Fixing Azure Key Vault when moving to a different tenant

When moving Azure resources to a different subscription/tenant, the cloud administrator must identify which resources can be migrated seamlessly and which resources may require some changes in the new destination. The Azure Key Vault is one of those that require a configuration change to reflect the new TenantId when moving between Azure AD tenants.

The following script will change all Key Vaults of the subscription defined in the $subName variable.

$subName ="ENTER-your-SubscriptionName"
Select-AzSubscription -SubscriptionName $subName
$vaults = Get-AzKeyVault
$tenantId = (Get-AzContext).Tenant.TenantId
ForEach ($vault in $vaults){
    write-host $vault.ResourceId
    $tmpVault = Get-AzResource -ResourceId $vault.ResourceId -ExpandProperties
    $tmpVault.Properties.TenantId = $tenantId
    $tmpVault.Properties.AccessPolicies = @()
    Set-AzResource -ResourceId $vault.ResourceId -Properties $tmpVault.Properties -Force

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides of the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange, CISSP and several other certifications. Anderson contributes to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at,, and Anderson (Portuguese).

Published by
Anderson Patricio

Recent Posts

Crucial cybersecurity expenses not getting the budget they deserve

While the more obvious cybersecurity expenses are crucial, it is important that you do not…

1 day ago

Action1: An enterprise cybersecurity cloud solution for IT admins

Sponsored by Action1Action1 is an enterprise cloud solution for IT admins responsible for ensuring corporate…

2 days ago

Want to cut your cloud costs? These startups have the tools to help

Many companies take to the cloud to save upfront costs, but continuous cloud computing expenses…

2 days ago

Microsoft Teams bug-bounty program: Help zap them and get cash

Microsoft has been upgrading Microsoft Teams at lightning speed, but new features often come with…

2 days ago

The emergency home office: Catastrophe or the future of work?

When the pandemic began, many thought working from home would be temporary. Guess what: It’s…

3 days ago

The dangers of offensive cybersecurity

Offensive cybersecurity can stop cyberattacks before they impair target systems or penetrate defenses. But beware…

3 days ago