Skip to main content
Version: v0.2

Azure Key Vault

This module provides the following capabilities:

Installation#

To have access to the following features, you have to import the module:

PS> Install-Module -Name Arcus.Scripting.KeyVault --RequiredVersion 0.2.0

Getting all access policies for an Azure Key Vault#

Lists the current available access policies of the Azure Key Vault resource.

ParameterMandatoryDescription
KeyVaultNameyesThe name of the key vault from which the access policies are to be retrieved
ResourceGroupNamenoThe resource group containing the key vault

Example

PS> $accessPolicies = Get-AzKeyVaultAccessPolicies -KeyVaultName "my-key-vault"# accessPolicies: {list: [{tenantId: ...,permissions: ...}]}
PS> $accessPolicies = Get-AzKeyVaultAccessPolicies -KeyVaultName "my-key-vault" -ResourceGroupName "my-resouce-group"# accessPolicies: {list: [{tenantId: ...,permissions: ...}]}

Setting a secret value from file into Azure Key Vault#

Sets a secret certificate from a file as plain text in Azure Key Vault.

ParameterMandatoryDescription
KeyVaultNameyesThe name of the Azure Key Vault where the secret should be added
SecretNameyesThe name of the secret to add in the Azure Key Vault
FilePathyesThe path to the file containing the secret certificate to add in the Azure Key Vault
ExpiresnoThe optional expiration date of the secret to add in the Azure Key Vault

Example

PS> Set-AzKeyVaultSecretFromFile -KeyVaultName "my-key-vault" -SecretName "my-secret" -FilePath "/file-path/secret-certificate.pfx"# Secret 'my-secret' has been created.

And with expiration date:

PS> Set-AzKeyVaultSecretFromFile -FilePath "/file-path/secret-certificate.pfx" -SecretName "my-secret" -Expires [Datetime]::ParseExact('07/15/2019', 'MM/dd/yyyy', $null) -KeyVaultName "my-key-vault"

Setting a secret value with BASE64 encoded file-content into Azure Key Vault#

Uploads the content of a file as a Base64 encoded string, as plain text, into an Azure Key Vault secret. Can be useful when having to refer to a certificate from within an ARM-template.

ParameterMandatoryDescription
KeyVaultNameyesThe name of the Azure Key Vault where the secret should be added
SecretNameyesThe name of the secret to add in the Azure Key Vault
FilePathyesThe path to the file containing the secret certificate to add in the Azure Key Vault
ExpiresnoThe optional expiration date of the secret to add in the Azure Key Vault

Example

PS> Set-AzKeyVaultSecretAsBase64FromFile -KeyVaultName "my-key-vault" -SecretName "my-secret" -FilePath "/file-path/secret-certificate.pfx"# Secret 'my-secret' has been created.

And with expiration date:

PS> Set-AzKeyVaultSecretAsBase64FromFile -FilePath "/file-path/secret-certificate.pfx" -SecretName "my-secret" -Expires [Datetime]::ParseExact('07/15/2019', 'MM/dd/yyyy', $null) -KeyVaultName "my-key-vault"