Azure · matt-FFFFFF · Mar 1, 2025 · Mar 1, 2025
diff --git a/README.md b/README.md
@@ -10,7 +10,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117, < 5.0)
 
 - <a name="requirement_modtm"></a> [modtm](#requirement\_modtm) (~> 0.3)
 
@@ -534,10 +534,24 @@ Default: `{}`
 
 The following outputs are exported:
 
+### <a name="output_keys"></a> [keys](#output\_keys)
+
+Description: A map of key keys to key values. The key value is the entire azurerm\_key\_vault\_key resource.
+
+The key value contains the following attributes:
+- id: The Key Vault Key ID
+- resource\_id: The Azure resource id of the key.
+- resource\_versionless\_id: The versionless Azure resource id of the key.
+- versionless\_id: The Base ID of the Key Vault Key
+
 ### <a name="output_keys_resource_ids"></a> [keys\_resource\_ids](#output\_keys\_resource\_ids)
 
 Description: A map of key keys to resource ids.
 
+### <a name="output_name"></a> [name](#output\_name)
+
+Description: The name of the key vault.
+
 ### <a name="output_private_endpoints"></a> [private\_endpoints](#output\_private\_endpoints)
 
 Description: A map of private endpoints. The map key is the supplied input to var.private\_endpoints. The map value is the entire azurerm\_private\_endpoint resource.
@@ -546,6 +560,16 @@ Description: A map of private endpoints. The map key is the supplied input to va
 
 Description: The Azure resource id of the key vault.
 
+### <a name="output_secrets"></a> [secrets](#output\_secrets)
+
+Description: A map of secret keys to secret values. The secret value is the entire azurerm\_key\_vault\_secret resource.
+
+The secret value contains the following attributes:
+- id: The Key Vault Secret ID
+- resource\_id: The Azure resource id of the secret.
+- resource\_versionless\_id: The versionless Azure resource id of the secret.
+- versionless\_id: The Base ID of the Key Vault Secret
+
 ### <a name="output_secrets_resource_ids"></a> [secrets\_resource\_ids](#output\_secrets\_resource\_ids)
 
 Description: A map of secret keys to resource ids.

diff --git a/examples/access-policies/README.md b/examples/access-policies/README.md
@@ -13,7 +13,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -28,7 +28,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -75,7 +75,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117)
 
 - <a name="requirement_random"></a> [random](#requirement\_random) (~> 3.5)
 
@@ -130,7 +130,7 @@ Version: 0.3.0
 
 Source: Azure/avm-utl-regions/azurerm
 
-Version: 0.1.0
+Version: 0.3.0
 
 <!-- markdownlint-disable-next-line MD041 -->
 ## Data Collection

diff --git a/examples/access-policies/main.tf b/examples/access-policies/main.tf
@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -22,7 +22,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.

diff --git a/examples/create-key/README.md b/examples/create-key/README.md
@@ -13,7 +13,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     http = {
       source  = "hashicorp/http"
@@ -107,7 +107,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117)
 
 - <a name="requirement_http"></a> [http](#requirement\_http) (~> 3.4)
 

diff --git a/examples/create-key/main.tf b/examples/create-key/main.tf
@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     http = {
       source  = "hashicorp/http"

diff --git a/examples/create-secret/README.md b/examples/create-secret/README.md
@@ -13,7 +13,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     http = {
       source  = "hashicorp/http"
@@ -28,7 +28,7 @@ terraform {
 
