Module keyvault

keyvault

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-azure repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-azurerm repo.
class pulumi_azure.keyvault.AccessPolicy(resource_name, opts=None, application_id=None, certificate_permissions=None, key_permissions=None, key_vault_id=None, object_id=None, resource_group_name=None, secret_permissions=None, storage_permissions=None, tenant_id=None, vault_name=None, __props__=None, __name__=None, __opts__=None)

Manages a Key Vault Access Policy.

NOTE: It’s possible to define Key Vault Access Policies both within the keyvault.KeyVault resource via the access_policy block and by using the keyvault.AccessPolicy resource. However it’s not possible to use both methods to manage Access Policies within a KeyVault, since there’ll be conflicts.

NOTE: Azure permits a maximum of 1024 Access Policies per Key Vault - more information can be found in this document.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • application_id (pulumi.Input[str]) – The object ID of an Application in Azure Active Directory.
  • certificate_permissions (pulumi.Input[list]) – List of certificate permissions, must be one or more from the following: backup, create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, restore, setissuers and update.
  • key_permissions (pulumi.Input[list]) – List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.
  • key_vault_id (pulumi.Input[str]) – Specifies the id of the Key Vault resource. Changing this forces a new resource to be created.
  • object_id (pulumi.Input[str]) – The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.
  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.
  • secret_permissions (pulumi.Input[list]) – List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.
  • storage_permissions (pulumi.Input[list]) – List of storage permissions, must be one or more from the following: backup, delete, deletesas, get, getsas, list, listsas, purge, recover, regeneratekey, restore, set, setsas and update.
  • tenant_id (pulumi.Input[str]) – The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.
  • vault_name (pulumi.Input[str]) – Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.
application_id = None

The object ID of an Application in Azure Active Directory.

certificate_permissions = None

List of certificate permissions, must be one or more from the following: backup, create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, restore, setissuers and update.

key_permissions = None

List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.

key_vault_id = None

Specifies the id of the Key Vault resource. Changing this forces a new resource to be created.

object_id = None

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

resource_group_name = None

The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.

secret_permissions = None

List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.

storage_permissions = None

List of storage permissions, must be one or more from the following: backup, delete, deletesas, get, getsas, list, listsas, purge, recover, regeneratekey, restore, set, setsas and update.

tenant_id = None

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

vault_name = None

Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.

static get(resource_name, id, opts=None, application_id=None, certificate_permissions=None, key_permissions=None, key_vault_id=None, object_id=None, resource_group_name=None, secret_permissions=None, storage_permissions=None, tenant_id=None, vault_name=None)

Get an existing AccessPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] application_id: The object ID of an Application in Azure Active Directory. :param pulumi.Input[list] certificate_permissions: List of certificate permissions, must be one or more from

the following: backup, create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, restore, setissuers and update.
Parameters:
  • key_permissions (pulumi.Input[list]) – List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.
  • key_vault_id (pulumi.Input[str]) – Specifies the id of the Key Vault resource. Changing this forces a new resource to be created.
  • object_id (pulumi.Input[str]) – The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.
  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.
  • secret_permissions (pulumi.Input[list]) – List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.
  • storage_permissions (pulumi.Input[list]) – List of storage permissions, must be one or more from the following: backup, delete, deletesas, get, getsas, list, listsas, purge, recover, regeneratekey, restore, set, setsas and update.
  • tenant_id (pulumi.Input[str]) – The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.
  • vault_name (pulumi.Input[str]) – Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.
translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_azure.keyvault.AwaitableGetAccessPolicyResult(certificate_permissions=None, key_permissions=None, name=None, secret_permissions=None, id=None)
class pulumi_azure.keyvault.AwaitableGetKeyResult(e=None, key_opts=None, key_size=None, key_type=None, key_vault_id=None, n=None, name=None, tags=None, vault_uri=None, version=None, id=None)
class pulumi_azure.keyvault.AwaitableGetKeyVaultResult(access_policies=None, enabled_for_deployment=None, enabled_for_disk_encryption=None, enabled_for_template_deployment=None, location=None, name=None, network_acls=None, resource_group_name=None, sku=None, sku_name=None, tags=None, tenant_id=None, vault_uri=None, id=None)
class pulumi_azure.keyvault.AwaitableGetSecretResult(content_type=None, key_vault_id=None, name=None, tags=None, value=None, vault_uri=None, version=None, id=None)
class pulumi_azure.keyvault.Certifiate(resource_name, opts=None, certificate=None, certificate_policy=None, key_vault_id=None, name=None, tags=None, vault_uri=None, __props__=None, __name__=None, __opts__=None)

