Reputation: 1459
Terraform to create Appinsight Named value from Keyvault while creating the APIM ligger
We have below terraform code to create AzureAPIM logger configuration for the appinsight during the appinsight creation itself. But here we are facing challenge to configure the Appinsight Instrumentation Key as named value from one of existing keyvault.
Looking for both the appinsight and logger addition with namedvalue of instrumentation key (from kv) as part of the application insight creation itself and not through manual task of creating secret in Keyvault after creating the Appinsight.
resource "azurerm_application_insights" "appinsights" {
name = var.appinsights_name
location = var.location
resource_group_name = var.rg_name
application_type = var.application_type
retention_in_days = var.retention_in_days
workspace_id = data.azurerm_log_analytics_workspace.laworkspace.id
internet_ingestion_enabled = var.internet_ingestion_enabled
disable_ip_masking = var.disable_ip_masking
tags = var.appinsights_tags
lifecycle {
ignore_changes = [
tags,
disable_ip_masking
]
}
}
resource "azurerm_api_management_logger" "logger" {
count = var.add_to_apim ? 1 : 0
api_management_name = var.apim_name
resource_group_name = var.apim_rg
name = azurerm_application_insights.appinsights.name
resource_id = azurerm_application_insights.appinsights.id
application_insights {
instrumentation_key = azurerm_application_insights.appinsights.instrumentation_key
}
lifecycle {
ignore_changes = [
resource_id
]
}
}
Upvotes: 0
Views: 89
Answers (1)
Reputation: 17944
You can use the azurerm_api_management_named_value resource to manages an API Management Named Value,
The value_from_key_vault block can be used to link an Azure Key Vault secret.
Example (not tested):
resource "azurerm_api_management_named_value" "example" {
name = "example-apimg"
display_name = "ExampleProperty"
resource_group_name = var.apim_rg
api_management_name = var.apim_name
value_from_key_vault {
secret_id = var.secret_id
}
secret = true
}
Upvotes: -1
Related Questions
- terraform stacks component reference to module output error: "unsupported attribute"
- Azure APIM named values using terraform
- Soft delete and Purge Protection should be enabled and retention days should be 90 days as Terraform error
- Terraform Hidden Links for Azure Function App
- Cannot create secret scope: Azure KeyVault is not available. Terraform
- Azure :: Terraform fails on azure keyvault secrets
- "KeyVaultAuthenticationFailure" when Storage Account attempts to Access Customer Managed Key in Key Vault with Private Endpoint (Using Terraform)
- In terraform using Azure, is it possible to create a key vault secret and reference that secret in the same file on the same run?