How to dynamically get certificate thumbprint in ARM template from certificate in Azure key vault?

1
votes

How can I get a certifcate's thumbprint in an ARM template, where the certificate is stored in Azure key vault? The reason being I would like to dynamically get the certificate thumbprint by simply providing the name rather than hard-coding the thumbprint in the parameters file. I know with secrets, you are able to get the latest URl by using secretUriWithVersion, but is there an equivalent for certificate thumbprints?

1
azureazure-resource-managerazure-keyvaultarm-template

1 Answers

0
votes

It depends a bit on the resource... some resources will want the thumbprint as a "secret" some as a "cert" in keyvault... if the resource uses a secret you can use this approach:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/key-vault-parameter?tabs=azure-cli

You can pull secret info from a vault during deployment, by not keys.

That help?