1. Packages
  2. Azure Native
  3. API Docs
  4. compute
  5. DiskEncryptionSet
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.76.0 published on Friday, Dec 6, 2024 by Pulumi

azure-native.compute.DiskEncryptionSet

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.76.0 published on Friday, Dec 6, 2024 by Pulumi

    disk encryption set resource. Azure REST API version: 2022-07-02. Prior API version in Azure Native 1.x: 2020-12-01.

    Other available API versions: 2020-06-30, 2023-01-02, 2023-04-02, 2023-10-02, 2024-03-02.

    Example Usage

    Create a disk encryption set with key vault from a different subscription.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
        {
            ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
            {
                KeyUrl = "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
            },
            DiskEncryptionSetName = "myDiskEncryptionSet",
            EncryptionType = AzureNative.Compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
            Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
            {
                Type = AzureNative.Compute.DiskEncryptionSetIdentityType.SystemAssigned,
            },
            Location = "West US",
            ResourceGroupName = "myResourceGroup",
        });
    
    });
    
    package main
    
    import (
    	compute "github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
    			ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
    				KeyUrl: pulumi.String("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"),
    			},
    			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
    			EncryptionType:        pulumi.String(compute.DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey),
    			Identity: &compute.EncryptionSetIdentityArgs{
    				Type: pulumi.String(compute.DiskEncryptionSetIdentityTypeSystemAssigned),
    			},
    			Location:          pulumi.String("West US"),
    			ResourceGroupName: pulumi.String("myResourceGroup"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.compute.DiskEncryptionSet;
    import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
    import com.pulumi.azurenative.compute.inputs.KeyForDiskEncryptionSetArgs;
    import com.pulumi.azurenative.compute.inputs.EncryptionSetIdentityArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
                .activeKey(KeyForDiskEncryptionSetArgs.builder()
                    .keyUrl("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}")
                    .build())
                .diskEncryptionSetName("myDiskEncryptionSet")
                .encryptionType("EncryptionAtRestWithCustomerKey")
                .identity(EncryptionSetIdentityArgs.builder()
                    .type("SystemAssigned")
                    .build())
                .location("West US")
                .resourceGroupName("myResourceGroup")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
        active_key={
            "key_url": "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
        },
        disk_encryption_set_name="myDiskEncryptionSet",
        encryption_type=azure_native.compute.DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY,
        identity={
            "type": azure_native.compute.DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED,
        },
        location="West US",
        resource_group_name="myResourceGroup")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
        activeKey: {
            keyUrl: "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
        },
        diskEncryptionSetName: "myDiskEncryptionSet",
        encryptionType: azure_native.compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
        identity: {
            type: azure_native.compute.DiskEncryptionSetIdentityType.SystemAssigned,
        },
        location: "West US",
        resourceGroupName: "myResourceGroup",
    });
    
    resources:
      diskEncryptionSet:
        type: azure-native:compute:DiskEncryptionSet
        properties:
          activeKey:
            keyUrl: https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}
          diskEncryptionSetName: myDiskEncryptionSet
          encryptionType: EncryptionAtRestWithCustomerKey
          identity:
            type: SystemAssigned
          location: West US
          resourceGroupName: myResourceGroup
    

    Create a disk encryption set.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
        {
            ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
            {
                KeyUrl = "https://myvmvault.vault-int.azure-int.net/keys/{key}",
                SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
                {
                    Id = "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
                },
            },
            DiskEncryptionSetName = "myDiskEncryptionSet",
            EncryptionType = AzureNative.Compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
            Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
            {
                Type = AzureNative.Compute.DiskEncryptionSetIdentityType.SystemAssigned,
            },
            Location = "West US",
            ResourceGroupName = "myResourceGroup",
        });
    
