Docs Home
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.4.0 published on Wednesday, May 7, 2025 by Pulumi
azure-native.compute.DiskEncryptionSet
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.4.0 published on Wednesday, May 7, 2025 by Pulumi
disk encryption set resource.
Uses Azure REST API version 2024-03-02. In version 2.x of the Azure Native provider, it used API version 2022-07-02.
Other available API versions: 2022-07-02, 2023-01-02, 2023-04-02, 2023-10-02. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native compute [ApiVersion]. See the version guide for details.
Example Usage
Create a disk encryption set with key vault from a different subscription.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
{
ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
{
KeyUrl = "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
},
DiskEncryptionSetName = "myDiskEncryptionSet",
EncryptionType = AzureNative.Compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
{
Type = AzureNative.Compute.DiskEncryptionSetIdentityType.SystemAssigned,
},
Location = "West US",
ResourceGroupName = "myResourceGroup",
});
});
package main
import (
compute "github.com/pulumi/pulumi-azure-native-sdk/compute/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
KeyUrl: pulumi.String("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"),
},
DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
EncryptionType: pulumi.String(compute.DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey),
Identity: &compute.EncryptionSetIdentityArgs{
Type: pulumi.String(compute.DiskEncryptionSetIdentityTypeSystemAssigned),
},
Location: pulumi.String("West US"),
ResourceGroupName: pulumi.String("myResourceGroup"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.compute.DiskEncryptionSet;
import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
import com.pulumi.azurenative.compute.inputs.KeyForDiskEncryptionSetArgs;
import com.pulumi.azurenative.compute.inputs.EncryptionSetIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
.activeKey(KeyForDiskEncryptionSetArgs.builder()
.keyUrl("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}")
.build())
.diskEncryptionSetName("myDiskEncryptionSet")
.encryptionType("EncryptionAtRestWithCustomerKey")
.identity(EncryptionSetIdentityArgs.builder()
.type("SystemAssigned")
.build())
.location("West US")
.resourceGroupName("myResourceGroup")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
activeKey: {
keyUrl: "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
},
diskEncryptionSetName: "myDiskEncryptionSet",
encryptionType: azure_native.compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
identity: {
type: azure_native.compute.DiskEncryptionSetIdentityType.SystemAssigned,
},
location: "West US",
resourceGroupName: "myResourceGroup",
});
import pulumi
import pulumi_azure_native as azure_native
disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
active_key={
"key_url": "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
},
disk_encryption_set_name="myDiskEncryptionSet",
encryption_type=azure_native.compute.DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY,
identity={
"type": azure_native.compute.DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED,
},
location="West US",
resource_group_name="myResourceGroup")
resources:
diskEncryptionSet:
type: azure-native:compute:DiskEncryptionSet
properties:
activeKey:
keyUrl: https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}
diskEncryptionSetName: myDiskEncryptionSet
encryptionType: EncryptionAtRestWithCustomerKey
identity:
type: SystemAssigned
location: West US
resourceGroupName: myResourceGroup
Create a disk encryption set.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
{
ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
{
KeyUrl = "https://myvmvault.vault-int.azure-int.net/keys/{key}",
SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
{
Id = "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
},
},
DiskEncryptionSetName = "myDiskEncryptionSet",
EncryptionType = AzureNative.Compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
{
Type = AzureNative.Compute.DiskEncryptionSetIdentityType.SystemAssigned,
},
Location = "West US",
ResourceGroupName = "myResourceGroup",
});
});
package main
import (
compute "github.com/pulumi/pulumi-azure-native-sdk/compute/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
KeyUrl: pulumi.String("https://myvmvault.vault-int.azure-int.net/keys/{key}"),
SourceVault: &compute.SourceVaultArgs{
Id: pulumi.String("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"),
},
},
DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
EncryptionType: pulumi.String(compute.DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey),
Identity: &compute.EncryptionSetIdentityArgs{
Type: pulumi.String(compute.DiskEncryptionSetIdentityTypeSystemAssigned),
},
Location: pulumi.String("West US"),
ResourceGroupName: pulumi.String("myResourceGroup"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.compute.DiskEncryptionSet;
import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
import com.pulumi.azurenative.compute.inputs.KeyForDiskEncryptionSetArgs;
import com.pulumi.azurenative.compute.inputs.SourceVaultArgs;
import com.pulumi.azurenative.compute.inputs.EncryptionSetIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
