I’m trying to find a way to dynamically add new access policies to an Azure Key Vault resource.
My base stack is Pulumi (azure-native) which doesn’t provide the functionality to do that; it only allows to add access policies when creating the Key Vault resource.
Apparently, there are some Python SDKs for working with Azure Key Vault, but I couldn’t find a way to use them for managing access policies.
Does any of the Azure Key Vault Python SDKs provide a way to add access policies to Key Vault? If not, what are my choices (alternative solutions) here?
>Solution :
Manages a Key Vault Access Policy.
import pulumi
import pulumi_azure as azure
current = azure.core.get_client_config()
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_key_vault = azure.keyvault.KeyVault("exampleKeyVault",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
tenant_id=current.tenant_id,
sku_name="premium")
example_access_policy = azure.keyvault.AccessPolicy("exampleAccessPolicy",
key_vault_id=example_key_vault.id,
tenant_id=current.tenant_id,
object_id=current.object_id,
key_permissions=["Get"],
secret_permissions=["Get"])