    });
    
    package main
    
    import (
    	compute "github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
    			ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
    				KeyUrl: pulumi.String("https://myvmvault.vault-int.azure-int.net/keys/{key}"),
    				SourceVault: &compute.SourceVaultArgs{
    					Id: pulumi.String("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"),
    				},
    			},
    			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
    			EncryptionType:        pulumi.String(compute.DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey),
    			Identity: &compute.EncryptionSetIdentityArgs{
    				Type: pulumi.String(compute.DiskEncryptionSetIdentityTypeSystemAssigned),
    			},
    			Location:          pulumi.String("West US"),
    			ResourceGroupName: pulumi.String("myResourceGroup"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.compute.DiskEncryptionSet;
    import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
    import com.pulumi.azurenative.compute.inputs.KeyForDiskEncryptionSetArgs;
    import com.pulumi.azurenative.compute.inputs.SourceVaultArgs;
    import com.pulumi.azurenative.compute.inputs.EncryptionSetIdentityArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
                .activeKey(KeyForDiskEncryptionSetArgs.builder()
                    .keyUrl("https://myvmvault.vault-int.azure-int.net/keys/{key}")
                    .sourceVault(SourceVaultArgs.builder()
                        .id("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault")
                        .build())
                    .build())
                .diskEncryptionSetName("myDiskEncryptionSet")
                .encryptionType("EncryptionAtRestWithCustomerKey")
                .identity(EncryptionSetIdentityArgs.builder()
                    .type("SystemAssigned")
                    .build())
                .location("West US")
                .resourceGroupName("myResourceGroup")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
        active_key={
            "key_url": "https://myvmvault.vault-int.azure-int.net/keys/{key}",
            "source_vault": {
                "id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
            },
        },
        disk_encryption_set_name="myDiskEncryptionSet",
        encryption_type=azure_native.compute.DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY,
        identity={
            "type": azure_native.compute.DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED,
        },
        location="West US",
        resource_group_name="myResourceGroup")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
        activeKey: {
            keyUrl: "https://myvmvault.vault-int.azure-int.net/keys/{key}",
            sourceVault: {
                id: "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
            },
        },
        diskEncryptionSetName: "myDiskEncryptionSet",
        encryptionType: azure_native.compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
        identity: {
            type: azure_native.compute.DiskEncryptionSetIdentityType.SystemAssigned,
        },
        location: "West US",
        resourceGroupName: "myResourceGroup",
    });
    
    resources:
      diskEncryptionSet:
        type: azure-native:compute:DiskEncryptionSet
        properties:
          activeKey:
            keyUrl: https://myvmvault.vault-int.azure-int.net/keys/{key}
            sourceVault:
              id: /subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault
          diskEncryptionSetName: myDiskEncryptionSet
          encryptionType: EncryptionAtRestWithCustomerKey
          identity:
            type: SystemAssigned
          location: West US
          resourceGroupName: myResourceGroup
    

    Create DiskEncryptionSet Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new DiskEncryptionSet(name: string, args: DiskEncryptionSetArgs, opts?: CustomResourceOptions);
    @overload
    def DiskEncryptionSet(resource_name: str,
                          args: DiskEncryptionSetArgs,
                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def DiskEncryptionSet(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          resource_group_name: Optional[str] = None,
                          active_key: Optional[KeyForDiskEncryptionSetArgs] = None,
                          disk_encryption_set_name: Optional[str] = None,
                          encryption_type: Optional[Union[str, DiskEncryptionSetType]] = None,
                          federated_client_id: Optional[str] = None,
                          identity: Optional[EncryptionSetIdentityArgs] = None,
                          location: Optional[str] = None,
                          rotation_to_latest_key_version_enabled: Optional[bool] = None,
                          tags: Optional[Mapping[str, str]] = None)
    func NewDiskEncryptionSet(ctx *Context, name string, args DiskEncryptionSetArgs, opts ...ResourceOption) (*DiskEncryptionSet, error)
    public DiskEncryptionSet(string name, DiskEncryptionSetArgs args, CustomResourceOptions? opts = null)
    public DiskEncryptionSet(String name, DiskEncryptionSetArgs args)
    public DiskEncryptionSet(String name, DiskEncryptionSetArgs args, CustomResourceOptions options)
    
