Created
January 29, 2016 23:28
-
-
Save craig-martin/089eb569fc4fcb1c731a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Warm up by looking for commands | |
get-command *AzureRmKeyVault* | |
get-command *AzureKeyVault* | |
### Does the Vault exist already? | |
Get-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name TestKey | |
### Does the ResourceGroupName exist yet? | |
Get-AzureRmResourceGroup | select ResourceGroupName | |
### Create the Vault | |
New-AzureRmKeyVault -VaultName cmartKeyVault01 -ResourceGroupName cmartResourceGroup01 -Location 'West US' | |
<# | |
Vault Name : cmartKeyVault01 | |
Resource Group Name : cmartResourceGroup01 | |
Location : West US | |
Resource ID : /subscriptions/ssssssss-ssss-ssss-ssss-ssssssssssss/resourceGroups/cmartResourceGroup01/providers/Microsoft.KeyVault/vaults/cmartKeyVault01 | |
Vault URI : https://cmartKeyVault01.vault.azure.net | |
Tenant ID : aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa | |
SKU : Standard | |
Enabled For Deployment? : False | |
Enabled For Template Deployment? : False | |
Enabled For Disk Encryption? : False | |
Access Policies : | |
Tenant ID : aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa | |
Object ID : bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb | |
Application ID : | |
Display Name : Craig Martin (cmart@litware.com) | |
Permissions to Keys : get, create, delete, list, update, import, backup, restore | |
Permissions to Secrets : all | |
Tags : | |
#> | |
### Create a new Vault Key | |
Add-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name cmartKey01 -Destination Software | |
<# | |
Attributes : Microsoft.Azure.Commands.KeyVault.Models.KeyAttributes | |
Key : {"kid":"https://cmartkeyvault01.vault.azure.net/keys/cmartKey01","kty":"RSA","key_ops":["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"],"n":"lots of stuff","e":"AQAB"} | |
VaultName : cmartkeyvault01 | |
Name : cmartKey01 | |
Version : GreatVersion | |
Id : https://cmartkeyvault01.vault.azure.net:443/keys/cmartKey01/GreatVersion | |
#> | |
### Set the super-secret secret, shhh! | |
Set-AzureKeyVaultSecret -VaultName cmartKeyVault01 -Name cmartKey01 -SecretValue (ConvertTo-SecureString -String "WhoFedTheDogCorn?" -Force –AsPlainText) | |
<# | |
Vault Name : cmartkeyvault01 | |
Name : cmartKey01 | |
Version : SuperVersion | |
Id : https://cmartkeyvault01.vault.azure.net:443/secrets/cmartKey01/SuperVersion | |
Enabled : True | |
Expires : | |
Not Before : | |
Created : 1/29/2016 9:09:32 PM | |
Updated : 1/29/2016 9:09:32 PM | |
Content Type : | |
Tags : | |
#> | |
### Grant access to the Key | |
Set-AzureRmKeyVaultAccessPolicy -VaultName cmartkeyvault01 -ResourceGroupName cmartResourceGroup01 -ServicePrincipalName 'pppppppp-pppp-pppp-pppp-pppppppppppp' -PermissionsToSecrets get,list |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment