Blue42

0.2.5

Templates/KeyVault.json

                                {

  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",

  "contentVersion": "1.0.0.0",

  "parameters": {

    "keyVaultName": {

      "type": "string",

      "defaultValue": "kv%UID%",

      "metadata": {

        "description": "The name of the Key Vault"

      }

    },

    "keyVaultLocation": {

      "type": "string",

      "defaultValue": "%LOCATION%",

      "metadata": {

        "description": "Key Vault Location."

      }

    },

    "keyVaultSku": {

      "type": "string",

      "defaultValue": "Standard",

      "allowedValues": [

        "Standard",

        "Premium"

      ],

      "metadata": {

        "description": "SKU for the vault"

      }

    },

    "keyVaultAccessPolicies": {

      "type": "array",

      "defaultValue": [],

      "metadata": {

        "description": "The access policies defined for this vault."

      }

    },

    "keyVaultNetworkAcls": {

      "type": "object",

      "defaultValue": {

        "defaultAction": "Allow",

        "bypass": "AzureServices",

        "virtualNetworkRules": [],

        "ipRules": []

      },

      "metadata": {

        "description": "The network firewall defined for this vault."

      }

    },

    "keyVaultTenantID": {

      "type": "string",

      "defaultValue": "",

      "metadata": {

        "description": "The Tenant ID used to make access policies."

      }

    },

    "keyVaultEnabledForDeployment": {

      "type": "bool",

      "defaultValue": false,

      "metadata": {

        "description": "True if this vault will be used to deploy."

      }

    },

    "keyVaultEnabledForTemplateDeployment": {

      "type": "bool",

      "defaultValue": false,

      "metadata": {

        "description": "True if this vault will be used to deploy template."

      }

    },

    "keyVaultEnabledForDiskEncryption": {

      "type": "bool",

      "defaultValue": false,

      "metadata": {

        "description": "True if this vault will be used to store encrypted disks."

      }

    },

    "keyVaultTags": {

      "type": "object",

      "defaultValue": {

        "Date": "%DATE%"

      },

      "metadata": {

        "description": "Key Vault Tags."

      }

    }

  },

  "variables": {

    "keyVaultLocation": "[if(empty(parameters('keyVaultLocation')), resourceGroup().location, parameters('keyVaultLocation'))]"

  },

  "resources": [

    {

      "apiVersion": "2018-02-14",

      "name": "[parameters('keyVaultName')]",

      "type": "Microsoft.KeyVault/vaults",

      "location": "[variables('keyVaultLocation')]",

      "tags": "[parameters('keyVaultTags')]",

      "properties": {

        "enabledForDeployment": "[parameters('keyVaultEnabledForDeployment')]",

        "enabledForTemplateDeployment": "[parameters('keyVaultEnabledForTemplateDeployment')]",

        "enabledForDiskEncryption": "[parameters('keyVaultEnabledForDiskEncryption')]",

        "accessPolicies": "[parameters('keyVaultAccessPolicies')]",

        "tenantId": "[parameters('keyVaultTenantID')]",

        "sku": {

          "name": "[parameters('keyVaultSku')]",

          "family": "A"

        },

        "networkAcls": "[parameters('keyVaultNetworkAcls')]"

      }

    }

  ],

  "outputs": {}

}