Key Vault set-policy needs "--applicationId" parameter for OBO Token (user+application)

Describe the bug
[az keyvault set-policy command](https://docs.microsoft.com/en-us/cli/azure/keyvault?view=azure-cli-latest#az_keyvault_set_policy) needs an additional parameter to allow users to add an on-behalf-of access policy for combined identities, an azure feature where a combined identity is made from the application id of one identity and the object id of another

To Reproduce
No reproduction needed. The possibility simply does not exist.

Expected behavior
Add "--application-id" as a parameter which can be used at the same time as "--object-id". This possibility exists in the Azure Portal as well as Powershell and REST APIs and is required for assigning permissions to combined identities.

Environment summary
All AFAIK.

Additional context
[Documentation for Az Powershell which has this feature](https://docs.microsoft.com/en-us/powershell/module/az.keyvault/set-azkeyvaultaccesspolicy?view=azps-5.5.0&viewFallbackFrom=azps-1.7.0#parameters)

Copying this issue as it was closed without ever being fixed: [Previous issue](https://github.com/Azure/azure-cli/issues/9034)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Key Vault set-policy needs "--applicationId" parameter for OBO Token (user+application) #17156

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Key Vault set-policy needs "--applicationId" parameter for OBO Token (user+application) #17156

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions