Reputation: 391
How to dynamically create Azure KeyVault reference in ARM template?
I'm using the following piece of code in my ARM template parameters file to retrieve the secret value from keyvault:
"parameters": {
"mailAccount": {
"reference": {
"keyVault": {
"id": "/subscriptions/GUID/resourceGroups/KeyVaultRG/providers/Microsoft.KeyVault/vaults/KeyVault"
},
"secretName": "mailAccount"
}
},
and in the template file:
"appSettings": [
{
"name": "mailAccount",
"value": "[parameters('mailAccount')]"
},
{
I'd like to know if it is possible to reference a KeyVault by its name using dynamically constructed object (i.e. not /subscriptions/GUID/resourceGroups/KeyVaultRG/providers/Microsoft.KeyVault/vaults/KeyVault but [resourceId(subscription().subscriptionId, resourcegroup().name, 'Microsoft.KeyVault/vaults', parameters('KeyVaultName'))]) or [resourceId('Microsoft.KeyVault/vaults', parameters('KeyVaultName'))] ?
In fact, the main objective is to be able to pass the different KeyVault names when deploying templates - where the similar values are stored.
The need to have several KeyVaults is justified by the resources (and cost) separation.
Now I see only validation errors saying ~ resourceId function cannot be used while referencing parameters.
I cannot use nested\linked templates (and output values).
Upvotes: 2
Views: 1355
Answers (1)
Reputation: 91
What I am usually doing to avoid this limitation of the resourceId function is to define a variable with the value of the parameter, then using the variable instead in the resourceId function.
Example:
"parameters": {
"KeyVaultName": {
"type": "string",
"metadata": {
"description": "Key Vault Name"
}
}
},
"variables": {
"KeyVaultName": "[parameters('KeyVaultName')]"
}
Then when I am referencing the KeyVault resource I reference it using the variable like this:
"[resourceId('Microsoft.KeyVault/vaults', variables('KeyVaultName')]"
Upvotes: 1
Related Questions
- Azure ARM template how to get dynamic keyvault appsettings to function
- How to set types of parameters in Azure ARM templates when using KeyVault references?
- Azure ARM Template - Create KeyVault Secrets in Keyvault in different Resource Group
- Creating multiple keyvault secrets in same arm template deployment
- Create Key Vault certificate using ARM template
- How do I reference secret from keyvault as default value in parameter section of ARM template
- Creating a KeyVault secret in an existing keyvault
- Use Key Vault references for App Service via ARM template
- Using secret from Azure KeyVault in Azure ARM Template
- referencing a KeyVault secret in an ARM template fails with 'The resource is not defined in the template'