Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Azure-ARMTemplate-CreateStorageKeyvaultAndStoreKeyInSecret
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"keyvaultName": {
"type": "string"
},
"storageAccountName": {
"type": "string"
},
"storageKeyNumber": {
"type": "int",
"allowedValues": [ 0, 1 ]
}
},
"variables": {
"location": "[resourceGroup().location]",
"tenant": "[subscription().tenantId]"
},
"resources": [
{
"name": "[parameters('storageAccountName')]",
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2021-06-01",
"location": "[variables('location')]",
"dependsOn": [],
"sku": {
"name": "Standard_LRS"
},
"kind": "StorageV2",
"tags": {}
},
{
"name": "[concat(parameters('storageAccountName'), '/default')]",
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2021-06-01",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]"
]
},
{
"name": "[concat(parameters('storageAccountName'), '/default')]",
"type": "Microsoft.Storage/storageAccounts/fileservices",
"apiVersion": "2021-06-01",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]",
"[concat(concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName')), '/blobServices/default')]"
]
},
{
"apiVersion": "2019-09-01",
"name": "[parameters('keyvaultName')]",
"location": "[variables('location')]",
"type": "Microsoft.KeyVault/vaults",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('storageAccountName'))]"
],
"properties": {
"accessPolicies": [],
"tenantId": "[variables('tenant')]",
"sku": {
"name": "Standard",
"family": "A"
}
},
"tags": {}
},
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2021-04-01-preview",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
],
"name": "[format('{0}/{1}-key', parameters('keyVaultName'), parameters('storageAccountName'))]",
"properties": {
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName')), '2021-06-01').keys[parameters('storageKeyNumber')].value]"
}
}
],
"outputs": {}
}
@Branyac
Copy link
Author

Branyac commented Nov 17, 2021

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment