justinyoo/az-cli.txt

## az-cli.txt
az group deployment create `
    -g "my-resource-group" `
    --template-file azuredeploy.json `
    --parameters `@azuredeploy.parameters.json `
    --parameters servicePrincipalTenantId=$tenantId

## new-azurermresourcegroupdeployment.txt
# The tenand ID is randomly generated one.
$tenantId = ConvertTo-SecureString "da88225f-755d-4758-b6a6-3aaeba1e6264" `
                -AsPlainText `
                -Force

New-AzureRmResourceGroupDeployment `
    -ResourceGroupName "my-resource-group" `
    -TemplateFile azuredeploy.json `
    -TemplateParameterFile azuredeploy.parameters.json `
    -servicePrincipalTenantId $tenantId

## parameters-kv.json
"parameters": {
  "keyVaultSecretValue": {
    "reference": {
      "keyVault": {
        "id": "/subscriptions/4c52543c-f468-4816-a4d8-7bb46a34e1b7/resourceGroups/rg-arm-kv/providers/Microsoft.KeyVault/vaults/kvarmkv"
      },
      "secretName": "logicAppKey"
    }
  }
}

## parameters-kv.yaml
parameters:
  keyVaultSecretValue:
    reference:
      keyVault:
        # The subscription ID is randomly generated one
        id: "/subscriptions/4c52543c-f468-4816-a4d8-7bb46a34e1b7/resourceGroups/rg-arm-kv/providers/Microsoft.KeyVault/vaults/kvarmkv"
      secretName: logicAppKey

## parameters.json
"parameters": {
  "keyVaultSecretValue": {
    "type": "securestring",
    "metadata": {
      "description": "Value of the secret from Key Vault."
    }
  }
}

## parameters.yaml
parameters:
  keyVaultSecretValue:
    type: securestring
    metadata:
      description: Value of the secret from Key Vault.

## resources.json
"resources": [
  {
    "comments": "### RESOURCE - LOGIC APP ###",
    "apiVersion": "[variables('linked').apiVersion]",
    "type": "Microsoft.Resources/deployments",
    "name": "[variables('deployments').logicApp]",
    "properties": {
      "mode": "Incremental",
      "templateLink": {
        "uri": "https://raw.githubusercontent.com/devkimchi/Handling-Secrets-around-ARM-Templates/master/LogicApp.json"
      },
      "parameters": {
        "keyVaultSecretValue": {
          "reference": {
            "keyVault": {
              "id": "[resourceId('Microsoft.KeyVault/vaults', variables('keyVault').name)]"
            },
            "secretName": "[variables('keyVault').secrets.name]"
          }
        }
      }
    }
  }
]

## resources.yaml
resources:
- comments: "### RESOURCE - LOGIC APP ###"
  apiVersion: "[variables('linked').apiVersion]"
  type: Microsoft.Resources/deployments
  name: "[variables('deployments').logicApp]"
  properties:
    mode: Incremental
    templateLink:
      uri: "https://raw.githubusercontent.com/devkimchi/Handling-Secrets-around-ARM-Templates/master/LogicApp.json"
    parameters:
      keyVaultSecretValue:
        reference:
          keyVault:
            id: "[resourceId('Microsoft.KeyVault/vaults', variables('keyVault').name)]"
          secretName: "[variables('keyVault').secrets.name]"

## serviceprincipaltenantid.json
"servicePrincipalTenantId": {
  "type": "securestring",
  "metadata": {
    "description": "Tenant Id of the service principal."
  }
}

## serviceprincipaltenantid.yaml
servicePrincipalTenantId:
  type: securestring
  metadata:
    description: Tenant Id of the service principal.
	az group deployment create `
	-g "my-resource-group" `
	--template-file azuredeploy.json `
	--parameters `@azuredeploy.parameters.json `
	--parameters servicePrincipalTenantId=$tenantId
	# The tenand ID is randomly generated one.
	$tenantId = ConvertTo-SecureString "da88225f-755d-4758-b6a6-3aaeba1e6264" `
	-AsPlainText `
	-Force

	New-AzureRmResourceGroupDeployment `
	-ResourceGroupName "my-resource-group" `
	-TemplateFile azuredeploy.json `
	-TemplateParameterFile azuredeploy.parameters.json `
	-servicePrincipalTenantId $tenantId
	"parameters": {
	"keyVaultSecretValue": {
	"reference": {
	"keyVault": {
	"id": "/subscriptions/4c52543c-f468-4816-a4d8-7bb46a34e1b7/resourceGroups/rg-arm-kv/providers/Microsoft.KeyVault/vaults/kvarmkv"
	},
	"secretName": "logicAppKey"
	}
	}
	}
	parameters:
	keyVaultSecretValue:
	reference:
	keyVault:
	# The subscription ID is randomly generated one
	id: "/subscriptions/4c52543c-f468-4816-a4d8-7bb46a34e1b7/resourceGroups/rg-arm-kv/providers/Microsoft.KeyVault/vaults/kvarmkv"
	secretName: logicAppKey
	"parameters": {
	"keyVaultSecretValue": {
	"type": "securestring",
	"metadata": {
	"description": "Value of the secret from Key Vault."
	}
	}
	}
	parameters:
	keyVaultSecretValue:
	type: securestring
	metadata:
	description: Value of the secret from Key Vault.
	"resources": [
	{
	"comments": "### RESOURCE - LOGIC APP ###",
	"apiVersion": "[variables('linked').apiVersion]",
	"type": "Microsoft.Resources/deployments",
	"name": "[variables('deployments').logicApp]",
	"properties": {
	"mode": "Incremental",
	"templateLink": {
	"uri": "https://raw.githubusercontent.com/devkimchi/Handling-Secrets-around-ARM-Templates/master/LogicApp.json"
	},
	"parameters": {
	"keyVaultSecretValue": {
	"reference": {
	"keyVault": {
	"id": "[resourceId('Microsoft.KeyVault/vaults', variables('keyVault').name)]"
	},
	"secretName": "[variables('keyVault').secrets.name]"
	}
	}
	}
	}
	}
	]
	resources:
	- comments: "### RESOURCE - LOGIC APP ###"
	apiVersion: "[variables('linked').apiVersion]"
	type: Microsoft.Resources/deployments
	name: "[variables('deployments').logicApp]"
	properties:
	mode: Incremental
	templateLink:
	uri: "https://raw.githubusercontent.com/devkimchi/Handling-Secrets-around-ARM-Templates/master/LogicApp.json"
	parameters:
	keyVaultSecretValue:
	reference:
	keyVault:
	id: "[resourceId('Microsoft.KeyVault/vaults', variables('keyVault').name)]"
	secretName: "[variables('keyVault').secrets.name]"
	"servicePrincipalTenantId": {
	"type": "securestring",
	"metadata": {
	"description": "Tenant Id of the service principal."
	}
	}
	servicePrincipalTenantId:
	type: securestring
	metadata:
	description: Tenant Id of the service principal.