How do I create an Azure Key Vault with Pulumi?
In this guide, we will create an Azure Key Vault using Pulumi in TypeScript. Azure Key Vault is a cloud service for securely storing and accessing secrets. We will define a Key Vault resource and its properties, including access policies and SKU.
import * as pulumi from "@pulumi/pulumi";
import * as azureNative from "@pulumi/azure-native";
// Define resource group
const resourceGroup = new azureNative.resources.ResourceGroup("resourceGroup", {
resourceGroupName: "my-resource-group",
location: "WestUS",
});
// Define Key Vault
const keyVault = new azureNative.keyvault.Vault("keyVault", {
resourceGroupName: resourceGroup.name,
vaultName: "my-key-vault",
location: resourceGroup.location,
properties: {
sku: {
family: "A",
name: "standard",
},
tenantId: "<your-tenant-id>", // Replace with your Azure tenant ID
accessPolicies: [{
tenantId: "<your-tenant-id>", // Replace with your Azure tenant ID
objectId: "<your-object-id>", // Replace with your Azure object ID
permissions: {
keys: ["get", "list", "create", "delete"],
secrets: ["get", "list", "set", "delete"],
certificates: ["get", "list", "create", "delete"],
},
}],
},
tags: {
environment: "development",
},
});
// Export the Key Vault URI
export const keyVaultUri = keyVault.properties.vaultUri;
Key Points:
- We start by defining a resource group to contain our Key Vault.
- We then create the Key Vault itself, specifying properties such as location, SKU, tenant ID, and access policies.
- Access policies define the permissions for accessing keys, secrets, and certificates within the Key Vault.
- Finally, we export the Key Vault URI for use in other parts of our infrastructure.
Summary:
We created an Azure Key Vault using Pulumi in TypeScript. This involved setting up a resource group, defining the Key Vault properties, and configuring access policies for secure management of keys, secrets, and certificates.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.