Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update code

Browse Source
This commit is contained in:
neil-yechenwei 2023-11-15 13:45:38 +08:00 committed by lonegunmanb
parent b1766a7fd6
commit ae80f13644
1 changed files with 44 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
quickstart/301-service-fabric/keyvault.tf
View File

@ -1,67 +1,67 @@
resource "azurerm_key_vault" "cluster" { resource "azurerm_key_vault" "cluster" {
name = "${var.dns_prefix}-${substr(var.name, 0, 12)}-${var.environment_short}-kv" name = "${var.dns_prefix}-${substr(var.name, 0, 12)}-${var.environment_short}-kv"
location = "${azurerm_resource_group.default.location}" location = azurerm_resource_group.default.location
resource_group_name = "${azurerm_resource_group.default.name}" resource_group_name = azurerm_resource_group.default.name
tenant_id = "${data.azurerm_client_config.current.tenant_id}" tenant_id = data.azurerm_client_config.current.tenant_id
enabled_for_deployment = true enabled_for_deployment = true
enabled_for_disk_encryption = true enabled_for_disk_encryption = true
enabled_for_template_deployment = true enabled_for_template_deployment = true
sku_name = "standard" sku_name = "standard"
access_policy { access_policy {
tenant_id = "${data.azurerm_subscription.current.tenant_id}" tenant_id = data.azurerm_subscription.current.tenant_id
object_id = "${var.client_object_id}" object_id = var.client_object_id
certificate_permissions = [ certificate_permissions = [
"create", "Create",
"delete", "Delete",
"deleteissuers", "DeleteIssuers",
"get", "Get",
"getissuers", "GetIssuers",
"import", "Import",
"list", "List",
"listissuers", "ListIssuers",
"managecontacts", "ManageContacts",
"manageissuers", "ManageIssuers",
"setissuers", "SetIssuers",
"update", "Update",
] ]
key_permissions = [ key_permissions = [
"backup", "Backup",
"create", "Create",
"decrypt", "Decrypt",
"delete", "Delete",
"encrypt", "Encrypt",
"get", "Get",
"import", "Import",
"list", "List",
"purge", "Purge",
"recover", "Recover",
"restore", "Restore",
"sign", "Sign",
"unwrapKey", "UnwrapKey",
"update", "Update",
"verify", "Verify",
"wrapKey", "WrapKey",
] ]
secret_permissions = [ secret_permissions = [
"backup", "Backup",
"delete", "Delete",
"get", "Get",
"list", "List",
"purge", "Purge",
"recover", "Recover",
"restore", "Restore",
"set", "Set",
] ]
} }
} }
resource "azurerm_key_vault_certificate" "cluster" { resource "azurerm_key_vault_certificate" "cluster" {
name = "service-fabric-cluster" name = "service-fabric-cluster"
key_vault_id = "${azurerm_key_vault.cluster.id}" key_vault_id = azurerm_key_vault.cluster.id
certificate_policy { certificate_policy {
issuer_parameters { issuer_parameters {
@ -115,7 +115,7 @@ resource "azurerm_key_vault_certificate" "cluster" {
resource "azurerm_key_vault_certificate" "client" { resource "azurerm_key_vault_certificate" "client" {
name = "service-fabric-client" name = "service-fabric-client"
key_vault_id = "${azurerm_key_vault.cluster.id}" key_vault_id = azurerm_key_vault.cluster.id
certificate_policy { certificate_policy {
issuer_parameters { issuer_parameters {