add keyvault resource group

luxu-ms · Feb 29, 2024 · 35a91bd · 35a91bd
1 parent 3763db8
commit 35a91bd
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 9 deletions.
diff --git a/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/cosmos-account.bicep b/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/cosmos-account.bicep
@@ -5,6 +5,7 @@ param tags object = {}
 
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 param keyVaultName string
+param keyVaultResourceGroupName string
 
 @allowed([ 'GlobalDocumentDB', 'MongoDB', 'Parse' ])
 param kind string
@@ -31,18 +32,16 @@ resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' = {
   }
 }
 
-resource cosmosConnectionString 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
-  parent: keyVault
-  name: connectionStringKey
-  properties: {
-    value: cosmos.listConnectionStrings().connectionStrings[0].connectionString
+module cosmosConnectionStringModule './cosmos-connection-string.bicep' = {
+  name: 'cosmosConnectionStringModule'
+  scope: resourceGroup(keyVaultResourceGroupName)
+  params: {
+    keyVaultName: keyVaultName
+    connectionStringKey: connectionStringKey
+    connectionString: cosmos.listConnectionStrings().connectionStrings[0].connectionString
   }
 }
 
-resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
-  name: keyVaultName
-}
-
 output connectionStringKey string = connectionStringKey
 output endpoint string = cosmos.properties.documentEndpoint
 output id string = cosmos.id

diff --git a/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/cosmos-connection-string.bicep b/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/cosmos-connection-string.bicep
@@ -0,0 +1,15 @@
+param keyVaultName string
+param connectionStringKey string
+param connectionString string
+
+resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
+  name: keyVaultName
+}
+
+resource cosmosConnectionString 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
+  parent: keyVault
+  name: connectionStringKey
+  properties: {
+    value: connectionString
+  }
+}
diff --git a/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/mongo/cosmos-mongo-account.bicep b/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/mongo/cosmos-mongo-account.bicep
@@ -4,6 +4,7 @@ param location string = resourceGroup().location
 param tags object = {}
 
 param keyVaultName string
+param keyVaultResourceGroupName string
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 
 module cosmos '../../cosmos/cosmos-account.bicep' = {
@@ -13,6 +14,7 @@ module cosmos '../../cosmos/cosmos-account.bicep' = {
     location: location
     connectionStringKey: connectionStringKey
     keyVaultName: keyVaultName
+    keyVaultResourceGroupName: keyVaultResourceGroupName
     kind: 'MongoDB'
     tags: tags
   }

diff --git a/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/mongo/cosmos-mongo-db.bicep b/Environments/Todo-Nodejs-Mongo-AKS/core/database/cosmos/mongo/cosmos-mongo-db.bicep
@@ -7,13 +7,15 @@ param tags object = {}
 param collections array = []
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 param keyVaultName string
+param keyVaultResourceGroupName string
 
 module cosmos 'cosmos-mongo-account.bicep' = {
   name: 'cosmos-mongo-account'
   params: {
     name: accountName
     location: location
     keyVaultName: keyVaultName
+    keyVaultResourceGroupName: keyVaultResourceGroupName
     tags: tags
     connectionStringKey: connectionStringKey
   }