    type: azure-native:compute:DiskEncryptionSet
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var diskEncryptionSetResource = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSetResource", new()
    {
        ResourceGroupName = "string",
        ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
        {
            KeyUrl = "string",
            SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
            {
                Id = "string",
            },
        },
        DiskEncryptionSetName = "string",
        EncryptionType = "string",
        FederatedClientId = "string",
        Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
        {
            Type = "string",
            UserAssignedIdentities = new[]
            {
                "string",
            },
        },
        Location = "string",
        RotationToLatestKeyVersionEnabled = false,
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSetResource", &compute.DiskEncryptionSetArgs{
    	ResourceGroupName: pulumi.String("string"),
    	ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
    		KeyUrl: pulumi.String("string"),
    		SourceVault: &compute.SourceVaultArgs{
    			Id: pulumi.String("string"),
    		},
    	},
    	DiskEncryptionSetName: pulumi.String("string"),
    	EncryptionType:        pulumi.String("string"),
    	FederatedClientId:     pulumi.String("string"),
    	Identity: &compute.EncryptionSetIdentityArgs{
    		Type: pulumi.String("string"),
    		UserAssignedIdentities: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	Location:                          pulumi.String("string"),
    	RotationToLatestKeyVersionEnabled: pulumi.Bool(false),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var diskEncryptionSetResource = new DiskEncryptionSet("diskEncryptionSetResource", DiskEncryptionSetArgs.builder()
        .resourceGroupName("string")
        .activeKey(KeyForDiskEncryptionSetArgs.builder()
            .keyUrl("string")
            .sourceVault(SourceVaultArgs.builder()
                .id("string")
                .build())
            .build())
        .diskEncryptionSetName("string")
        .encryptionType("string")
        .federatedClientId("string")
        .identity(EncryptionSetIdentityArgs.builder()
            .type("string")
            .userAssignedIdentities("string")
            .build())
        .location("string")
        .rotationToLatestKeyVersionEnabled(false)
        .tags(Map.of("string", "string"))
        .build());
    
    disk_encryption_set_resource = azure_native.compute.DiskEncryptionSet("diskEncryptionSetResource",
        resource_group_name="string",
        active_key={
            "key_url": "string",
            "source_vault": {
                "id": "string",
            },
        },
        disk_encryption_set_name="string",
        encryption_type="string",
        federated_client_id="string",
        identity={
            "type": "string",
            "user_assigned_identities": ["string"],
        },
        location="string",
        rotation_to_latest_key_version_enabled=False,
        tags={
            "string": "string",
        })
    
    const diskEncryptionSetResource = new azure_native.compute.DiskEncryptionSet("diskEncryptionSetResource", {
        resourceGroupName: "string",
        activeKey: {
            keyUrl: "string",
            sourceVault: {
                id: "string",
            },
        },
        diskEncryptionSetName: "string",
        encryptionType: "string",
        federatedClientId: "string",
        identity: {
            type: "string",
            userAssignedIdentities: ["string"],
        },
        location: "string",
        rotationToLatestKeyVersionEnabled: false,
        tags: {
            string: "string",
        },
    });
    
    type: azure-native:compute:DiskEncryptionSet
    properties:
        activeKey:
            keyUrl: string
            sourceVault:
                id: string
        diskEncryptionSetName: string
        encryptionType: string
        federatedClientId: string
        identity:
            type: string
            userAssignedIdentities:
                - string
        location: string
        resourceGroupName: string
        rotationToLatestKeyVersionEnabled: false
        tags:
            string: string
    

    DiskEncryptionSet Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The DiskEncryptionSet resource accepts the following input properties:

