[SOLVED] Key Vault reference in Azure App Service doesn't resolve

Key Vault reference in Azure App Service doesn't resolve

I have an ASP.NET (.NET 6) application hosted within an Linux app service plan. I'm attempting to reference a Key Vault secret within the configuration settings using the following syntax: @Microsoft.KeyVault(SecretUri=https://redacted.vault.azure.net/secrets/test/version)

However, I just get a red-cross next to the setting inside Configuation blade in the Azure Portal. If I open up the setting, then I get no further information about the issue.

Here's what I have done so far:

Followed the instructions at https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references
I have used the 'Key Vault Application Settings Diagnostics' tool inside the 'Diagnose and solve problems' blade; this told me everything was fine with green ticks across multiple checks EXCEPT at the bottom it came up with the following amber warning with no further information:-

Uncategorized issues found

I have configured the ap service managed identity and given the appropriate permissions to the principal inside Key Vault
I have enabled 'Allow access from trusted Microsoft services' inside the Key Vault firewall.

Solution

Adding so I can have some Internet Points

I don't think that Allow Trusted Microsoft Services is not enough to bypass the firewall for your app service:

https://azidentity.azurewebsites.net/post/2019/01/03/key-vault-firewall-access-by-azure-app-services