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -91,6 +91,10 @@ module "key_vault" {
     ip_rules = ["${data.http.ip.response_body}/32"]
   }
 }
+
+output "secrets" {
+  value = module.key_vault.secrets
+}
 ```
 
 <!-- markdownlint-disable MD033 -->
@@ -100,7 +104,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117)
 
 - <a name="requirement_http"></a> [http](#requirement\_http) (~> 3.4)
 
@@ -136,7 +140,11 @@ Default: `true`
 
 ## Outputs
 
-No outputs.
+The following outputs are exported:
+
+### <a name="output_secrets"></a> [secrets](#output\_secrets)
+
+Description: n/a
 
 ## Modules
 
@@ -158,7 +166,7 @@ Version: 0.3.0
 
 Source: Azure/avm-utl-regions/azurerm
 
-Version: 0.1.0
+Version: 0.3.0
 
 <!-- markdownlint-disable-next-line MD041 -->
 ## Data Collection

diff --git a/examples/create-secret/main.tf b/examples/create-secret/main.tf
@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     http = {
       source  = "hashicorp/http"
@@ -22,7 +22,7 @@ terraform {
 
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -85,3 +85,7 @@ module "key_vault" {
     ip_rules = ["${data.http.ip.response_body}/32"]
   }
 }
+
+output "secrets" {
+  value = module.key_vault.secrets
+}
diff --git a/examples/default/README.md b/examples/default/README.md
@@ -13,7 +13,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -28,7 +28,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -53,19 +53,11 @@ resource "azurerm_resource_group" "this" {
 module "keyvault" {
   source = "../../"
   # source              = "Azure/avm-res-keyvault-vault/azurerm"
-  name                           = module.naming.key_vault.name_unique
-  enable_telemetry               = var.enable_telemetry
-  location                       = azurerm_resource_group.this.location
-  resource_group_name            = azurerm_resource_group.this.name
-  tenant_id                      = data.azurerm_client_config.this.tenant_id
-  legacy_access_policies_enabled = true
-  legacy_access_policies = {
-    test = {
-      object_id          = data.azurerm_client_config.this.object_id
-      tenant_id          = data.azurerm_client_config.this.tenant_id
-      secret_permissions = ["Get", "List"]
-    }
-  }
+  name                = module.naming.key_vault.name_unique
+  enable_telemetry    = var.enable_telemetry
+  location            = azurerm_resource_group.this.location
+  resource_group_name = azurerm_resource_group.this.name
+  tenant_id           = data.azurerm_client_config.this.tenant_id
 }
 ```
 
@@ -76,7 +68,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117)
 
 - <a name="requirement_random"></a> [random](#requirement\_random) (~> 3.5)
 
@@ -131,7 +123,7 @@ Version: 0.3.0
 
 Source: Azure/avm-utl-regions/azurerm
 
-Version: 0.1.0
+Version: 0.3.0
 
 <!-- markdownlint-disable-next-line MD041 -->
 ## Data Collection

diff --git a/examples/default/main.tf b/examples/default/main.tf
@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -22,7 +22,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -47,17 +47,9 @@ resource "azurerm_resource_group" "this" {
 module "keyvault" {
   source = "../../"
   # source              = "Azure/avm-res-keyvault-vault/azurerm"
-  name                           = module.naming.key_vault.name_unique
-  enable_telemetry               = var.enable_telemetry
-  location                       = azurerm_resource_group.this.location
-  resource_group_name            = azurerm_resource_group.this.name
-  tenant_id                      = data.azurerm_client_config.this.tenant_id
-  legacy_access_policies_enabled = true
-  legacy_access_policies = {
-    test = {
-      object_id          = data.azurerm_client_config.this.object_id
-      tenant_id          = data.azurerm_client_config.this.tenant_id
-      secret_permissions = ["Get", "List"]
-    }
-  }
+  name                = module.naming.key_vault.name_unique
+  enable_telemetry    = var.enable_telemetry
+  location            = azurerm_resource_group.this.location
+  resource_group_name = azurerm_resource_group.this.name
+  tenant_id           = data.azurerm_client_config.this.tenant_id
 }
diff --git a/examples/diagnostic-settings/README.md b/examples/diagnostic-settings/README.md
@@ -9,7 +9,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -28,7 +28,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.
@@ -80,7 +80,7 @@ The following requirements are needed by this module:
 
 - <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
 
-- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.87)
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.117)
 
 - <a name="requirement_random"></a> [random](#requirement\_random) (~> 3.5)
 
@@ -136,7 +136,7 @@ Version: 0.3.0
 
 Source: Azure/avm-utl-regions/azurerm
 
-Version: 0.1.0
+Version: 0.3.0
 
 <!-- markdownlint-disable-next-line MD041 -->
 ## Data Collection

diff --git a/examples/diagnostic-settings/main.tf b/examples/diagnostic-settings/main.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.87"
+      version = ">= 3.117"
     }
     random = {
       source  = "hashicorp/random"
@@ -22,7 +22,7 @@ data "azurerm_client_config" "this" {}
 # This allows us to randomize the region for the resource group.
 module "regions" {
   source  = "Azure/avm-utl-regions/azurerm"
-  version = "0.1.0"
+  version = "0.3.0"
 }
 
 # This allows us to randomize the region for the resource group.