.activeKey(KeyForDiskEncryptionSetArgs.builder()
.keyUrl("https://myvmvault.vault-int.azure-int.net/keys/{key}")
.sourceVault(SourceVaultArgs.builder()
.id("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault")
.build())
.build())
.diskEncryptionSetName("myDiskEncryptionSet")
.encryptionType("EncryptionAtRestWithCustomerKey")
.identity(EncryptionSetIdentityArgs.builder()
.type("SystemAssigned")
.build())
.location("West US")
.resourceGroupName("myResourceGroup")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
activeKey: {
keyUrl: "https://myvmvault.vault-int.azure-int.net/keys/{key}",
sourceVault: {
id: "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
},
},
diskEncryptionSetName: "myDiskEncryptionSet",
encryptionType: azure_native.compute.DiskEncryptionSetType.EncryptionAtRestWithCustomerKey,
identity: {
type: azure_native.compute.DiskEncryptionSetIdentityType.SystemAssigned,
},
location: "West US",
resourceGroupName: "myResourceGroup",
});
import pulumi
import pulumi_azure_native as azure_native
disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
active_key={
"key_url": "https://myvmvault.vault-int.azure-int.net/keys/{key}",
"source_vault": {
"id": "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
},
},
disk_encryption_set_name="myDiskEncryptionSet",
encryption_type=azure_native.compute.DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY,
identity={
"type": azure_native.compute.DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED,
},
location="West US",
resource_group_name="myResourceGroup")
resources:
diskEncryptionSet:
type: azure-native:compute:DiskEncryptionSet
properties:
activeKey:
keyUrl: https://myvmvault.vault-int.azure-int.net/keys/{key}
sourceVault:
id: /subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault
diskEncryptionSetName: myDiskEncryptionSet
encryptionType: EncryptionAtRestWithCustomerKey
identity:
type: SystemAssigned
location: West US
resourceGroupName: myResourceGroup
Create DiskEncryptionSet Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DiskEncryptionSet(name: string, args: DiskEncryptionSetArgs, opts?: CustomResourceOptions);@overload
def DiskEncryptionSet(resource_name: str,
args: DiskEncryptionSetArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DiskEncryptionSet(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
active_key: Optional[KeyForDiskEncryptionSetArgs] = None,
disk_encryption_set_name: Optional[str] = None,
encryption_type: Optional[Union[str, DiskEncryptionSetType]] = None,
federated_client_id: Optional[str] = None,
identity: Optional[EncryptionSetIdentityArgs] = None,
location: Optional[str] = None,
rotation_to_latest_key_version_enabled: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None)func NewDiskEncryptionSet(ctx *Context, name string, args DiskEncryptionSetArgs, opts ...ResourceOption) (*DiskEncryptionSet, error)public DiskEncryptionSet(string name, DiskEncryptionSetArgs args, CustomResourceOptions? opts = null)
public DiskEncryptionSet(String name, DiskEncryptionSetArgs args)
public DiskEncryptionSet(String name, DiskEncryptionSetArgs args, CustomResourceOptions options)
type: azure-native:compute:DiskEncryptionSet
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DiskEncryptionSetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DiskEncryptionSetArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DiskEncryptionSetArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DiskEncryptionSetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DiskEncryptionSetArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var diskEncryptionSetResource = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSetResource", new()
{
ResourceGroupName = "string",
ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
{
KeyUrl = "string",
SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
{
Id = "string",
},
},
DiskEncryptionSetName = "string",
EncryptionType = "string",
FederatedClientId = "string",
Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
{
Type = "string",
UserAssignedIdentities = new[]
{
"string",
},
},
Location = "string",
RotationToLatestKeyVersionEnabled = false,
Tags =
{
{ "string", "string" },
},
});
example, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSetResource", &compute.DiskEncryptionSetArgs{
ResourceGroupName: pulumi.String("string"),
ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
KeyUrl: pulumi.String("string"),
SourceVault: &compute.SourceVaultArgs{
Id: pulumi.String("string"),
},
},
DiskEncryptionSetName: pulumi.String("string"),
EncryptionType: pulumi.String("string"),
FederatedClientId: pulumi.String("string"),
Identity: &compute.EncryptionSetIdentityArgs{
Type: pulumi.String("string"),
UserAssignedIdentities: pulumi.StringArray{
pulumi.String("string"),
},
},
Location: pulumi.String("string"),
RotationToLatestKeyVersionEnabled: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var diskEncryptionSetResource = new DiskEncryptionSet("diskEncryptionSetResource", DiskEncryptionSetArgs.builder()
.resourceGroupName("string")
.activeKey(KeyForDiskEncryptionSetArgs.builder()
.keyUrl("string")
.sourceVault(SourceVaultArgs.builder()
.id("string")
.build())
.build())
.diskEncryptionSetName("string")
.encryptionType("string")
.federatedClientId("string")
