Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Copy Azure KeyVault secrets to another KeyVault using Azure CLI
#!/bin/bash
SOURCE_KEYVAULT="<SOURCE KEYVAULT THAT YOU WANT TO COPY SECRETS FROM>"
DESTINATION_KEYVAULT="<DESTINATION KEYVAULT THAT YOU WILL COPY SECRETS TO>"
SECRETS+=($(az keyvault secret list --vault-name $SOURCE_KEYVAULT --query "[].id" -o tsv))
for SECRET in "${SECRETS[@]}"; do
SECRETNAME=$(echo "$SECRET" | sed 's|.*/||')
SECRET_CHECK=$(az keyvault secret list --vault-name $DESTINATION_KEYVAULT --query "[?name=='$SECRETNAME']" -o tsv)
if [ -n "$SECRET_CHECK" ]
then
echo "A secret with name $SECRETNAME already exists in $DESTINATION_KEYVAULT"
else
echo "Copying $SECRETNAME to KeyVault: $DESTINATION_KEYVAULT"
SECRET=$(az keyvault secret show --vault-name $SOURCE_KEYVAULT -n $SECRETNAME --query "value" -o tsv)
az keyvault secret set --vault-name $DESTINATION_KEYVAULT -n $SECRETNAME --value "$SECRET" >/dev/null
fi
done
@thomast1906

This comment has been minimized.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment