Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Create KeyVault to store the secrets
- $kv_name = 'kvnamecv1'
- $keyvault_rg = 'keyvaultrg1'
- $keyvault_rg_location = 'westeurope'
- az group create --name $keyvault_rg --location $keyvault_rg_location
- az keyvault create --name $kv_name --resource-group $keyvault_rg --enabled-for-template-deployment --enabled-for-deployment
- ###END
- # Save Service Principal password
- $sp_pass_secret_name = 'sppasswordsecret' # Any name works
- $sp_pass = 'Client Secret'
- az keyvault secret set -n $sp_pass_secret_name --vault-name $kv_name --description sp_password_secret --value $sp_pass
- # Push the certificates to the KeyVault (Be sure to be in the right folder _output/[dnsprefix])
- az keyvault secret set --vault-name $kv_name --name ca-crt --value "$([Convert]::ToBase64String((Get-content -path .\ca.crt -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name ca-key --value "$([Convert]::ToBase64String((Get-content -path .\ca.key -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubernetes-api-crt --value "$([Convert]::ToBase64String((Get-content -path .\apiserver.crt -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubernetes-api-key --value "$([Convert]::ToBase64String((Get-content -path .\apiserver.key -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubernetes-client-crt --value "$([Convert]::ToBase64String((Get-content -path .\client.crt -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubernetes-client-key --value "$([Convert]::ToBase64String((Get-content -path .\client.key -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubeconfig-crt --value "$([Convert]::ToBase64String((Get-content -path .\kubectlClient.crt -Encoding byte)))"
- az keyvault secret set --vault-name $kv_name --name kubeconfig-key --value "$([Convert]::ToBase64String((Get-content -path .\kubectlClient.key -Encoding byte)))"
Add Comment
Please, Sign In to add comment