Creating a Microsoft.KeyVault/vaults/certificates #10037
Description
Bicep version
Bicep CLI version 0.14.85 (f4a4d48)
Describe the bug
I'm trying to create a certificate. Basically, az keyvault certificate create -n certificatetosign --vault-name vaultname -p @policy.json . I can see TF has an endpoint in the Azure Provider link
To Reproduce
Steps to reproduce the behavior:
- create a kv and try creating a certificate
param keyVaultName string = 'kv-${uniqueString(resourceGroup().id)}'
param certificateName string = 'cert-${uniqueString(resourceGroup().id)}'
param issuerName string = 'Self'
param subjectName string = 'CN=contoso.com'
resource keyVault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = {
name: keyVaultName
location: resourceGroup().location
properties: {
sku: {
name: 'standard'
family: 'A'
}
tenantId: subscription().tenantId
accessPolicies: [
{
tenantId: subscription().tenantId
objectId: 'f520d84c-3fd3-4cc8-88d4-2ed25b00d27a'
permissions: {
keys: [
'get'
'create'
'delete'
'list'
'update'
'import'
'backup'
'restore'
'recover'
'purge'
]
secrets: [
'get'
'list'
'set'
'delete'
'backup'
'restore'
'recover'
'purge'
]
certificates: [
'get'
'list'
'delete'
'create'
'import'
'update'
'managecontacts'
'manageissuers'
'getissuers'
'listissuers'
'setissuers'
'deleteissuers'
'purge'
'recover'
]
}
}
]
enableSoftDelete: true
softDeleteRetentionInDays: 90
enableRbacAuthorization: false
networkAcls: {
defaultAction: 'Allow'
bypass: 'AzureServices'
}
}
}
resource certificate 'Microsoft.KeyVault/vaults/certificates@2021-06-01-preview' = {
name: '${keyVault.name}/${certificateName}'
properties: {
certificatePolicy: {
issuerParameters: {
name: 'Self'
certificateTransparency: null
}
x509CertificateProperties: {
subject: 'CN=wabbit-networks.io,O=Notary,L=Seattle,ST=WA,C=US'
validityInMonths: 60
enhancedKeyUsage: [ 'ServerAuthentication' ]
keyUsage: [ 'digitalSignature' ]
ekus: [ '1.3.6.1.5.5.7.3.3' ]
}
}
}
}