Manages a Key Vault Certificate.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • certificate (pulumi.Input[dict]) – A certificate block as defined below, used to Import an existing certificate.
  • certificate_policy (pulumi.Input[dict]) – A certificate_policy block as defined below.
  • key_vault_id (pulumi.Input[str]) – The ID of the Key Vault where the Certificate should be created.
  • name (pulumi.Input[str]) – The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.
certificate = None

A certificate block as defined below, used to Import an existing certificate.

certificate_data = None

The raw Key Vault Certificate.

certificate_policy = None

A certificate_policy block as defined below.

key_vault_id = None

The ID of the Key Vault where the Certificate should be created.

name = None

The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

secret_id = None

The ID of the associated Key Vault Secret.

tags = None

A mapping of tags to assign to the resource.

thumbprint = None

The X509 Thumbprint of the Key Vault Certificate returned as hex string.

version = None

The current version of the Key Vault Certificate.

static get(resource_name, id, opts=None, certificate=None, certificate_data=None, certificate_policy=None, key_vault_id=None, name=None, secret_id=None, tags=None, thumbprint=None, vault_uri=None, version=None)

Get an existing Certifiate resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] certificate: A certificate block as defined below, used to Import an existing certificate. :param pulumi.Input[str] certificate_data: The raw Key Vault Certificate. :param pulumi.Input[dict] certificate_policy: A certificate_policy block as defined below. :param pulumi.Input[str] key_vault_id: The ID of the Key Vault where the Certificate should be created. :param pulumi.Input[str] name: The name of the Certificate Issuer. Possible values include Self, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created. :param pulumi.Input[str] secret_id: The ID of the associated Key Vault Secret. :param pulumi.Input[dict] tags: A mapping of tags to assign to the resource. :param pulumi.Input[str] thumbprint: The X509 Thumbprint of the Key Vault Certificate returned as hex string. :param pulumi.Input[str] version: The current version of the Key Vault Certificate.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_azure.keyvault.GetAccessPolicyResult(certificate_permissions=None, key_permissions=None, name=None, secret_permissions=None, id=None)

A collection of values returned by getAccessPolicy.

certificate_permissions = None

the certificate permissions for the access policy

key_permissions = None

the key permissions for the access policy

secret_permissions = None

the secret permissions for the access policy

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_azure.keyvault.GetKeyResult(e=None, key_opts=None, key_size=None, key_type=None, key_vault_id=None, n=None, name=None, tags=None, vault_uri=None, version=None, id=None)

A collection of values returned by getKey.

e = None

The RSA public exponent of this Key Vault Key.

key_opts = None

A list of JSON web key operations assigned to this Key Vault Key

key_size = None

Specifies the Size of this Key Vault Key.

key_type = None

Specifies the Key Type of this Key Vault Key

n = None

The RSA modulus of this Key Vault Key.

tags = None

A mapping of tags assigned to this Key Vault Key.

version = None

The current version of the Key Vault Key.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_azure.keyvault.GetKeyVaultResult(access_policies=None, enabled_for_deployment=None, enabled_for_disk_encryption=None, enabled_for_template_deployment=None, location=None, name=None, network_acls=None, resource_group_name=None, sku=None, sku_name=None, tags=None, tenant_id=None, vault_uri=None, id=None)

A collection of values returned by getKeyVault.

access_policies = None

One or more access_policy blocks as defined below.

enabled_for_deployment = None

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

enabled_for_disk_encryption = None

Can Azure Disk Encryption retrieve secrets from the Key Vault?

enabled_for_template_deployment = None

Can Azure Resource Manager retrieve secrets from the Key Vault?

location = None

The Azure Region in which the Key Vault exists.

name = None

The name of the SKU used for this Key Vault.

sku = None

A sku block as described below.

tags = None

A mapping of tags assigned to the Key Vault.

tenant_id = None

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

vault_uri = None

The URI of the vault for performing operations on keys and secrets.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_azure.keyvault.GetSecretResult(content_type=None, key_vault_id=None, name=None, tags=None, value=None, vault_uri=None, version=None, id=None)

A collection of values returned by getSecret.

content_type = None

The content type for the Key Vault Secret.

tags = None

Any tags assigned to this resource.

value = None

The value of the Key Vault Secret.

version = None

The current version of the Key Vault Secret.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_azure.keyvault.Key(resource_name, opts=None, curve=None, key_opts=None, key_size=None, key_type=None, key_vault_id=None, name=None, tags=None, vault_uri=None, __props__=None, __name__=None, __opts__=None)

