Created
November 10, 2021 20:03
-
-
Save Branyac/596fa5face8b5b0d5891b04ba4d75f27 to your computer and use it in GitHub Desktop.
Azure-ARMTemplate-CreateStorageKeyvaultAndStoreKeyInSecret
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "keyvaultName": { | |
| "type": "string" | |
| }, | |
| "storageAccountName": { | |
| "type": "string" | |
| }, | |
| "storageKeyNumber": { | |
| "type": "int", | |
| "allowedValues": [ 0, 1 ] | |
| } | |
| }, | |
| "variables": { | |
| "location": "[resourceGroup().location]", | |
| "tenant": "[subscription().tenantId]" | |
| }, | |
| "resources": [ | |
| { | |
| "name": "[parameters('storageAccountName')]", | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "apiVersion": "2021-06-01", | |
| "location": "[variables('location')]", | |
| "dependsOn": [], | |
| "sku": { | |
| "name": "Standard_LRS" | |
| }, | |
| "kind": "StorageV2", | |
| "tags": {} | |
| }, | |
| { | |
| "name": "[concat(parameters('storageAccountName'), '/default')]", | |
| "type": "Microsoft.Storage/storageAccounts/blobServices", | |
| "apiVersion": "2021-06-01", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]" | |
| ] | |
| }, | |
| { | |
| "name": "[concat(parameters('storageAccountName'), '/default')]", | |
| "type": "Microsoft.Storage/storageAccounts/fileservices", | |
| "apiVersion": "2021-06-01", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]", | |
| "[concat(concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName')), '/blobServices/default')]" | |
| ] | |
| }, | |
| { | |
| "apiVersion": "2019-09-01", | |
| "name": "[parameters('keyvaultName')]", | |
| "location": "[variables('location')]", | |
| "type": "Microsoft.KeyVault/vaults", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]" | |
| ], | |
| "properties": { | |
| "accessPolicies": [], | |
| "tenantId": "[variables('tenant')]", | |
| "sku": { | |
| "name": "Standard", | |
| "family": "A" | |
| } | |
| }, | |
| "tags": {} | |
| }, | |
| { | |
| "type": "Microsoft.KeyVault/vaults/secrets", | |
| "apiVersion": "2021-04-01-preview", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", | |
| "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]" | |
| ], | |
| "name": "[format('{0}/{1}-key', parameters('keyVaultName'), parameters('storageAccountName'))]", | |
| "properties": { | |
| "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2021-06-01').keys[parameters('storageKeyNumber')].value]" | |
| } | |
| } | |
| ], | |
| "outputs": {} | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The explanation of what this template does is in this post: https://thingsandcode.com/2021/11/14/how-to-create-an-azure-keyvault-secret-and-copy-an-access-key-using-an-arm-template/