Follow

How To: Assign Azure Environment by Policy Attribute

Applies to:

All versions of TPP

Symptom:

Cannot create Azure Key Vault application object for China, Germany, or US Government Azure environments.

Cause:

By default, TPP's Azure Key Vault application driver connects to the "AzureCloud" environment (GlobalCloud). 

Resolution: 

If a connection to Azure China, Azure Germany, or Azure US Government needs to be established, the Azure environment may only be changed by manually adding a Policy Attribute to the policy containing the affected Azure Key Vault application object. Currently, this value can only be changed with the help of Venafi Customer Support.

  • Class: "Azure Key Vault"
  • Attribute: "Environment"
  • Value:
    • If connecting to Azure China: "AzureChinaCloud"
    • If connecting to Azure Germany: "AzureGermanCloud"
    • If connecting to Azure US Government: "AzureUSGovernment"

Example:

mceclip0.png

More Info:

There is currently a "Product Idea" to add this functionality to TPP's UI: Support for Azure cloud for Gov, Germany and China | Community (venafi.com)

Was this article helpful?
0 out of 0 found this helpful

Comments