Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve docs of vault.Secret and vault.Key #3794

Open
thomas11 opened this issue Dec 16, 2024 · 2 comments
Open

Improve docs of vault.Secret and vault.Key #3794

thomas11 opened this issue Dec 16, 2024 · 2 comments
Labels
area/docs Improvements or additions to documentation kind/documentation Improvements or additions to documentation kind/enhancement Improvements or new features kv keyvault

Comments

@thomas11
Copy link
Contributor

Currently, their descriptions are simply

Resource information with extended details.

and

The key resource.

which is unhelpful.

We should also document how to create a certificate, since there's no dedicated resource for certs.
@thomas11 thomas11 added area/docs Improvements or additions to documentation kind/documentation Improvements or additions to documentation kind/enhancement Improvements or new features kv keyvault labels Dec 16, 2024
@isaac-jordan
Copy link

@thomas11 Any pointers on how to create a certificate in this case? Struggling to find out how to do it.

@thomas11
Copy link
Contributor Author

Hi @isaac-jordan, the Pulumi provider doesn't support the Key Vault certificate API at this point, since it's not modeled in the Azure resource API spec. You have some options, though:

  1. Create the certificate locally, using any library of your choice, and store it in KV as an opaque blob. We've done that on occasion.
const certificateSecret = new azureNative.keyvault.Secret("certificateSecret", {
    resourceGroupName: resourceGroup.name,
    vaultName: keyVault.name,
    secretName: "myCertificate",
    properties: {
        value: "<base64-encoded-certificate>", // Replace with your base64-encoded certificate
    },
});

  1. Use the KV SDKs directly in your program, probably inside an apply.

  2. Use the Command provider to model a command to create the certificate - maybe using az - as a proper Pulumi resource.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/docs Improvements or additions to documentation kind/documentation Improvements or additions to documentation kind/enhancement Improvements or new features kv keyvault
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thomas11 @isaac-jordan