azurestack_key_vault_secret

Manages a Key Vault Secret.

Example Usage

data "azurestack_client_config" "current" {}

resource "azurestack_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurestack_key_vault" "example" {
  name                       = "examplekeyvault"
  location                   = azurestack_resource_group.example.location
  resource_group_name        = azurestack_resource_group.example.name
  tenant_id                  = data.azurestack_client_config.current.tenant_id
  sku_name                   = "premium"
  soft_delete_retention_days = 7

  access_policy {
    tenant_id = data.azurestack_client_config.current.tenant_id
    object_id = data.azurestack_client_config.current.object_id

    key_permissions = [
      "create",
      "get",
    ]

    secret_permissions = [
      "set",
      "get",
      "delete",
      "purge",
      "recover"
    ]
  }
}

resource "azurestack_key_vault_secret" "example" {
  name         = "secret-sauce"
  value        = "szechuan"
  key_vault_id = azurestack_key_vault.example.id
}

Argument Reference

The following arguments are supported:

Attributes Reference

The following attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

Key Vault Secrets which are Enabled can be imported using the resource id, e.g.

terraform import azurestack_key_vault_secret.example "https://example-keyvault.vault.azure.net/secrets/example/fdf067c93bbb4b22bff4d8b7a9a56217"