AzureResource¶
Deploys specific azure resource
Specifications¶
Use resourceType key to determine Azure Resource Type.
Keys¶
| Name | Type | Mandatory | Description | Default | Example |
|---|---|---|---|---|---|
| resourceType | string | true | Azure Resource Type | - | AzKeyVault |
| name | string | true | technical name (dune) | - | azkeyvault |
| displayName | string | true | displayName (dune) | - | Azure Key Vault |
| properties | dictionary | true | resource configuration | - | see chapter properties |
| config | dictionary | false | predefined configuration option | - | see chapter config |
| roles | dictionary or string (json) | false | specifies the roles to be assigned for the created resource | - | see chapter roles |
properties¶
Deployment option for the created resource. Use parameter documentation for New-Az* powershell cmdlet
config¶
Some resource type needs additional configuration which needs to be set outside the resource properties, such as allowedIpAddressRange for resourceTpye AzKeyVault. This configuration is precoded and is resourceType specific.
| resourceType | ConfigName | type | Description | Example Values |
|---|---|---|---|---|
| AzKeyVault | allowedIpAddressRange | dictionary | list of public IpAddress or IpAddressRange (CIDR) to be allowed on the KeyVault Firewall | - 20.13.72.0/24 |
roles¶
Specify dictionary with roles with members to be assigned. members can be either group or user (specified with emailaddress) e.g.
in order to specify roles as parameter, it can be specified as json:
roles: '{"Key Vault Administrator":["Engineers","john.doe@yendico.ch"]}'
Example¶
resources:
- type: azureResource
resourceType: AzKeyVault
name: azkeyvault
displayName: Azure Key Vault
properties:
name: keyvaultname
EnabledForDiskEncryption: true
EnablePurgeProtection: true
config:
allowedIpAddressRange:
- 20.13.72.0/24
roles:
Key Vault Administrator:
- Engineers
- john.doe@yendico.ch