arm-artifacts/shared-templates/key-vault-access-policy.json
|
{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "keyVaultName": { "type": "string" }, "objectName": { "type": "string", "metadata": { "description": "The object from which to get the id from" } }, "objectResourceGroup": { "type": "string", "metadata": { "description": "The resource group of the object" } }, "objectResourceType": { "type": "string", "metadata": { "description": "The object from which to get the id from" } }, "permissions": { "type": "object", "metadata": { "description": "Access policies for the vault." } } }, "variables": { "resourceId": "[resourceId(parameters('objectResourceGroup'), parameters('objectResourceType'), parameters('objectName'))]", "tenantId": "[subscription().tenantID]" }, "resources": [ { "type": "Microsoft.KeyVault/vaults/accessPolicies", "name": "[concat(parameters('keyVaultName'), '/add')]", "apiVersion": "2016-10-01", "properties": { "accessPolicies": [ { "tenantId": "[variables('tenantId')]", "objectId": "[reference(concat(variables('resourceId'), '/providers/Microsoft.ManagedIdentity/Identities/default'), '2015-08-31-PREVIEW').principalId]", "permissions": "[parameters('permissions')]" } ] } } ], "outputs": {} } |