The Azure Quickstart templates are currently available in English
This module allows you to create a KeyVault.
Questo modello di Azure Resource Manager è stato creato da un membro della community e non da Microsoft. Ogni modello di Azure Resource Manager viene concesso in licenza ai sensi di un contratto di licenza a cura del proprietario e non di Microsoft. Microsoft non è responsabile dei modelli di Azure Resource Manager forniti e concessi in licenza da membri della community e non ne verifica la sicurezza, la compatibilità o le prestazioni. I modelli di Azure Resource Manager della community non sono supportati nell'ambito di alcun programma o servizio di supporto tecnico Microsoft e vengono resi disponibili COSÌ COME SONO senza garanzie di alcun tipo.
Parametri
| Nome parametro | Descrizione |
|---|---|
| vaultName | Specifies the name of the KeyVault, this value must be globally unique. |
| location | Specifies the Azure location where the key vault should be created. |
| enabledForDeployment | Specifies whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
| enabledForDiskEncryption | Specifies whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
| enabledForTemplateDeployment | Specifies whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
| enablePurgeProtection | Property specifying whether protection against purge is enabled for this vault. This property does not accept false but enabled here to allow for this to be optional, if false, the property will not be set. |
| enableRbacAuthorization | Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. |
| enableSoftDelete | Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
| softDeleteRetentionInDays | softDelete data retention days, only used if enableSoftDelete is true. It accepts >=7 and <=90. |
| tenantId | Specifies the Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Get it by using Get-AzSubscription cmdlet. |
| networkRuleBypassOptions | Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'. |
| NetworkRuleAction | The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated. |
| ipRules | An array of IPv4 addresses or rangea in CIDR notation, e.g. '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78). |
| accessPolicies | An complex object array that contains the complete definition of the access policy. |
| virtualNetworkRules | An array for resourceIds for the virtualNetworks allowed to access the vault. |
| skuName | Specifies whether the key vault is a standard vault or a premium vault. |
| tags | Tags to be assigned to the KeyVault. |
Usa il modello
PowerShell
New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deploymentInstallare e configurare Azure PowerShell
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/modules/Microsoft.KeyVault/vaults/1.0/azuredeploy.json
Riga di comando
az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deploymentInstallare e configurare l'interfaccia della riga di comando multipiattaforma di Azure
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/modules/Microsoft.KeyVault/vaults/1.0/azuredeploy.json