I am trying to set up a bicep file to create a KeyVault and wanted to know if there was a function or method to get the user/owner objectid so when I was setting up the keyvault one access policy would be populated? I see when I create one manually my objectid ends up being the objectid, can I get this programmatically?
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = {
name: '${namePrefix}keyvault'
location: location
properties: {
sku: {
family: 'A'
name: 'standard'
}
tenantId: subscription().tenantId
accessPolicies: [
{
objectId: //is there any way to get the person running the script or subscription owner?
tenantId: subscription().tenantId
permissions: {
secrets: [
'all'
]
certificates: [
'all'
]
}
}
]
enabledForDeployment: true
enabledForTemplateDeployment: true
enabledForDiskEncryption: true
enableRbacAuthorization: false
softDeleteRetentionInDays: 90
}
}
I see that there are certain functions available like:
...and was hoping there might be one for this purpose. I looked through the bicep documentation but was having trouble finding one.
As per august 2022, this is not supported, there are few related on github:
Also According to this post there is an internal backlog item to track this feature.