0

I set up an azure key vault and quickly realized I did not need it. I deleted the vault but now my virtual machine (associated with the same resource) gives me this error:

Provisioning failed.
The Key Vault secret referenced with the URL XXX does not exist..
KeyVaultSecretDoesNotExist
Provisioning state error code ProvisioningState/failed/KeyVaultSecretDoesNotExist

I restored the key vault in an attempt to resolve this issue but the vault my VM is searching for was initialized to the wrong location so I just get this error:

Provisioning failed.
The Key Vault XX is located in location westus2, which is different from the location of the VM, westus. The VM and Key Vault need to be located within the same region..
KeyVaultAndVMInDifferentRegions

I seem to be stuck in this loop and cannot figure out how to sever the tie between my VM and this key vault that should've never existed in the first place. This error is inhibiting me from backing up my machine and has me afraid to redeploy (to solve the issue I was debugging in the first place). Please note that creating a new VM is not a viable solution for me.

Thanks in advance for your help!

Ashlynn Steeves
  • 13
  • 2
  • In Azure Portal when you spin up a VM how and where can you associate it with a KV? – Jeremy Thompson Jul 22 '22 at 03:53
  • Hi @AshlynnSteeves, did the suggested solution work for you? Do let me know if it solved your problem else share more details so I can troubleshoot or else do accept it for helping other community members. – Kartik Bhiwapurkar Aug 05 '22 at 04:08

1 Answers1

0

• I would suggest you to please navigate to the Azure Resource Explorer through the link given here, i.e., ‘Resource Explorer (azure.com)’ and check the VM’s OS profile in it in your subscription. In that, you can see the old URL for the key vault reference in the secrets property of the OS profile of the VM. Confirm that the URL for the key vault secret given in there refers to the key vault that you have recovered. Then try to remove the URL from there and disassociate the key vault from the VM’s OS.

To do the above, you will need ‘Read/Write’ access to the Azure Resource Explorer and ‘Contributor’ access role too. If you still are not able to delete the association through it, I would suggest you change the location for the key vault through the following Azure CLI command so that when the location for both the key vault and the VM is same, then you should be able to deploy the VM and backup it up and then delete both the key vault and the VM altogether or try to follow the above steps described as in Azure Resource Explorer.

  az keyvault recover --location "your vault location" --resource-group "your vault resource group" --name "your vault name"

• Please find the below snapshot of the Azure Resource Explorer regarding the key vault for your reference: -

Azure Resource Explorer

To know more about removing the secret from the VM for the key vault, kindly refer the below SO community link for reference: -

Azure Portal Error: Failed to start virtual machine 'xxxx'. Error: The Key Vault secret referenced with the URL 'xxxx' does not exist

Kartik Bhiwapurkar
  • 4,550
  • 2
  • 4
  • 9