Use this data source to access data stored in an existing Key Vault Certificate.
data "azurerm_key_vault" "example" {
name = "examplekv"
resource_group_name = "some-resource-group"
}
data "azurerm_key_vault_certificate_data" "example" {
name = "secret-sauce"
key_vault_id = data.azurerm_key_vault.example.id
}
output "example_pem" {
value = data.azurerm_key_vault_certificate_data.example.pem
}
The following arguments are supported:
name
- (Required) Specifies the name of the Key Vault Secret.
key_vault_id
- (Required) Specifies the ID of the Key Vault instance where the Secret resides, available on the azurerm_key_vault
Data Source / Resource.
version
- (Optional) Specifies the version of the certificate to look up. (Defaults to latest)
The following attributes are exported:
certificates_count
- Amount of certificates in the chain in case Key Vault Certificate is a bundle (e.g. has an intermediate certificate).
hex
- The raw Key Vault Certificate data represented as a hexadecimal string.
pem
- The Key Vault Certificate in PEM format.
key
- The Key Vault Certificate Key.
expires
- Expiry date of certificate in RFC3339 format.
not_before
- Not Before date of certificate in RFC3339 format.
tags
- A mapping of tags to assign to the resource.
The timeouts
block allows you to specify timeouts for certain actions:
read
- (Defaults to 5 minutes) Used when retrieving the Key Vault Certificate.