So, I am trying to spin up a Managed Identity and a KeyVault using Blueprints. I have an individually working template for each. My endgoal is to spin up both resources along with a few more together in the same blueprint. The issue I'm having is that I need to pass my Managed Identity's object ID to the KeyVault template during deployment. I have the blueprint setup to deploy the managed identity resource group, then the managed identity, followed by the keyvault group and keyvault. The deployment is working till the KV resource group and then failing during deployment of keyvault. Does anyone have any insight on how to do this?
Below is the blip of code that contains the access policy
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2016-10-01",
"name": "[parameters('keyVaultName')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"family": "A",
"name": "[parameters('skuName')]"
},
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"tenantId": "[parameters('tenantId')]",
"objectId": "(objectId(parameters('managedIdentityRG'), Microsoft.ManagedIdentity', 'userAssignedIdentities'))",
"permissions": {
"keys": "[parameters('keysPermissions')]",
"secrets": "[parameters('secretsPermissions')]",
"certificates": "[parameters('certificatePermissions')]"
}
},
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)