07/11/2023, 8:20 AM
Hi, I am new to pulumi and I want to use it with python since my team will have it easier to adapt since we use python in a lot other places. I want to create a small tool that reads secrets from an Azure KeyVault and copies them to other KeyVaults. That alone is quite easy but the challenge is that the KeyVaults are in different subscriptions. I was thinking of adapting but I have a hard time to get anything running. Any ideas how I can create (custom) Provider so I can freely pass the subscription as input? The credentials are not important since the principal behind it got permissions to all related subscriptions/keyvaults. Thread in #python
Sorry I don't get the comment. Pulumi is meant to read secrets from one KeyVault and copy it to various ones across multiple KeyVauls which are in different Azure Subscription. I don't have an issue with KeyVault secret handling but creating the provider configuration to access the KeyVaults. I want fully control which provider is used when I access any KeyVault.
The source secret is is done manually, the target ones obviously via pulumi. But to access the KeyVault to read the secret I need already a provider configuration
For now I don't have any secrets, I struggle to configure the provider itself. As "hello world" I try to just display all resources in a resource group in a target subscription.
I just gave the use-case above to explain why I need to work across subscriptions. Actually I have many other use-cases that require the same.