craig-martin/New-AzureKeyVault.ps1

## New-AzureKeyVault.ps1

### Warm up by looking for commands
get-command *AzureRmKeyVault*
get-command *AzureKeyVault*

### Does the Vault exist already?
Get-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name TestKey

### Does the ResourceGroupName exist yet?
Get-AzureRmResourceGroup | select ResourceGroupName

### Create the Vault
New-AzureRmKeyVault -VaultName cmartKeyVault01 -ResourceGroupName cmartResourceGroup01 -Location 'West US'
<#
Vault Name                       : cmartKeyVault01
Resource Group Name              : cmartResourceGroup01
Location                         : West US
Resource ID                      : /subscriptions/ssssssss-ssss-ssss-ssss-ssssssssssss/resourceGroups/cmartResourceGroup01/providers/Microsoft.KeyVault/vaults/cmartKeyVault01
Vault URI                        : https://cmartKeyVault01.vault.azure.net
Tenant ID                        : aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
SKU                              : Standard
Enabled For Deployment?          : False
Enabled For Template Deployment? : False
Enabled For Disk Encryption?     : False
Access Policies                  :
                                   Tenant ID                :    aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
                                   Object ID                :    bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb
                                   Application ID           :
                                   Display Name             :    Craig Martin (cmart@litware.com)
                                   Permissions to Keys      :    get, create, delete, list, update, import, backup, restore
                                   Permissions to Secrets   :    all
Tags                             :
#>

### Create a new Vault Key
Add-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name cmartKey01 -Destination Software
<#
Attributes : Microsoft.Azure.Commands.KeyVault.Models.KeyAttributes
Key        : {"kid":"https://cmartkeyvault01.vault.azure.net/keys/cmartKey01","kty":"RSA","key_ops":["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"],"n":"lots of stuff","e":"AQAB"}
VaultName  : cmartkeyvault01
Name       : cmartKey01
Version    : GreatVersion
Id         : https://cmartkeyvault01.vault.azure.net:443/keys/cmartKey01/GreatVersion
#>

### Set the super-secret secret, shhh!
Set-AzureKeyVaultSecret -VaultName cmartKeyVault01 -Name cmartKey01 -SecretValue (ConvertTo-SecureString -String "WhoFedTheDogCorn?" -Force –AsPlainText)
<#
Vault Name   : cmartkeyvault01
Name         : cmartKey01
Version      : SuperVersion
Id           : https://cmartkeyvault01.vault.azure.net:443/secrets/cmartKey01/SuperVersion
Enabled      : True
Expires      :
Not Before   :
Created      : 1/29/2016 9:09:32 PM
Updated      : 1/29/2016 9:09:32 PM
Content Type :
Tags         :
#>

### Grant access to the Key
Set-AzureRmKeyVaultAccessPolicy -VaultName cmartkeyvault01 -ResourceGroupName cmartResourceGroup01 -ServicePrincipalName 'pppppppp-pppp-pppp-pppp-pppppppppppp' -PermissionsToSecrets get,list

	### Warm up by looking for commands
	get-command AzureRmKeyVault
	get-command AzureKeyVault

	### Does the Vault exist already?
	Get-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name TestKey

	### Does the ResourceGroupName exist yet?
	Get-AzureRmResourceGroup \| select ResourceGroupName

	### Create the Vault
	New-AzureRmKeyVault -VaultName cmartKeyVault01 -ResourceGroupName cmartResourceGroup01 -Location 'West US'
	<#
	Vault Name : cmartKeyVault01
	Resource Group Name : cmartResourceGroup01
	Location : West US
	Resource ID : /subscriptions/ssssssss-ssss-ssss-ssss-ssssssssssss/resourceGroups/cmartResourceGroup01/providers/Microsoft.KeyVault/vaults/cmartKeyVault01
	Vault URI : https://cmartKeyVault01.vault.azure.net
	Tenant ID : aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
	SKU : Standard
	Enabled For Deployment? : False
	Enabled For Template Deployment? : False
	Enabled For Disk Encryption? : False
	Access Policies :
	Tenant ID : aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa
	Object ID : bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb
	Application ID :
	Display Name : Craig Martin (cmart@litware.com)
	Permissions to Keys : get, create, delete, list, update, import, backup, restore
	Permissions to Secrets : all
	Tags :
	#>

	### Create a new Vault Key
	Add-AzureKeyVaultKey -VaultName cmartKeyVault01 -Name cmartKey01 -Destination Software
	<#
	Attributes : Microsoft.Azure.Commands.KeyVault.Models.KeyAttributes
	Key : {"kid":"https://cmartkeyvault01.vault.azure.net/keys/cmartKey01","kty":"RSA","key_ops":["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"],"n":"lots of stuff","e":"AQAB"}
	VaultName : cmartkeyvault01
	Name : cmartKey01
	Version : GreatVersion
	Id : https://cmartkeyvault01.vault.azure.net:443/keys/cmartKey01/GreatVersion
	#>

	### Set the super-secret secret, shhh!
	Set-AzureKeyVaultSecret -VaultName cmartKeyVault01 -Name cmartKey01 -SecretValue (ConvertTo-SecureString -String "WhoFedTheDogCorn?" -Force –AsPlainText)
	<#
	Vault Name : cmartkeyvault01
	Name : cmartKey01
	Version : SuperVersion
	Id : https://cmartkeyvault01.vault.azure.net:443/secrets/cmartKey01/SuperVersion
	Enabled : True
	Expires :
	Not Before :
	Created : 1/29/2016 9:09:32 PM
	Updated : 1/29/2016 9:09:32 PM
	Content Type :
	Tags :
	#>

	### Grant access to the Key
	Set-AzureRmKeyVaultAccessPolicy -VaultName cmartkeyvault01 -ResourceGroupName cmartResourceGroup01 -ServicePrincipalName 'pppppppp-pppp-pppp-pppp-pppppppppppp' -PermissionsToSecrets get,list