sparse-intern-71089
01/09/2022, 8:23 AMsticky-exabyte-94099
01/09/2022, 10:03 AMpulumi import azure:keyvault/secret:Secret CertificateOrderSecret "<https://vault723aa5a.vault.azure.net/secrets/.../>..."
and got code for the secret to import.
My question now is, is it enough? And it created an Output.CreateSecret() with a long value that I guess I should not add to source code like that and should use pulumi config set mycert longvaluehere -secret
sticky-exabyte-94099
01/10/2022, 10:15 PMgreat-queen-39697
01/10/2022, 10:18 PMkeyvault
module in the API: https://www.pulumi.com/registry/packages/azure-native/api-docs/keyvault/great-queen-39697
01/10/2022, 10:19 PMgreat-queen-39697
01/10/2022, 10:22 PMsticky-exabyte-94099
01/10/2022, 10:23 PMgreat-queen-39697
01/10/2022, 10:26 PMgreen-intern-53931
01/13/2022, 5:07 PMgreen-intern-53931
01/13/2022, 5:10 PMcertificate (azure-native:web:Certificate)
error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="The parameter Properties.KeyVaultId has an invalid value." Details=[{"Message":"The parameter Properties.KeyVaultId has an invalid value."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"51008","Message":"The parameter Properties.KeyVaultId has an invalid value.","MessageTemplate":"The parameter {0} has an invalid value.","Parameters":["Properties.KeyVaultId"]}}]
great-queen-39697
01/13/2022, 5:19 PMsticky-exabyte-94099
01/20/2022, 12:23 PMgreen-intern-53931
01/20/2022, 12:37 PMkeyVaultId: vault.id
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const certificate = new azure_native.web.Certificate("certificate", {
hostNames: ["ServerCert"],
location: "East US",
name: "testc6282",
password: "<password>",
resourceGroupName: "testrg123",
keyVaultId: vault.id;
});
create the key vault resource like this
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const vault = new azure_native.keyvault.Vault("vault", {
location: "westus",
properties: {
accessPolicies: [{
objectId: "00000000-0000-0000-0000-000000000000",
permissions: {
certificates: [
"get",
"list",
"delete",
"create",
"import",
"update",
"managecontacts",
"getissuers",
"listissuers",
"setissuers",
"deleteissuers",
"manageissuers",
"recover",
"purge",
],
keys: [
"encrypt",
"decrypt",
"wrapKey",
"unwrapKey",
"sign",
"verify",
"get",
"list",
"create",
"update",
"import",
"delete",
"backup",
"restore",
"recover",
"purge",
],
secrets: [
"get",
"list",
"set",
"delete",
"backup",
"restore",
"recover",
"purge",
],
},
tenantId: "00000000-0000-0000-0000-000000000000",
}],
enabledForDeployment: true,
enabledForDiskEncryption: true,
enabledForTemplateDeployment: true,
sku: {
family: "A",
name: "standard",
},
tenantId: "00000000-0000-0000-0000-000000000000",
},
resourceGroupName: "sample-resource-group",
vaultName: "sample-vault",
});