HomeTerraform Moduleavm-res-keyvault-vault

avm-res-keyvault-vault

Azure/avm-res-keyvault-vault/azurerm

Terraform Module HCL AZURERM ✓ Verified

Terraform Azure Verified Resource Module for Key Vault

Install
module "avm-res-keyvault-vault" {
source = "Azure/avm-res-keyvault-vault/azurerm"
version = "0.10.2"
}
plain text: /constructs/tfmod-azure-avm-res-keyvault-vault-azurerm/install.txt
⭐ Source on GitHub 📦 Registry page
README

terraform-azurerm-avm-res-keyvault-vault Module to deploy key vaults, keys and secrets in Azure. Requirements The following requirements are needed by this module: - terraform (>= 1.9, azapi (~> 2.4) - azurerm (>= 3.117, modtm (~> 0.3) - random (~> 3.5) - time (~> 0.9) Resources The following resources are used by this module: - azurerm_key_vault.this (resource) - azurerm_key_vault_access_policy.this (resource) - azurerm_key_vault_certificate_contacts.this (resource) - azurerm_management_lock.this (resource) - azurerm_monitor_diagnostic_setting.this (resource) - azurerm_private_endpoint.this (resource) - azurerm_private_endpoint.this_unmanaged_dns_zone_groups (resource) - azurerm_private_endpoint_application_security_group_association.this (resource) - azurerm_role_assignment.this (resourc

Inputs (28)
NameTypeDescriptionDefault
locationstringThe Azure location where the resources will be deployed. required
namestringThe name of the Key Vault. required
resource_group_namestringThe resource group where the resources will be deployed. required
tenant_idstringThe Azure tenant ID used for authenticating requests to Key Vault. You can use t required
legacy_access_policies_enabledboolSpecifies whether legacy access policies are enabled for this Key Vault. Preventfalse
contactsmap(object({ email = strinA map of contacts for the Key Vault. The map key is deliberately arbitrary to av{}
diagnostic_settingsmap(object({ name A map of diagnostic settings to create on the Key Vault. The map key is delibera{}
enable_telemetryboolThis variable controls whether or not telemetry is enabled for the module. For mtrue
keysmap(object({ name = stA map of keys to create on the Key Vault. The map key is deliberately arbitrary {}
secretsmap(object({ name A map of secrets to create on the Key Vault. The map key is deliberately arbitra{}
secrets_valuemap(string)A map of secret keys to values. The map key is the supplied input to `var.secretnull
enabled_for_template_deploymentboolSpecifies whether Azure Resource Manager is permitted to retrieve secrets from tfalse
legacy_access_policiesmap(object({ object_id A map of legacy access policies to create on the Key Vault. The map key is delib{}
lockobject({ kind = string The lock level to apply to the Key Vault. Default is `None`. Possible values arenull
sku_namestringThe SKU name of the Key Vault. Default is `premium`. Possible values are `standa"premium"
soft_delete_retention_daysnumberThe number of days that items should be retained for once soft-deleted. This valnull
tagsmap(string)Map of tags to assign to the Key Vault resource.null
wait_for_rbac_before_contact_operationsobject({ create = optionaThis variable controls the amount of time to wait before performing contact oper{}
wait_for_rbac_before_key_operationsobject({ create = optionaThis variable controls the amount of time to wait before performing key operatio{}
enabled_for_deploymentboolSpecifies whether Azure Virtual Machines are permitted to retrieve certificates false
enabled_for_disk_encryptionboolSpecifies whether Azure Disk Encryption is permitted to retrieve secrets from thfalse
network_aclsobject({ bypass The network ACL configuration for the Key Vault. If not specified then the Key V{}
private_endpointsmap(object({ name = optionA map of private endpoints to create on the Key Vault. The map key is deliberate{}
private_endpoints_manage_dns_zone_groupboolWhether to manage private DNS zone groups with this module. If set to false, youtrue
Outputs (8)
secrets_resource_ids — A map of secret keys to resource ids.
uri — The URI of the vault for performing operations on keys and secrets
keys — A map of key keys to key values. The key value is the entire azurerm_key_vault_key resource. The ke
keys_resource_ids — A map of key keys to resource ids.
name — The name of the key vault.
private_endpoints — A map of private endpoints. The map key is the supplied input to var.private_endpoints. The map valu
resource_id — The Azure resource id of the key vault.
secrets — A map of secret keys to secret values. The secret value is the entire azurerm_key_vault_secret resou
Resources (11)
azurerm_key_vaultazurerm_key_vault_access_policyazurerm_key_vault_certificate_contactsazurerm_management_lockazurerm_monitor_diagnostic_settingazurerm_private_endpointazurerm_private_endpoint_application_security_group_associationazurerm_role_assignmentmodtm_telemetryrandom_uuidtime_sleep
Topics & Tags
keyvaultazureterraform-module
Details
FrameworkTerraform Module
LanguageHCL
Version0.10.2
Cloud AZURERM
★ Stars45
Forks54
Total downloads2.0M
Inputs28
Outputs8
Resources11
Examples6
Submodules2
LicenseMIT
NamespaceAzure
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952azure
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581azure
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210azure
avm-ptn-alz

Terraform Azure Verified Pattern Module for Azure Landing Zone

★ 122terraform-module
Tools
⚖ Compare with another construct → 📋 View data schema