Templates/KeyVaultTemplate.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "keyVaultName": { "type": "string" }, "location": { "type": "string", "defaultValue": "[resourceGroup().location]" }, "tenantId": { "type": "string", "defaultValue": "[subscription().tenantId]" }, "localAdminSecretName": { "type": "string", "defaultValue": "LocalAdminCredential" }, "localAdminSecretValue": { "type": "securestring" }, "domainAdminSecretName": { "type": "string", "defaultValue": "AzureStackLCMUserCredential" }, "domainAdminSecretValue": { "type": "securestring" }, "arbDeploymentSpnName": { "type": "string", "defaultValue": "DefaultARBApplication" }, "arbDeploymentSpnValue": { "type": "securestring" }, "storageWitnessName": { "type": "string", "defaultValue": "WitnessStorageKey" }, "storageWitnessValue": { "type": "securestring" }, "softDeleteRetentionDays": { "type": "int", "defaultValue": 30 }, "keyValuePairs": { "type": "array", "metadata": { "description": "List of additional key-value pairs to be added as secrets." } } }, "resources": [ { "type": "Microsoft.KeyVault/vaults", "apiVersion": "2021-06-01-preview", "name": "[parameters('keyVaultName')]", "location": "[parameters('location')]", "properties": { "enabledForDeployment": true, "enabledForTemplateDeployment": true, "enabledForDiskEncryption": true, "enableSoftDelete": false, "softDeleteRetentionInDays": "[parameters('softDeleteRetentionDays')]", "enableRbacAuthorization": true, "publicNetworkAccess": "Enabled", "accessPolicies": [], "tenantId": "[parameters('tenantId')]", "sku": { "name": "standard", "family": "A" } } }, { "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('domainAdminSecretName'))]", "location": "[parameters('location')]", "scale": null, "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "properties": { "contentType": "Secret", "value": "[parameters('domainAdminSecretValue')]", "attributes": { "enabled": true } } }, { "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('localAdminSecretName'))]", "location": "[parameters('location')]", "scale": null, "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "properties": { "contentType": "Secret", "value": "[parameters('localAdminSecretValue')]", "attributes": { "enabled": true } } }, { "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('arbDeploymentSpnName'))]", "location": "[parameters('location')]", "scale": null, "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "properties": { "contentType": "Secret", "value": "[parameters('arbDeploymentSpnValue')]", "attributes": { "enabled": true } } }, { "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('storageWitnessName'))]", "location": "[parameters('location')]", "scale": null, "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "properties": { "contentType": "Secret", "value": "[parameters('storageWitnessValue')]", "attributes": { "enabled": true } } }, { "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('keyValuePairs')[copyIndex()].key)]", "location": "[parameters('location')]", "scale": null, "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "copy": { "name": "secretsLoop", "count": "[length(parameters('keyValuePairs'))]" }, "properties": { "value": "[parameters('keyValuePairs')[copyIndex('secretsLoop')].value]" } } ], "outputs": { "keyVaultId": { "type": "string", "value": "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" } } } |