private Pulumi.AzureNative.KeyVault.Vault CreateVault(string resourceGroupName, Config config,
Pulumi.AzureNative.ManagedIdentity.UserAssignedIdentity reader)
{
var kpiDevelopmentVault = new Pulumi.AzureNative.KeyVault.Vault("kpivault",
new Pulumi.AzureNative.KeyVault.VaultArgs
{
Properties = new VaultPropertiesArgs
{
AccessPolicies =
{
CreateAccessPolicy(reader.PrincipalId, config)
},
Sku = new Pulumi.AzureNative.KeyVault.Inputs.SkuArgs
{
Family = "A",
Name = Pulumi.AzureNative.KeyVault.SkuName.Standard
},
SoftDeleteRetentionInDays = 90,
TenantId = config.Require("azureTenantId")
},
ResourceGroupName = resourceGroupName,
Tags =
{
{ "environment", "dev" },
{ "product", "kpi-system" }
}
});
return(kpiDevelopmentVault);
}
private Pulumi.AzureNative.KeyVault.Secret CreateSecret(string secretName, Output <string> secretValue,
Pulumi.AzureNative.KeyVault.Vault vault, string resourceGroupName)
{
var secret = new Pulumi.AzureNative.KeyVault.Secret(secretName, new Pulumi.AzureNative.KeyVault.SecretArgs
{
Properties = new SecretPropertiesArgs
{
Value = secretValue
},
ResourceGroupName = resourceGroupName,
SecretName = secretName,
VaultName = vault.Name
});
return(secret);
}