.identity(EncryptionSetIdentityArgs.builder()
.type("string")
.userAssignedIdentities("string")
.build())
.location("string")
.rotationToLatestKeyVersionEnabled(false)
.tags(Map.of("string", "string"))
.build());
disk_encryption_set_resource = azure_native.compute.DiskEncryptionSet("diskEncryptionSetResource",
resource_group_name="string",
active_key={
"key_url": "string",
"source_vault": {
"id": "string",
},
},
disk_encryption_set_name="string",
encryption_type="string",
federated_client_id="string",
identity={
"type": "string",
"user_assigned_identities": ["string"],
},
location="string",
rotation_to_latest_key_version_enabled=False,
tags={
"string": "string",
})
const diskEncryptionSetResource = new azure_native.compute.DiskEncryptionSet("diskEncryptionSetResource", {
resourceGroupName: "string",
activeKey: {
keyUrl: "string",
sourceVault: {
id: "string",
},
},
diskEncryptionSetName: "string",
encryptionType: "string",
federatedClientId: "string",
identity: {
type: "string",
userAssignedIdentities: ["string"],
},
location: "string",
rotationToLatestKeyVersionEnabled: false,
tags: {
string: "string",
},
});
type: azure-native:compute:DiskEncryptionSet
properties:
activeKey:
keyUrl: string
sourceVault:
id: string
diskEncryptionSetName: string
encryptionType: string
federatedClientId: string
identity:
type: string
userAssignedIdentities:
- string
location: string
resourceGroupName: string
rotationToLatestKeyVersionEnabled: false
tags:
string: string
DiskEncryptionSet Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DiskEncryptionSet resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group.
- Active
Key Pulumi.Azure Native. Compute. Inputs. Key For Disk Encryption Set - The key vault key which is currently used by this disk encryption set.
- Disk
Encryption stringSet Name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- Encryption
Type string | Pulumi.Azure Native. Compute. Disk Encryption Set Type - The type of key used to encrypt the data of the disk.
- Federated
Client stringId - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- Identity
Pulumi.
Azure Native. Compute. Inputs. Encryption Set Identity - The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- Location string
- Resource location
- Rotation
To boolLatest Key Version Enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- Dictionary<string, string>
- Resource tags
- Resource
Group stringName - The name of the resource group.
- Active
Key KeyFor Disk Encryption Set Args - The key vault key which is currently used by this disk encryption set.
- Disk
Encryption stringSet Name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- Encryption
Type string | DiskEncryption Set Type - The type of key used to encrypt the data of the disk.
- Federated
Client stringId - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- Identity
Encryption
Set Identity Args - The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- Location string
- Resource location
- Rotation
To boolLatest Key Version Enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- map[string]string
- Resource tags
- resource
Group StringName - The name of the resource group.
- active
Key KeyFor Disk Encryption Set - The key vault key which is currently used by this disk encryption set.
- disk
Encryption StringSet Name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- encryption
Type String | DiskEncryption Set Type - The type of key used to encrypt the data of the disk.
- federated
Client StringId - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- identity
Encryption
Set Identity - The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- location String
- Resource location
- rotation
To BooleanLatest Key Version Enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- Map<String,String>
- Resource tags
- resource
Group stringName - The name of the resource group.
- active
Key KeyFor Disk Encryption Set - The key vault key which is currently used by this disk encryption set.
- disk
Encryption stringSet Name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- encryption
Type string | DiskEncryption Set Type - The type of key used to encrypt the data of the disk.
- federated
Client stringId - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- identity
Encryption
Set Identity - The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- location string
- Resource location
- rotation
To booleanLatest Key Version Enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- {[key: string]: string}
- Resource tags
- resource_
group_ strname - The name of the resource group.
- active_
key KeyFor Disk Encryption Set Args - The key vault key which is currently used by this disk encryption set.
- disk_
encryption_ strset_ name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- encryption_
type str | DiskEncryption Set Type - The type of key used to encrypt the data of the disk.
- federated_
client_ strid - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- identity
Encryption
Set Identity Args - The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- location str
- Resource location
- rotation_
to_ boollatest_ key_ version_ enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- Mapping[str, str]
- Resource tags
- resource
Group StringName - The name of the resource group.
