sai guru datt manchikanti
Reputation: 129
Keyvault extension for VMSS
I found this documentation https://devblogs.microsoft.com/aspnet/announcing-an-easier-way-to-use-latest-certificates-from-key-vault/ and some other ARM references to add a Keyvault extension to the VMSS inorder to acheive certificate auto-rotation. But, when I try to do a deployment, the extension just times out without giving any useful error message. For this to work are there any constraints, like say, the Key vault and the VMSS need to be on the same resource group ?? Does anyone know what might be wrong with my template.
Here's my extension:
{
"name": "KeyVaultForWindows",
"location": "[variables('location')]",
"properties": { "publisher": "Microsoft.Azure.KeyVault",
"type": "KeyVaultForWindows", "typeHandlerVersion": "0.0",
"autoUpgradeMinorVersion": true,
"settings":
{
"secretsManagementSettings": {
"pollingIntervalInS": "60",
"requireInitialSync": true,
"certificateStoreName": "MY",
"certificateStoreLocation": "LocalMachine",
"observedCertificates": ["https:///secrets/"] }
}
}
}```
Upvotes: 1
Views: 1516
Answers (0)
Related Questions
- azure arm template deploying azure key vault extension to a VM
- Extensions on AKS VMSS
- Azure Virtual Machine scale set Instance configuration
- Azure Scale Set VMS use Docker Image
- Azure Key Vault get Secret from VMSS Instances
- Scale set using keyvault in another region
- How to grant VM access to Key Vault in the same ARM template
- Azure KeyVault Vm extension and MSI
- Virtual Machine Scale Sets
- Adding certificates to Azure VM Scale Set