Microsoft.KeyVault/managedHSMs/keys/write - Azure Operation

Operation Information

Details and metadata

Operation Name

Microsoft.KeyVault/managedHSMs/keys/write

Display Name

Create Key (if not exist)

Description

Creates the first version of a new key if it does not exist. If it already exists, then the existing key is returned without any modification. This API does not create subsequent versions, and does not update existing keys.

Operation Type

Control Plane

Provider

Microsoft Key Vault

Resource Type

Key

Roles Allowing This Operation

7 roles grant this permission

Role Name	Actions	Note
Azure AI Administrator b78c5d69-af96-48a3-bf8d-a8b4d589de94	1,313	—
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c	17,503	—
Managed HSM contributor 18500a29-7fe2-46b2-a342-b16a415e101d	23	—
MySQL Control Plane b5207fd7-42d3-40fa-8cc6-a7e189aef39e	1,920	—
Owner 8e3af657-a8ff-443c-a75c-2fe8c4bcb635	17,549	—
Service Group Administrator 4e50c84c-c78e-4e37-b47e-e60ffea0a775	17,547	—
Service Group Contributor 32e6a4ec-6095-4e37-b54b-12aa350ba81f	17,547	—

Note: This list includes roles where the operation is allowed by the role's actions or dataActions patterns, excluding any patterns in notActions or notDataActions. Wildcard patterns (like */read or *) are expanded to match this specific operation.