    ResourceGroupName string
    The name of the resource group.
    ActiveKey Pulumi.AzureNative.Compute.Inputs.KeyForDiskEncryptionSet
    The key vault key which is currently used by this disk encryption set.
    DiskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    EncryptionType string | Pulumi.AzureNative.Compute.DiskEncryptionSetType
    The type of key used to encrypt the data of the disk.
    FederatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    Identity Pulumi.AzureNative.Compute.Inputs.EncryptionSetIdentity
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    Location string
    Resource location
    RotationToLatestKeyVersionEnabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    Tags Dictionary<string, string>
    Resource tags
    ResourceGroupName string
    The name of the resource group.
    ActiveKey KeyForDiskEncryptionSetArgs
    The key vault key which is currently used by this disk encryption set.
    DiskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    EncryptionType string | DiskEncryptionSetType
    The type of key used to encrypt the data of the disk.
    FederatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    Identity EncryptionSetIdentityArgs
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    Location string
    Resource location
    RotationToLatestKeyVersionEnabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    Tags map[string]string
    Resource tags
    resourceGroupName String
    The name of the resource group.
    activeKey KeyForDiskEncryptionSet
    The key vault key which is currently used by this disk encryption set.
    diskEncryptionSetName String
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    encryptionType String | DiskEncryptionSetType
    The type of key used to encrypt the data of the disk.
    federatedClientId String
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentity
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    location String
    Resource location
    rotationToLatestKeyVersionEnabled Boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Map<String,String>
    Resource tags
    resourceGroupName string
    The name of the resource group.
    activeKey KeyForDiskEncryptionSet
    The key vault key which is currently used by this disk encryption set.
    diskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    encryptionType string | DiskEncryptionSetType
    The type of key used to encrypt the data of the disk.
    federatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentity
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    location string
    Resource location
    rotationToLatestKeyVersionEnabled boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags {[key: string]: string}
    Resource tags
    resource_group_name str
    The name of the resource group.
    active_key KeyForDiskEncryptionSetArgs
    The key vault key which is currently used by this disk encryption set.
    disk_encryption_set_name str
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    encryption_type str | DiskEncryptionSetType
    The type of key used to encrypt the data of the disk.
    federated_client_id str
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentityArgs
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    location str
    Resource location
    rotation_to_latest_key_version_enabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Mapping[str, str]
    Resource tags
    resourceGroupName String
    The name of the resource group.
    activeKey Property Map
    The key vault key which is currently used by this disk encryption set.
    diskEncryptionSetName String
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    encryptionType String | "EncryptionAtRestWithCustomerKey" | "EncryptionAtRestWithPlatformAndCustomerKeys" | "ConfidentialVmEncryptedWithCustomerKey"
    The type of key used to encrypt the data of the disk.
    federatedClientId String
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity Property Map
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    location String
    Resource location
    rotationToLatestKeyVersionEnabled Boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Map<String>
    Resource tags

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DiskEncryptionSet resource produces the following output properties:

    AutoKeyRotationError Pulumi.AzureNative.Compute.Outputs.ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    Name string
    Resource name
    PreviousKeys List<Pulumi.AzureNative.Compute.Outputs.KeyForDiskEncryptionSetResponse>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    ProvisioningState string
    The disk encryption set provisioning state.
    Type string
    Resource type
    AutoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    Name string
    Resource name
    PreviousKeys []KeyForDiskEncryptionSetResponse
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    ProvisioningState string
    The disk encryption set provisioning state.
    Type string
    Resource type
    autoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id String
    The provider-assigned unique ID for this managed resource.
    lastKeyRotationTimestamp String
    The time when the active key of this disk encryption set was updated.
    name String
    Resource name
    previousKeys List<KeyForDiskEncryptionSetResponse>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState String
    The disk encryption set provisioning state.
    type String
    Resource type
    autoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id string
    The provider-assigned unique ID for this managed resource.
    lastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    name string
    Resource name
    previousKeys KeyForDiskEncryptionSetResponse[]
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState string
    The disk encryption set provisioning state.
    type string
    Resource type
    auto_key_rotation_error ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id str
    The provider-assigned unique ID for this managed resource.
    last_key_rotation_timestamp str
    The time when the active key of this disk encryption set was updated.
    name str
    Resource name
    previous_keys Sequence[KeyForDiskEncryptionSetResponse]
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioning_state str
    The disk encryption set provisioning state.
    type str
    Resource type
    autoKeyRotationError Property Map
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id String
    The provider-assigned unique ID for this managed resource.
    lastKeyRotationTimestamp String
    The time when the active key of this disk encryption set was updated.
    name String
    Resource name
    previousKeys List<Property Map>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState String
    The disk encryption set provisioning state.
    type String
    Resource type

