Azure · Azure ARM Template

{Azure ARM Template} Reference Key Vault Secret in ARM to retrieve secret value

My previous blog I have explained how to create CDS API Connection using service principle. As you know service principle requires ClienttId, Client Secret and TenantId.

ClientId and Client secret values are sensitive information and should not be stored in parameter file directly.

To achieve this we will have to reference Azure Key Vault in template parameter file and specify resource ID, Secret name.

"clientId": {
            "reference": {
                "keyVault": {
                "id": "/subscriptions/[subscription ID]/resourceGroups/[RG Name]/providers/Microsoft.KeyVault/vaults/[Key vault Name]"
                },
                "secretName": "DynamicsClientId"
            }
        },
        "clientSecret": {
            "reference": {
                "keyVault": {
                "id": "/subscriptions/[subscription ID]/resourceGroups/[RG Name]/providers/Microsoft.KeyVault/vaults/[Key vault Name]"
                },
                "secretName": "DynamicsClientSecret"
            }
        }

Replace [placeholder] with actual value and you are good to go. Now use this parameter in main template file. Secret value will be extracted during runtime and will be available in main template.

Azure key vault reference explained above uses Static ID meaning Azure key vault resource id needs to provided in parameter file.

Hope this helps!

One thought on “{Azure ARM Template} Reference Key Vault Secret in ARM to retrieve secret value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s