Manages a Key Vault Key.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • curve (pulumi.Input[str]) – Specifies the curve to use when creating an EC key. Possible values are P-256, P-384, P-521, and SECP256K1. This field will be required in a future release if key_type is EC or EC-HSM. The API will default to P-256 if nothing is specified. Changing this forces a new resource to be created.
  • key_opts (pulumi.Input[list]) – A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive.
  • key_size (pulumi.Input[float]) – Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. Note: This field is required if key_type is RSA or RSA-HSM. Changing this forces a new resource to be created.
  • key_type (pulumi.Input[str]) – Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), EC-HSM, Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created.
  • key_vault_id (pulumi.Input[str]) – The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created.
  • name (pulumi.Input[str]) – Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.
curve = None

Specifies the curve to use when creating an EC key. Possible values are P-256, P-384, P-521, and SECP256K1. This field will be required in a future release if key_type is EC or EC-HSM. The API will default to P-256 if nothing is specified. Changing this forces a new resource to be created.

e = None

The RSA public exponent of this Key Vault Key.

key_opts = None

A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive.

key_size = None

Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. Note: This field is required if key_type is RSA or RSA-HSM. Changing this forces a new resource to be created.

key_type = None

Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), EC-HSM, Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created.

key_vault_id = None

The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created.

n = None

The RSA modulus of this Key Vault Key.

name = None

Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.

tags = None

A mapping of tags to assign to the resource.

version = None

The current version of the Key Vault Key.

x = None

The EC X component of this Key Vault Key.

y = None

The EC Y component of this Key Vault Key.

static get(resource_name, id, opts=None, curve=None, e=None, key_opts=None, key_size=None, key_type=None, key_vault_id=None, n=None, name=None, tags=None, vault_uri=None, version=None, x=None, y=None)

Get an existing Key resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] curve: Specifies the curve to use when creating an EC key. Possible values are P-256, P-384, P-521, and SECP256K1. This field will be required in a future release if key_type is EC or EC-HSM. The API will default to P-256 if nothing is specified. Changing this forces a new resource to be created. :param pulumi.Input[str] e: The RSA public exponent of this Key Vault Key. :param pulumi.Input[list] key_opts: A list of JSON web key operations. Possible values include: decrypt, encrypt, sign, unwrapKey, verify and wrapKey. Please note these values are case sensitive. :param pulumi.Input[float] key_size: Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. Note: This field is required if key_type is RSA or RSA-HSM. Changing this forces a new resource to be created. :param pulumi.Input[str] key_type: Specifies the Key Type to use for this Key Vault Key. Possible values are EC (Elliptic Curve), EC-HSM, Oct (Octet), RSA and RSA-HSM. Changing this forces a new resource to be created. :param pulumi.Input[str] key_vault_id: The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created. :param pulumi.Input[str] n: The RSA modulus of this Key Vault Key. :param pulumi.Input[str] name: Specifies the name of the Key Vault Key. Changing this forces a new resource to be created. :param pulumi.Input[dict] tags: A mapping of tags to assign to the resource. :param pulumi.Input[str] version: The current version of the Key Vault Key. :param pulumi.Input[str] x: The EC X component of this Key Vault Key. :param pulumi.Input[str] y: The EC Y component of this Key Vault Key.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_azure.keyvault.KeyVault(resource_name, opts=None, access_policies=None, enabled_for_deployment=None, enabled_for_disk_encryption=None, enabled_for_template_deployment=None, location=None, name=None, network_acls=None, resource_group_name=None, sku=None, sku_name=None, tags=None, tenant_id=None, __props__=None, __name__=None, __opts__=None)

Manages a Key Vault.

NOTE: It’s possible to define Key Vault Access Policies both within the keyvault.KeyVault resource via the access_policy block and by using the keyvault.AccessPolicy resource. However it’s not possible to use both methods to manage Access Policies within a KeyVault, since there’ll be conflicts.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • access_policies (pulumi.Input[list]) – A list of up to 16 objects describing access policies, as described below.
  • enabled_for_deployment (pulumi.Input[bool]) – Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.
  • enabled_for_disk_encryption (pulumi.Input[bool]) – Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.
  • enabled_for_template_deployment (pulumi.Input[bool]) – Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.
  • location (pulumi.Input[str]) – Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
  • name (pulumi.Input[str]) – Specifies the name of the Key Vault. Changing this forces a new resource to be created.
  • network_acls (pulumi.Input[dict]) – A network_acls block as defined below.
  • resource_group_name (pulumi.Input[str]) – The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
  • sku (pulumi.Input[dict]) – ) A sku block as described below.
  • sku_name (pulumi.Input[str]) – The Name of the SKU used for this Key Vault. Possible values are standard and premium.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.
  • tenant_id (pulumi.Input[str]) – The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
access_policies = None