    Supporting Types

    ApiErrorBaseResponse, ApiErrorBaseResponseArgs

    Code string
    The error code.
    Message string
    The error message.
    Target string
    The target of the particular error.
    Code string
    The error code.
    Message string
    The error message.
    Target string
    The target of the particular error.
    code String
    The error code.
    message String
    The error message.
    target String
    The target of the particular error.
    code string
    The error code.
    message string
    The error message.
    target string
    The target of the particular error.
    code str
    The error code.
    message str
    The error message.
    target str
    The target of the particular error.
    code String
    The error code.
    message String
    The error message.
    target String
    The target of the particular error.

    ApiErrorResponse, ApiErrorResponseArgs

    Code string
    The error code.
    Details List<Pulumi.AzureNative.Compute.Inputs.ApiErrorBaseResponse>
    The Api error details
    Innererror Pulumi.AzureNative.Compute.Inputs.InnerErrorResponse
    The Api inner error
    Message string
    The error message.
    Target string
    The target of the particular error.
    Code string
    The error code.
    Details []ApiErrorBaseResponse
    The Api error details
    Innererror InnerErrorResponse
    The Api inner error
    Message string
    The error message.
    Target string
    The target of the particular error.
    code String
    The error code.
    details List<ApiErrorBaseResponse>
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message String
    The error message.
    target String
    The target of the particular error.
    code string
    The error code.
    details ApiErrorBaseResponse[]
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message string
    The error message.
    target string
    The target of the particular error.
    code str
    The error code.
    details Sequence[ApiErrorBaseResponse]
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message str
    The error message.
    target str
    The target of the particular error.
    code String
    The error code.
    details List<Property Map>
    The Api error details
    innererror Property Map
    The Api inner error
    message String
    The error message.
    target String
    The target of the particular error.

    DiskEncryptionSetIdentityType, DiskEncryptionSetIdentityTypeArgs

    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    DiskEncryptionSetIdentityTypeSystemAssigned
    SystemAssigned
    DiskEncryptionSetIdentityTypeUserAssigned
    UserAssigned
    DiskEncryptionSetIdentityType_SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    DiskEncryptionSetIdentityTypeNone
    None
    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    SYSTEM_ASSIGNED
    SystemAssigned
    USER_ASSIGNED
    UserAssigned
    SYSTEM_ASSIGNED_USER_ASSIGNED
    SystemAssigned, UserAssigned
    NONE
    None
    "SystemAssigned"
    SystemAssigned
    "UserAssigned"
    UserAssigned
    "SystemAssigned, UserAssigned"
    SystemAssigned, UserAssigned
    "None"
    None

    DiskEncryptionSetType, DiskEncryptionSetTypeArgs

    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
    DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    DiskEncryptionSetTypeEncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    DiskEncryptionSetTypeConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
    ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    ENCRYPTION_AT_REST_WITH_PLATFORM_AND_CUSTOMER_KEYS
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    CONFIDENTIAL_VM_ENCRYPTED_WITH_CUSTOMER_KEY
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
    "EncryptionAtRestWithCustomerKey"
    EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
    "EncryptionAtRestWithPlatformAndCustomerKeys"
    EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
    "ConfidentialVmEncryptedWithCustomerKey"
    ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.

