Microsoft.Cdn profiles/secrets
Bicep resource definition
The profiles/secrets resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Cdn/profiles/secrets resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Cdn/profiles/secrets@2023-07-01-preview' = {
name: 'string'
parent: resourceSymbolicName
properties: {
parameters: {
type: 'string'
// For remaining properties, see SecretParameters objects
}
}
}
SecretParameters objects
Set the type property to specify the type of object.
For AzureFirstPartyManagedCertificate, use:
type: 'AzureFirstPartyManagedCertificate'
subjectAlternativeNames: [
'string'
]
For CustomerCertificate, use:
type: 'CustomerCertificate'
secretSource: {
id: 'string'
}
secretVersion: 'string'
subjectAlternativeNames: [
'string'
]
useLatestVersion: bool
For ManagedCertificate, use:
type: 'ManagedCertificate'
For UrlSigningKey, use:
type: 'UrlSigningKey'
keyId: 'string'
secretSource: {
id: 'string'
}
secretVersion: 'string'
Property values
profiles/secrets
| Name | Description | Value |
|---|---|---|
| name | The resource name See how to set names and types for child resources in Bicep. |
string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: profiles |
| properties | The JSON object that contains the properties of the Secret to create. | SecretProperties |
SecretProperties
| Name | Description | Value |
|---|---|---|
| parameters | object which contains secret parameters | SecretParameters |
SecretParameters
| Name | Description | Value |
|---|---|---|
| type | Set the object type | AzureFirstPartyManagedCertificate CustomerCertificate ManagedCertificate UrlSigningKey (required) |
AzureFirstPartyManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'AzureFirstPartyManagedCertificate' (required) |
| subjectAlternativeNames | The list of SANs. | string[] |
CustomerCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'CustomerCertificate' (required) |
| secretSource | Resource reference to the Azure Key Vault certificate. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{certificateName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |
| subjectAlternativeNames | The list of SANs. | string[] |
| useLatestVersion | Whether to use the latest version for the certificate | bool |
ResourceReference
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
ManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'ManagedCertificate' (required) |
UrlSigningKeyParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'UrlSigningKey' (required) |
| keyId | Defines the customer defined key Id. This id will exist in the incoming request to indicate the key used to form the hash. | string (required) |
| secretSource | Resource reference to the Azure Key Vault secret. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{secretName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Front Door Standard/Premium with domain and certificate |
This template creates a Front Door Standard/Premium including a custom domain and customer-managed certificate. |
ARM template resource definition
The profiles/secrets resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Cdn/profiles/secrets resource, add the following JSON to your template.
{
"type": "Microsoft.Cdn/profiles/secrets",
"apiVersion": "2023-07-01-preview",
"name": "string",
"properties": {
"parameters": {
"type": "string"
// For remaining properties, see SecretParameters objects
}
}
}
SecretParameters objects
Set the type property to specify the type of object.
For AzureFirstPartyManagedCertificate, use:
"type": "AzureFirstPartyManagedCertificate",
"subjectAlternativeNames": [ "string" ]
For CustomerCertificate, use:
"type": "CustomerCertificate",
"secretSource": {
"id": "string"
},
"secretVersion": "string",
"subjectAlternativeNames": [ "string" ],
"useLatestVersion": "bool"
For ManagedCertificate, use:
"type": "ManagedCertificate"
For UrlSigningKey, use:
"type": "UrlSigningKey",
"keyId": "string",
"secretSource": {
"id": "string"
},
"secretVersion": "string"
Property values
profiles/secrets
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Cdn/profiles/secrets' |
| apiVersion | The resource api version | '2023-07-01-preview' |
| name | The resource name See how to set names and types for child resources in JSON ARM templates. |
string (required) |
| properties | The JSON object that contains the properties of the Secret to create. | SecretProperties |
SecretProperties
| Name | Description | Value |
|---|---|---|
| parameters | object which contains secret parameters | SecretParameters |
SecretParameters
| Name | Description | Value |
|---|---|---|
| type | Set the object type | AzureFirstPartyManagedCertificate CustomerCertificate ManagedCertificate UrlSigningKey (required) |
AzureFirstPartyManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'AzureFirstPartyManagedCertificate' (required) |
| subjectAlternativeNames | The list of SANs. | string[] |
CustomerCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'CustomerCertificate' (required) |
| secretSource | Resource reference to the Azure Key Vault certificate. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{certificateName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |
| subjectAlternativeNames | The list of SANs. | string[] |
| useLatestVersion | Whether to use the latest version for the certificate | bool |
ResourceReference
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
ManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'ManagedCertificate' (required) |
UrlSigningKeyParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | 'UrlSigningKey' (required) |
| keyId | Defines the customer defined key Id. This id will exist in the incoming request to indicate the key used to form the hash. | string (required) |
| secretSource | Resource reference to the Azure Key Vault secret. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{secretName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Front Door Standard/Premium with domain and certificate |
This template creates a Front Door Standard/Premium including a custom domain and customer-managed certificate. |
Terraform (AzAPI provider) resource definition
The profiles/secrets resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Cdn/profiles/secrets resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Cdn/profiles/secrets@2023-07-01-preview"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
parameters = {
type = "string"
// For remaining properties, see SecretParameters objects
}
}
})
}
SecretParameters objects
Set the type property to specify the type of object.
For AzureFirstPartyManagedCertificate, use:
type = "AzureFirstPartyManagedCertificate"
subjectAlternativeNames = [
"string"
]
For CustomerCertificate, use:
type = "CustomerCertificate"
secretSource = {
id = "string"
}
secretVersion = "string"
subjectAlternativeNames = [
"string"
]
useLatestVersion = bool
For ManagedCertificate, use:
type = "ManagedCertificate"
For UrlSigningKey, use:
type = "UrlSigningKey"
keyId = "string"
secretSource = {
id = "string"
}
secretVersion = "string"
Property values
profiles/secrets
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Cdn/profiles/secrets@2023-07-01-preview" |
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: profiles |
| properties | The JSON object that contains the properties of the Secret to create. | SecretProperties |
SecretProperties
| Name | Description | Value |
|---|---|---|
| parameters | object which contains secret parameters | SecretParameters |
SecretParameters
| Name | Description | Value |
|---|---|---|
| type | Set the object type | AzureFirstPartyManagedCertificate CustomerCertificate ManagedCertificate UrlSigningKey (required) |
AzureFirstPartyManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | "AzureFirstPartyManagedCertificate" (required) |
| subjectAlternativeNames | The list of SANs. | string[] |
CustomerCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | "CustomerCertificate" (required) |
| secretSource | Resource reference to the Azure Key Vault certificate. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{certificateName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |
| subjectAlternativeNames | The list of SANs. | string[] |
| useLatestVersion | Whether to use the latest version for the certificate | bool |
ResourceReference
| Name | Description | Value |
|---|---|---|
| id | Resource ID. | string |
ManagedCertificateParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | "ManagedCertificate" (required) |
UrlSigningKeyParameters
| Name | Description | Value |
|---|---|---|
| type | The type of the secret resource. | "UrlSigningKey" (required) |
| keyId | Defines the customer defined key Id. This id will exist in the incoming request to indicate the key used to form the hash. | string (required) |
| secretSource | Resource reference to the Azure Key Vault secret. Expected to be in format of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{secretName} | ResourceReference (required) |
| secretVersion | Version of the secret to be used | string |