Azure RM Template. Deploy copy VM with Key Vault password

Question

I would like to automate deployment of variable amount of VMs (deployed via copy) by replacing password by Key Vault secrets. I would like to use different secrets for different VMs (ex secret1 for VM1, secret2 for VM2). According to documentation I need to reference a secret with dynamic id https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter#reference-a-secret-with-dynamic-id I've tweaked documentation example to utilize copy for deployment of my VMs, but I'm struggling to change secretName to secretName1, secretName2 upon each call of the nested template. How can I do that?

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "vaultName": {
        "type": "string"
      },
      "secretName": {
        "type": "string"
      }
    },
    "resources": [
    {
      "apiVersion": "2015-01-01",
      "name": "[concat('nestedTemplate-', copyIndex())]",
      "type": "Microsoft.Resources/deployments",
      "copy": {
        "name": "nestedTemplateLoop",
        "count": "[parameters('numberOfVMs')]"
      },
      "properties": {
        "mode": "incremental",
        "templateLink": {
          "uri": "https://www.contoso.com/AzureTemplates/newVM.json",
          "contentVersion": "1.0.0.0"
        },
        "parameters": {
          "adminPassword": {
            "reference": {
              "keyVault": {
                "id": "[concat(resourceGroup().id, '/providers/Microsoft.KeyVault/vaults/', parameters('vaultName'))]"
              },
              "secretName": "[parameters('secretName')]"
            }
          }
        }
      }
    }],
    "outputs": {}
}

4c74356b41 · Accepted Answer

"secretName": [concat(parameters('secretName'), copyIndex())]

Azure RM Template. Deploy copy VM with Key Vault password

Answers (1)

Related Questions