When I got the error
'vaultName' does not match expected pattern
I found using Powershell with raw Az CLI Commands you have to use Double Quotes to create the KeyVault.
az keyvault create --name "vault-Name-01" --resource-group $resourceGroupName --location $location --sku Standard --enabled-for-disk-encryption true
In a Powershell script you pass in the variable wrapped with double quotes
[string]$vaultName = "vault-Name-01"
az keyvault create --name $vaultName --resource-group $resourceGroupName --location $location -sku Standard --enabled-for-disk-encryption true
Then when you want to set a value you remove the double quotes:
az keyvault secret set --vault-name $vaultName.Replace("`"","") --name $_.name --value $_.value
Further investigation reveals the problem applies to listing and showing the vault secrets and I bumped into the infamous error:
Max retries exceeded attempting to connect to vault. The vault may not exist or you may need to flush your DNS cache and try again later.
The KeyVault exists, because I can list the vaults secrets using the VaultName without quotes:
$secretNames = az keyvault secret list --vault-name $sourceVaultName.Replace("`"","") -o json --query "[].name" | ConvertFrom-Json
However you'll get the Max Retires error if you don't include a quoted $sourceVaultName when trying to show the secrets:
$secrets = $secretNames | % {
$secret = az keyvault secret show --name $_ --vault-name $sourceVaultName -o json | ConvertFrom-Json
[PSCustomObject]@{
name = $_;
value = $secret.value;
}
}
If any of these calls timeout and the result is blank refer to this solution: https://stackoverflow.com/a/67472219/495455
It's almost like two developers worked on the code and had different opinions... https://github.com/Azure/azure-cli/issues/13952
