Azure.Security.KeyVault.Secrets: az is not recognized as an internal or external command

Question

I'm developing a web application using .Net Core and leveraging Azure services (Virtual Machine Windows Server 2016, Database PostgreSQL and Azure Key Vault). Below is my .csproj file:

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>netcoreapp2.1</TargetFramework>
    <TypeScriptToolsVersion>3.1</TypeScriptToolsVersion>
    <UserSecretsId>.......................................</UserSecretsId>
    <Version>1.2.5.0</Version>
    <AssemblyVersion>1.2.5.0</AssemblyVersion>
    <FileVersion>1.2.5.0</FileVersion>
  </PropertyGroup>

  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
    <DebugType>none</DebugType>
    <DebugSymbols>false</DebugSymbols>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Azure.Identity" Version="1.3.0" />
    <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.1.0" />
    <PackageReference Include="fo-dicom.NetCore" Version="4.0.7" />
    <PackageReference Include="HTTPDataCollectorAPI" Version="1.0.5" />
    <PackageReference Include="iTextSharp" Version="5.5.13.2" />
    <PackageReference Include="MailKit" Version="2.10.0" />
    <PackageReference Include="Microsoft.AspNetCore.App" />
    <PackageReference Include="Microsoft.AspNetCore.Razor.Design" Version="2.2.0" PrivateAssets="All" />
    <PackageReference Include="Microsoft.Azure.ConfigurationManager" Version="4.0.0" />
    <PackageReference Include="Microsoft.Azure.Storage.Blob" Version="9.4.2" />
    <PackageReference Include="Microsoft.Azure.Storage.Common" Version="9.4.2" />
    <PackageReference Include="Npgsql" Version="5.0.0" />
    <PackageReference Include="Npgsql.Json.NET" Version="5.0.0" />
    <PackageReference Include="SharpZipLib" Version="1.3.1" />
  </ItemGroup>

</Project>

Leveraging the Azure.Security.KeyVault.Secrets library I'm trying to retrieve a secret stored inside Azure Key Vault like this:

string keyVaultUri = $"https://{KeyVaultName}.vault.azure.net";
_secretClient = new SecretClient(new Uri(keyVaultUri), new DefaultAzureCredential());
KeyVaultSecret secret = _secretClient.GetSecret(secretName);

The GetSecret method throws the following exception:

Azure CLI authentication failed due to an unknown error. az is not recognized as an internal or external command,
   at Azure.Identity.AzureCliCredential.RequestCliAccessTokenAsync(Boolean async, String[] scopes, CancellationToken cancellationToken)
   at Azure.Identity.AzureCliCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
   at Azure.Identity.AzureCliCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.AzureCliCredential.GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.DefaultAzureCredential.GetTokenFromSourcesAsync(TokenCredential[] sources, TokenRequestContext requestContext, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.DefaultAzureCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
   at Azure.Identity.DefaultAzureCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.DefaultAzureCredential.GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.AuthenticateRequestAsync(HttpMessage message, Boolean async, AuthenticationChallenge challenge)
   at Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.ProcessCoreAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.Process(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Core.Pipeline.RetryPolicy.Process(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipeline.Send(HttpMessage message, CancellationToken cancellationToken)
   at Azure.Core.Pipeline.HttpPipeline.SendRequest(Request request, CancellationToken cancellationToken)
   at Azure.Security.KeyVault.KeyVaultPipeline.SendRequest(Request request, CancellationToken cancellationToken)
   at Azure.Security.KeyVault.KeyVaultPipeline.SendRequest[TResult](RequestMethod method, Func`1 resultFactory, CancellationToken cancellationToken, String[] path)
   at Azure.Security.KeyVault.Secrets.SecretClient.GetSecret(String name, String version, CancellationToken cancellationToken)
   at Project.CloudAzureKeyVault.GetKeySecret(String secretName) in C:\Project\Project\Project\NetCoreWrappers\CloudAzureKeyVault.cs:line 31

How can I solve the problem?

_az is not recognized as an internal or external command_ is exactly what you get if you try and run azure cloud shell on a computer that doesn't have it installed. Also the error looks like it hasn't even got to KeyVault, it's failing when trying to get credentials — Nick.Mc, Feb 03 '21 at 11:06

score 5 · Accepted Answer · edited Mar 17 '21 at 15:03

5

I solved the problem by installing the Azure CLI and logging in as described here: https://learn.microsoft.com/cli/azure/install-azure-cli-windows?tabs=azure-cli

edited Mar 17 '21 at 15:03

Community

1
1

answered Feb 03 '21 at 11:10

El_Merendero

603
3
14
28

score 0 · Answer 2 · edited May 16 '23 at 13:57

0

For me, re-entering my credentials in Visual Studio under Tools -> Options -> Azure Service Authentication -> Account Selection solved the issue.

edited May 16 '23 at 13:57

SpicyCatGames

863
7
25

answered May 09 '23 at 12:02

buddi

1

Azure.Security.KeyVault.Secrets: az is not recognized as an internal or external command

2 Answers2

Linked