I have multiple object ids to add in the key vault's acces policies. So I have an array of objectId and i'm looping through it. But I get this error: An invalid value was provided for 'accessPolicies'. My code is based on this one: https://collab365.community/azure-keyvault-set-multiple-access-policies-using-the-arm-template/
This is a part of my arm template:
"parameters": {
"kvAccessPolicies": {
"type": "array",
"metadata": {
"description": "Access Ids for KeyVaults"
},
"defaultValue": [
"none"
]
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults/accessPolicies",
"name": "[concat(parameters('keyVaultName'), '/add')]",
"apiVersion": "2019-09-01",
"dependsOn":[
"[parameters('keyVaultName')]"
],
"properties": {
"accessPolicies": [
{
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}
]
}
}
]
This is a part of my parameter file:
"KvAccessPolicies": [
{
"objectId": "85949fj3-t488-4ye3-5i54-2j2jwk5jri3e"
},
{
"objectId": "4ieh345t-6i4r-t5y4-g9t4-7u6jktl5kri4"
}
]
You do not need the accessPolicies property. The copy iterator will use the "name": "accessPolicies", line to add the property for you. Just eliminate that level, bringing the copy block up a level.
"properties": {
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}