Last active
January 14, 2018 10:03
-
-
Save rinormaloku/99d99cab9bcc818323927df1146ef88d to your computer and use it in GitHub Desktop.
[Storing acs-engine data to the KeyVault] Script to store acs engine data to the keyvault #acs-engine #keyvault
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create KeyVault to store the secrets | |
$kv_name = 'kvnamecv1' | |
$keyvault_rg = 'keyvaultrg1' | |
$keyvault_rg_location = 'westeurope' | |
az group create --name $keyvault_rg --location $keyvault_rg_location | |
az keyvault create --name $kv_name --resource-group $keyvault_rg --enabled-for-template-deployment --enabled-for-deployment | |
###END | |
# Save Service Principal password | |
$sp_pass_secret_name = 'sppasswordsecret' # Any name works | |
$sp_pass = 'Client Secret' | |
az keyvault secret set -n $sp_pass_secret_name --vault-name $kv_name --description sp_password_secret --value $sp_pass | |
# Push the certificates to the KeyVault (Be sure to be in the right folder _output/[dnsprefix]) | |
az keyvault secret set --vault-name $kv_name --name ca-crt --value "$([Convert]::ToBase64String((Get-content -path .\ca.crt -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name ca-key --value "$([Convert]::ToBase64String((Get-content -path .\ca.key -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubernetes-api-crt --value "$([Convert]::ToBase64String((Get-content -path .\apiserver.crt -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubernetes-api-key --value "$([Convert]::ToBase64String((Get-content -path .\apiserver.key -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubernetes-client-crt --value "$([Convert]::ToBase64String((Get-content -path .\client.crt -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubernetes-client-key --value "$([Convert]::ToBase64String((Get-content -path .\client.key -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubeconfig-crt --value "$([Convert]::ToBase64String((Get-content -path .\kubectlClient.crt -Encoding byte)))" | |
az keyvault secret set --vault-name $kv_name --name kubeconfig-key --value "$([Convert]::ToBase64String((Get-content -path .\kubectlClient.key -Encoding byte)))" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment