xximjasonxx/keyvault.tf

## keyvault.tf
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=2.62.1"
    }
  }
}

variable "name" {
  type = string
}

variable "rg_name" {
  type = string
}

variable "rg_location" {
  type = string
}

variable "tenant_id" {
  type = string
}

variable "secrets" {
  type = map
}

# get current user
data "azurerm_client_config" "current" {}

# create the resource
resource "azurerm_key_vault" "this" {
  name                  = "kv-${var.name}"
  resource_group_name   = var.rg_name
  location              = var.rg_location
  tenant_id             = var.tenant_id
  sku_name              = "standard"

  # define an access policy for terraform connection
  access_policy {
    tenant_id           = var.tenant_id
    object_id           = data.azurerm_client_config.current.object_id

    secret_permissions  = [ "Get", "Set", "List" ]
  }
}

# add the secrets
resource "azurerm_key_vault_secret" "this" {
  for_each = var.secrets

  name          = each.key
  value         = each.value
  key_vault_id  = azurerm_key_vault.this.id
}

#outputs
output "key_vault_endpoint" {
  value = azurerm_key_vault.this.vault_uri
}

output "key_vault_id" {
  value = azurerm_key_vault.this.id
}
	terraform {
	required_providers {
	azurerm = {
	source = "hashicorp/azurerm"
	version = "=2.62.1"
	}
	}
	}

	variable "name" {
	type = string
	}

	variable "rg_name" {
	type = string
	}

	variable "rg_location" {
	type = string
	}

	variable "tenant_id" {
	type = string
	}

	variable "secrets" {
	type = map
	}

	# get current user
	data "azurerm_client_config" "current" {}

	# create the resource
	resource "azurerm_key_vault" "this" {
	name = "kv-${var.name}"
	resource_group_name = var.rg_name
	location = var.rg_location
	tenant_id = var.tenant_id
	sku_name = "standard"

	# define an access policy for terraform connection
	access_policy {
	tenant_id = var.tenant_id
	object_id = data.azurerm_client_config.current.object_id

	secret_permissions = [ "Get", "Set", "List" ]
	}
	}

	# add the secrets
	resource "azurerm_key_vault_secret" "this" {
	for_each = var.secrets

	name = each.key
	value = each.value
	key_vault_id = azurerm_key_vault.this.id
	}

	#outputs
	output "key_vault_endpoint" {
	value = azurerm_key_vault.this.vault_uri
	}

	output "key_vault_id" {
	value = azurerm_key_vault.this.id
	}