From 5a22291c35bd04f64578a57eda04a6b7b5a385d8 Mon Sep 17 00:00:00 2001 From: zhengchang Date: Tue, 2 Mar 2021 10:27:42 +0800 Subject: [PATCH] add automated key vault to aad --- src/main/arm/mainTemplate.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/main/arm/mainTemplate.json b/src/main/arm/mainTemplate.json index 734b960c..a3f21eeb 100644 --- a/src/main/arm/mainTemplate.json +++ b/src/main/arm/mainTemplate.json @@ -954,7 +954,8 @@ { "name": "aadLinkedTemplateWithCustomSSL", "dependsOn": [ - "[resourceId('Microsoft.Resources/deployments', 'dbLinkedTemplate')]" + "[resourceId('Microsoft.Resources/deployments', 'dbLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', 'keyVaultNestedTemplate')]" ], "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", @@ -1020,13 +1021,13 @@ "keyVaultCustomTrustKeyStorePassPhrase": { "reference": { "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), parameters('adminSSLKeyVaultResourceGroup'), 'Microsoft.KeyVault/vaults', parameters('adminSSLKeyVaultName'))]" + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('keyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" }, - "secretName": "[parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName')]" + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName'), reference('keyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStorePassPhraseSecretName.value)]" } }, "keyVaultCustomTrustKeyStoreType": { - "value": "[parameters('keyVaultCustomTrustKeyStoreType')]" + "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" } } }