    EncryptionSetIdentity, EncryptionSetIdentityArgs

    Type string | Pulumi.AzureNative.Compute.DiskEncryptionSetIdentityType
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities List<string>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    Type string | DiskEncryptionSetIdentityType
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities []string
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    type String | DiskEncryptionSetIdentityType
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities List<String>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    type string | DiskEncryptionSetIdentityType
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities string[]
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    type str | DiskEncryptionSetIdentityType
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    user_assigned_identities Sequence[str]
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    type String | "SystemAssigned" | "UserAssigned" | "SystemAssigned, UserAssigned" | "None"
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities List<String>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    EncryptionSetIdentityResponse, EncryptionSetIdentityResponseArgs

    PrincipalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    TenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    Type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities Dictionary<string, Pulumi.AzureNative.Compute.Inputs.UserAssignedIdentitiesResponseUserAssignedIdentities>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    PrincipalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    TenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    Type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities map[string]UserAssignedIdentitiesResponseUserAssignedIdentities
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId String
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId String
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type String
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities Map<String,UserAssignedIdentitiesResponseUserAssignedIdentities>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities {[key: string]: UserAssignedIdentitiesResponseUserAssignedIdentities}
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principal_id str
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenant_id str
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type str
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    user_assigned_identities Mapping[str, UserAssignedIdentitiesResponseUserAssignedIdentities]
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId String
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId String
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type String
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities Map<Property Map>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    InnerErrorResponse, InnerErrorResponseArgs

    Errordetail string
    The internal error message or exception dump.
    Exceptiontype string
    The exception type.
    Errordetail string
    The internal error message or exception dump.
    Exceptiontype string
    The exception type.
    errordetail String
    The internal error message or exception dump.
    exceptiontype String
    The exception type.
    errordetail string
    The internal error message or exception dump.
    exceptiontype string
    The exception type.
    errordetail str
    The internal error message or exception dump.
    exceptiontype str
    The exception type.
    errordetail String
    The internal error message or exception dump.
    exceptiontype String
    The exception type.

    KeyForDiskEncryptionSet, KeyForDiskEncryptionSetArgs

    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault Pulumi.AzureNative.Compute.Inputs.SourceVault
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault SourceVault
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVault
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVault
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    key_url str
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    source_vault SourceVault
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault Property Map
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    KeyForDiskEncryptionSetResponse, KeyForDiskEncryptionSetResponseArgs

    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault Pulumi.AzureNative.Compute.Inputs.SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    key_url str
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    source_vault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault Property Map
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    SourceVault, SourceVaultArgs

    Id string
    Resource Id
    Id string
    Resource Id
    id String
    Resource Id
    id string
    Resource Id
    id str
    Resource Id
    id String
    Resource Id

    SourceVaultResponse, SourceVaultResponseArgs

    Id string
    Resource Id
    Id string
    Resource Id
    id String
    Resource Id
    id string
    Resource Id
    id str
    Resource Id
    id String
    Resource Id

    UserAssignedIdentitiesResponseUserAssignedIdentities, UserAssignedIdentitiesResponseUserAssignedIdentitiesArgs

    ClientId string
    The client id of user assigned identity.
    PrincipalId string
    The principal id of user assigned identity.
    ClientId string
    The client id of user assigned identity.
    PrincipalId string
    The principal id of user assigned identity.
    clientId String
    The client id of user assigned identity.
    principalId String
    The principal id of user assigned identity.
    clientId string
    The client id of user assigned identity.
    principalId string
    The principal id of user assigned identity.
    client_id str
    The client id of user assigned identity.
    principal_id str
    The principal id of user assigned identity.
    clientId String
    The client id of user assigned identity.
    principalId String
    The principal id of user assigned identity.

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:compute:DiskEncryptionSet myDiskEncryptionSet /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName} 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.76.0 published on Friday, Dec 6, 2024 by Pulumi