1. 技术文章
  2. Can Secrets From Objects Created in ARM Templates Get Auto Added to Key Vault

Can Secrets From Objects Created in ARM Templates Get Auto Added to Key Vault

夙愿已清 提交于 2019-12-02 03:56:47

Muhammad, To create the secrets in KeyVault you will need to create an ARM template that looks something like this. Make sure to update the 'dependson' section so this resource depends on your ACR being created first. The username is going to be the ACR resource name. So, whatever you set that to in your ARM script, you can store in your key vault as a key vault secret.

For the passwords, or keys, this is what you do. Here is a sample template for adding a KeyVault secret

{
  "type": "Microsoft.KeyVault/vaults/secrets",
  "name": "[concat(variables('keyVaultName'), '/{YourACRKey1SecretName}')]",
  "apiVersion": "2015-06-01",
  "properties": {
    "contentType": "text/plain",
    "value": "[listCredentials(resourceId('Microsoft.ContainerRegistry/registries', parameters('YourACRName')), '2017-10-01').passwords[0].value]"
  },
  "dependsOn": []
}

{YourACRKey1SecretName} should be changed to the secret name for your ACR Key1 value.

To set the other key in your keyvault, create another key vault secret resource with a new name and use this for the value:

For Key 2

[listCredentials(resourceId('Microsoft.ContainerRegistry/registries', parameters('YourACRName')), '2017-10-01').passwords[1].value]
标签
azure
azure-resource-manager
azure-keyvault
arm-template
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!