Initial module commit

README.md

@@ -1,2 +1,49 @@
 # terraform-azurerm-keyvault-secrets
 Terraform module for Azure Key Vault Secrets
+
+Azure Key Vault is a cloud-based service provided by Microsoft Azure that enables you to securely store and manage cryptographic keys, secrets, and certificates.
+
+Using Azure Key Vault, you can protect your sensitive application data and maintain control over access to your data by storing it in a central location that's highly available, scalable, and durable. Key Vault is designed to simplify key management and streamline access to your cryptographic keys and secrets, which can be used by your applications and services in Azure or outside of Azure.
+
+This module creates:
+- Azure Key Vault Secrets
+
+This module WON'T create:
+- Azure Key Vault
+
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.1 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >=3.65 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | >=3.65 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_key_vault_secret.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_key_vault_id"></a> [key\_vault\_id](#input\_key\_vault\_id) | (Required) The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| <a name="input_secrets"></a> [secrets](#input\_secrets) | (Required) A list of Key Vault Secrets to create. | <pre>list(object({<br>    name            = string<br>    value           = optional(string, " ")<br>    content_type    = optional(string, null)<br>    not_before_date = optional(string, null)<br>    expiration_date = optional(string, null)<br>    tags            = optional(map(string), null)<br>  }))</pre> | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->

examples/complete/README.md

@@ -0,0 +1,3 @@
+# Azure Key Vault Secret Complete Example
+
+This example shows how to deploy a complete Azure Key Vault list of Secrets.

examples/complete/main.tf

@@ -0,0 +1,50 @@
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "this" {
+  name     = "rg-terraform-northeu-001"
+  location = "northeurope"
+}
+
+module "key-vault" {
+  source = "Retoxx-dev/keyvault/azurerm"
+  version = "1.0.0"
+
+  name                = "kv-terraform-northeu-001"
+  resource_group_name = azurerm_resource_group.this.name
+  location            = azurerm_resource_group.this.location
+
+  sku_name = "standard"
+
+  public_network_access_enabled = false
+
+  self_service_principal_id = "00000000-0000-0000-0000-000000000000"
+
+  network_acls = {
+    bypass                     = "AzureServices"
+    default_action             = "Deny"
+    ip_rules                   = ["IP1"]
+    virtual_network_subnet_ids = []
+  }
+}
+
+module "key-vault-secrets" {
+    source = "Retoxx-dev/keyvault-secrets/azurerm"
+    version = "1.0.0"
+
+    key_vault_id = module.key-vault.id
+
+    secrets = [
+        {
+            name = "Ultra Secret"
+        },
+        {
+            name = "Super Secret"
+            content_type = "text/plain"
+            tags = {
+                "Environment" = "Dev"
+            }
+        }
+    ]
+}

main.tf

@@ -0,0 +1,22 @@
+#################################################################
+# KEY VAULT SECRETS
+#################################################################
+
+resource "azurerm_key_vault_secret" "this" {
+  for_each     = { for secret in var.secrets : secret.name => secret }
+  name         = each.value.name
+  value        = each.value.value
+  content_type = each.value.content_type
+
+  key_vault_id    = var.key_vault_id
+  not_before_date = each.value.not_before_date
+  expiration_date = each.value.expiration_date
+
+  tags = each.value.tags
+
+  lifecycle {
+    ignore_changes = [
+      value
+    ]
+  }
+}

variables.tf

@@ -0,0 +1,20 @@
+#################################################################
+# KEY VAULT SECRETS
+#################################################################
+
+variable "key_vault_id" {
+  type        = string
+  description = "(Required) The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created."
+}
+
+variable "secrets" {
+  type = list(object({
+    name            = string
+    value           = optional(string, " ")
+    content_type    = optional(string, null)
+    not_before_date = optional(string, null)
+    expiration_date = optional(string, null)
+    tags            = optional(map(string), null)
+  }))
+  description = "(Required) A list of Key Vault Secrets to create."
+}

versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.3.1"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.65"
+    }
+  }
+}