Enabling Service endpoints for key vault on multiple subnets through arm template RRS feed

  • Question

  • Hi,

    I have enabled the service endpoint from the vnet for key vault and i tried to enable the allowing selected virtual networks and a single subnet from the key vault. It was successful enabling the single subnet in firewalls and virtual networks tab.

    I have a requirement of enabling the same on the multiple subnets and i was not able to achieve that through arm template.

    Below is the code for enabling the firewalls and virtual networks in the key vault template.

     "networkAcls": {
                          "defaultAction": "Deny",
                            "bypass": "AzureServices",
                      "virtualNetworkRules": [
                          "id": "[variables('subnets').subnet1ref]"


    can some one suggest me how to enable the firewalls and virtual networks on multiple subnets ?

    Friday, July 26, 2019 12:44 PM

All replies

  • To secure Azure services to multiple subnets within a virtual network or across multiple virtual networks, enable service endpoints on network side on each of the subnets independently and then secure Azure service resources to all of the subnets by setting up appropriate VNet ACLs on Azure service side.

    We would check on the ARM Template and get back to you.

    Monday, July 29, 2019 9:42 AM