Another note for myself. I wanted to use this to give my app access to the entire account. I thought they would be a property of pulumi_azure_native.storage.StorageAccount but they’re not. Instead you need to call pulumi_azure_native.storage.list_storage_account_keys().
import pulumi
import pulumi_azure_native as azure_native
config = pulumi.Config()
# Create a Resource Group
resource_group_name = config.require("resourceGroupName")
location = config.require("location")
resource_group = azure_native.resources.ResourceGroup(
resource_group_name, resource_group_name=resource_group_name, location=location
)
# Create a Storage Account
storage_account = azure_native.storage.StorageAccount(
config.require("storageAccountName"),
resource_group_name=resource_group.name,
sku=azure_native.storage.SkuArgs(
name=azure_native.storage.SkuName.STANDARD_LRS,
),
kind=azure_native.storage.Kind.STORAGE_V2,
location=resource_group.location,
)
# fetch primary key
storage_account_primary_key = (
pulumi.Output.all(resource_group.name, storage_account.name)
.apply(lambda args: azure_native.storage.list_storage_account_keys(resource_group_name=args[0], account_name=args[1]))
.apply(lambda accountKeys: pulumi.Output.secret(accountKeys.keys[0].value))
)