Terraform with Azure Key Vault to get secret value

You first need to create a data resource to the azure key vault to get the key vault resource ID:

data "azurerm_key_vault" "keyvault" {
  name                = "${var.keyvault_name}"
  resource_group_name = "${var.resourcegroup_name}"
}

And then use azurerm_key_vault_secret to get the secret with the key vault resource Id:

data "azurerm_key_vault_secret" "win_admin_pass" {
  name         = "${var.secret_name}"
  key_vault_id = "${data.azurerm_key_vault.keyvault.id}"
}

Please note that the use of vault_uri in azurerm_key_vault_secret is deprecated and not recommended.

Now you can do it with azurerm_key_vault_secret data source.

I'm enjoying without any scripting.

data "azurerm_key_vault" "example" {
  name                = "mykeyvault"
  resource_group_name = "some-resource-group"
}

data "azurerm_key_vault_secret" "test" {
  name      = "secret-sauce"
  key_vault_id = data.azurerm_key_vault.existing.id

  # vault_uri is deprecated in latest azurerm, use key_vault_id instead.
  # vault_uri = "https://mykeyvault.vault.azure.net/"
}

output "secret_value" {
  value = "${data.azurerm_key_vault_secret.test.value}"
}

Terraform with Azure Key Vault to get secret value

Tags:

Azure

Azure Keyvault

Terraform

Related

Recent Posts