diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf
index e0dc3347..e797cd93 100644
--- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf
+++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf
@@ -7,7 +7,11 @@ locals {
 
   key_vault_id = var.resources.keyvaults[var.settings.keyvault_ref].id
 
-  public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh
+  vm_keys = { for key, ssh_key in var.settings.admin_ssh_key :
+    key => tls_private_key.main[ssh_key.public_key_ref]
+  }
+  private_keys_pem    = { for key, value in local.vm_keys : key => value.private_key_pem }
+  public_keys_openssh = { for key, value in local.vm_keys : key => value.public_key_openssh }
 
   tags = merge(
     var.global_settings.tags,
diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf
index 75488d97..450da51d 100644
--- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf
+++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf
@@ -9,10 +9,10 @@ resource "azurerm_linux_virtual_machine" "main" {
   tags = local.tags
 
   dynamic "admin_ssh_key" {
-    for_each = try(var.settings.admin_ssh_key[*], {})
+    for_each = try(var.settings.admin_ssh_key, {})
     content {
-      username   = try(admin_ssh_key.value.username, null)
-      public_key = try(admin_ssh_key.value.public_key, null)
+      username   = admin_ssh_key.value.username
+      public_key = tls_private_key.main[admin_ssh_key.value.public_key_ref].public_key_openssh
     }
   }
 
diff --git a/src/modules/virtual_machines/linux_virtual_machine/secrets.tf b/src/modules/virtual_machines/linux_virtual_machine/secrets.tf
index 1471855e..1dcecc71 100644
--- a/src/modules/virtual_machines/linux_virtual_machine/secrets.tf
+++ b/src/modules/virtual_machines/linux_virtual_machine/secrets.tf
@@ -1,5 +1,13 @@
-resource "azurerm_key_vault_secret" "main" {
-  name         = "${var.settings.name}-ssh-private-key"
-  value        = local.public_key
+resource "azurerm_key_vault_secret" "private_keys" {
+  for_each     = local.private_keys_pem
+  name         = "${var.settings.name}-${replace(each.key, "_", "-")}-ssh-private-key"
+  value        = each.value
+  key_vault_id = local.key_vault_id
+}
+
+resource "azurerm_key_vault_secret" "public_keys" {
+  for_each     = local.public_keys_openssh
+  name         = "${var.settings.name}-${replace(each.key, "_", "-")}-ssh-public-key"
+  value        = each.value
   key_vault_id = local.key_vault_id
 }