Skip to content

Commit

Permalink
udpate keyvault access policy resource object for principal app
Browse files Browse the repository at this point in the history
  • Loading branch information
wuxu92 committed Feb 8, 2023
1 parent b640745 commit fac7550
Showing 1 changed file with 15 additions and 1 deletion.
16 changes: 15 additions & 1 deletion website/docs/r/key_vault_access_policy.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,20 @@ resource "azurerm_key_vault_access_policy" "example" {
"Get",
]
}
data "azuread_service_principal" "example" {
display_name = "expamle-app"
}
resource "azurerm_key_vault_access_policy" "example-pricipal" {
key_vault_id = azurerm_key_vault.bug_kv.id
tenant_id = data.azurerm_client_config.current.tenant_id
object_id = data.azuread_service_principal.example.id
key_permissions = [
"Get", "List", "Encrypt", "Decrypt"
]
}
```

## Argument Reference
Expand All @@ -55,7 +69,7 @@ The following arguments are supported:

* `tenant_id` - (Required) The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

* `object_id` - (Required) The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.
* `object_id` - (Required) The ID of service principal or the object ID of a user or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

* `application_id` - (Optional) The object ID of an Application in Azure Active Directory. Changing this forces a new resource to be created.

Expand Down

0 comments on commit fac7550

Please sign in to comment.