Key Vault: List key vault fails if a key vault has 'secret backup' permissions
$ az keyvault list --resource-group demo9311 u'backup' is not valid value for enum <enum> </enum>
There is one key vault in this list, that has 'secret backup' permissions. See output from PowerShell for this key vault (yes, the RG name and vault name are same). Since keyvault CLI component doesn't know about 'backup' permissions for secrets, my guess is the above command is failing.
PS C:\> Get-AzureRmKeyVault -ResourceGroupName demo9311 -VaultName demo9311 Vault Name : demo9311 Resource Group Name : demo9311 Location : westus Resource ID : /subscriptions/XXXXXXXXXXXXXXXXX/resourceGroups/demo9311/provider s/Microsoft.KeyVault/vaults/demo9311 Vault URI : https://demo9311.vault.azure.net/ Tenant ID : XXXXXXXXXXXXXXXXXXXXXXXXX7 SKU : Standard Enabled For Deployment? : False Enabled For Template Deployment? : False Enabled For Disk Encryption? : False Soft Delete Enabled? : True Access Policies : Tenant ID : XXXXXXXXXXXXXXXXXXXXXXXXXXXX47 Object ID : XXXXXXXXXXXXXXXXXXXXXXXXXXXXd1 Application ID : Display Name : Permissions to Keys : All Permissions to Secrets : All Permissions to Certificates : All Tenant ID : XXXXXXXXXXXXXXXXXXXXXXX47 Object ID : XXXXXXXXXXXXXXXXXXXXXXX1f Application ID : Display Name : XXXXXX XXXXX (XXXXXXX.com) Permissions to Keys : all Permissions to Secrets : backup Permissions to Certificates : Tenant ID : XXXXXXXXXXXXXXXXXXXXXXXXXX47 Object ID : XXXXXXXXXXXXXXXXXXXXXXXXXX80 Application ID : Display Name : XXXXXXX XXXXX (XXXXXXXX.com) Permissions to Keys : Backup, Create, Delete, Get, Import, List, Restore, Update Permissions to Secrets : backup, restore, get, set Permissions to Certificates : all Tags :