How to use password stored in Key Vault as Admin Password in the VM. Terraform snippet
Access to azure key vault happening via data source description. For example we need to access secret data in this key vault create in Azure resource group MacroLifeRG
In the terraform file to access key vault secret data need to define that like datasource as per example below:
data "azurerm_key_vault_secret" "myPass" {
name = "myAdminPass"
vault_uri = "https://macrolifekeys.vault.azure.net/"
}
For variable “name” value taken from Key vault Secret name:
Access stored secret data and use it in future resource creation can be done by calling data.azurerm_key_vault_secret.myPass.value:
resource "azurerm_windows_virtual_machine" "sqlmachine" {
name = "Dev_SQL_VM"
computer_name = "dbserver"
resource_group_name = var.resource_group_name
location = var.location_name
size = "Standard_B4ms"
admin_username = "adminuser"
admin_password = data.azurerm_key_vault_secret.myPass.value
network_interface_ids = [
azurerm_network_interface.dbserver-nic.id,
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2016-Datacenter"
version = "latest"
}
}