A list of up to 16 objects describing access policies, as described below.

enabled_for_deployment = None

Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.

enabled_for_disk_encryption = None

Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.

enabled_for_template_deployment = None

Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.

location = None

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name = None

Specifies the name of the Key Vault. Changing this forces a new resource to be created.

network_acls = None

A network_acls block as defined below.

resource_group_name = None

The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.

sku = None

) A sku block as described below.

sku_name = None

The Name of the SKU used for this Key Vault. Possible values are standard and premium.

tags = None

A mapping of tags to assign to the resource.

tenant_id = None

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

vault_uri = None

The URI of the Key Vault, used for performing operations on keys and secrets.

static get(resource_name, id, opts=None, access_policies=None, enabled_for_deployment=None, enabled_for_disk_encryption=None, enabled_for_template_deployment=None, location=None, name=None, network_acls=None, resource_group_name=None, sku=None, sku_name=None, tags=None, tenant_id=None, vault_uri=None)

Get an existing KeyVault resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[list] access_policies: A list of up to 16 objects describing access policies, as described below. :param pulumi.Input[bool] enabled_for_deployment: Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false. :param pulumi.Input[bool] enabled_for_disk_encryption: Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false. :param pulumi.Input[bool] enabled_for_template_deployment: Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false. :param pulumi.Input[str] location: Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. :param pulumi.Input[str] name: Specifies the name of the Key Vault. Changing this forces a new resource to be created. :param pulumi.Input[dict] network_acls: A network_acls block as defined below. :param pulumi.Input[str] resource_group_name: The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created. :param pulumi.Input[dict] sku: ) A sku block as described below. :param pulumi.Input[str] sku_name: The Name of the SKU used for this Key Vault. Possible values are standard and premium. :param pulumi.Input[dict] tags: A mapping of tags to assign to the resource. :param pulumi.Input[str] tenant_id: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. :param pulumi.Input[str] vault_uri: The URI of the Key Vault, used for performing operations on keys and secrets.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_azure.keyvault.Secret(resource_name, opts=None, content_type=None, key_vault_id=None, name=None, tags=None, value=None, vault_uri=None, __props__=None, __name__=None, __opts__=None)

Manages a Key Vault Secret.

Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.
Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • content_type (pulumi.Input[str]) – Specifies the content type for the Key Vault Secret.
  • key_vault_id (pulumi.Input[str]) – The ID of the Key Vault where the Secret should be created.
  • name (pulumi.Input[str]) – Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the resource.
  • value (pulumi.Input[str]) – Specifies the value of the Key Vault Secret.
content_type = None

Specifies the content type for the Key Vault Secret.

key_vault_id = None

The ID of the Key Vault where the Secret should be created.

name = None

Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.

tags = None

A mapping of tags to assign to the resource.

value = None

Specifies the value of the Key Vault Secret.

version = None

The current version of the Key Vault Secret.

static get(resource_name, id, opts=None, content_type=None, key_vault_id=None, name=None, tags=None, value=None, vault_uri=None, version=None)

Get an existing Secret resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] content_type: Specifies the content type for the Key Vault Secret. :param pulumi.Input[str] key_vault_id: The ID of the Key Vault where the Secret should be created. :param pulumi.Input[str] name: Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created. :param pulumi.Input[dict] tags: A mapping of tags to assign to the resource. :param pulumi.Input[str] value: Specifies the value of the Key Vault Secret. :param pulumi.Input[str] version: The current version of the Key Vault Secret.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
pulumi_azure.keyvault.get_access_policy(name=None, opts=None)

Use this data source to access information about the permissions from the Management Key Vault Templates.

pulumi_azure.keyvault.get_key(key_vault_id=None, name=None, vault_uri=None, opts=None)

Use this data source to access information about an existing Key Vault Key.

Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.

This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault_key.html.markdown.

pulumi_azure.keyvault.get_key_vault(name=None, resource_group_name=None, opts=None)

Use this data source to access information about an existing Key Vault.

pulumi_azure.keyvault.get_secret(key_vault_id=None, name=None, vault_uri=None, opts=None)

Use this data source to access information about an existing Key Vault Secret.

Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.

This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault_secret.html.markdown.