- active
Key Property Map - The key vault key which is currently used by this disk encryption set.
- disk
Encryption StringSet Name - The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
- encryption
Type String | "EncryptionAt Rest With Customer Key" | "Encryption At Rest With Platform And Customer Keys" | "Confidential Vm Encrypted With Customer Key" - The type of key used to encrypt the data of the disk.
- federated
Client StringId - Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
- identity Property Map
- The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
- location String
- Resource location
- rotation
To BooleanLatest Key Version Enabled - Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
- Map<String>
- Resource tags
Outputs
All input properties are implicitly available as output properties. Additionally, the DiskEncryptionSet resource produces the following output properties:
- Auto
Key Pulumi.Rotation Error Azure Native. Compute. Outputs. Api Error Response - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Key stringRotation Timestamp - The time when the active key of this disk encryption set was updated.
- Name string
- Resource name
- Previous
Keys List<Pulumi.Azure Native. Compute. Outputs. Key For Disk Encryption Set Response> - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- Provisioning
State string - The disk encryption set provisioning state.
- Type string
- Resource type
- Auto
Key ApiRotation Error Error Response - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Key stringRotation Timestamp - The time when the active key of this disk encryption set was updated.
- Name string
- Resource name
- Previous
Keys []KeyFor Disk Encryption Set Response - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- Provisioning
State string - The disk encryption set provisioning state.
- Type string
- Resource type
- auto
Key ApiRotation Error Error Response - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Key StringRotation Timestamp - The time when the active key of this disk encryption set was updated.
- name String
- Resource name
- previous
Keys List<KeyFor Disk Encryption Set Response> - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- provisioning
State String - The disk encryption set provisioning state.
- type String
- Resource type
- auto
Key ApiRotation Error Error Response - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- azure
Api stringVersion - The Azure API version of the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- last
Key stringRotation Timestamp - The time when the active key of this disk encryption set was updated.
- name string
- Resource name
- previous
Keys KeyFor Disk Encryption Set Response[] - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- provisioning
State string - The disk encryption set provisioning state.
- type string
- Resource type
- auto_
key_ Apirotation_ error Error Response - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- azure_
api_ strversion - The Azure API version of the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- last_
key_ strrotation_ timestamp - The time when the active key of this disk encryption set was updated.
- name str
- Resource name
- previous_
keys Sequence[KeyFor Disk Encryption Set Response] - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- provisioning_
state str - The disk encryption set provisioning state.
- type str
- Resource type
- auto
Key Property MapRotation Error - The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Key StringRotation Timestamp - The time when the active key of this disk encryption set was updated.
- name String
- Resource name
- previous
Keys List<Property Map> - A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
- provisioning
State String - The disk encryption set provisioning state.
- type String
- Resource type
Supporting Types
ApiErrorBaseResponse, ApiErrorBaseResponseArgs
ApiErrorResponse, ApiErrorResponseArgs
- Code string
- The error code.
- Details
List<Pulumi.
Azure Native. Compute. Inputs. Api Error Base Response> - The Api error details
- Innererror
Pulumi.
Azure Native. Compute. Inputs. Inner Error Response - The Api inner error
- Message string
- The error message.
- Target string
- The target of the particular error.
- Code string
- The error code.
- Details
[]Api
Error Base Response - The Api error details
- Innererror
Inner
Error Response - The Api inner error
- Message string
- The error message.
- Target string
- The target of the particular error.
- code String
- The error code.
- details
List<Api
Error Base Response> - The Api error details
- innererror
Inner
Error Response - The Api inner error
- message String
- The error message.
- target String
- The target of the particular error.
- code string
- The error code.
- details
Api
Error Base Response[] - The Api error details
- innererror
Inner
Error Response - The Api inner error
- message string
- The error message.
- target string
- The target of the particular error.
- code str
- The error code.
- details
Sequence[Api
Error Base Response] - The Api error details
- innererror
Inner
Error Response - The Api inner error
- message str
- The error message.
- target str
- The target of the particular error.
- code String
- The error code.
- details List<Property Map>
- The Api error details
- innererror Property Map
- The Api inner error
- message String
- The error message.
- target String
- The target of the particular error.
DiskEncryptionSetIdentityType, DiskEncryptionSetIdentityTypeArgs
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- Disk
Encryption Set Identity Type System Assigned - SystemAssigned
- Disk
Encryption Set Identity Type User Assigned - UserAssigned
- Disk
Encryption Set Identity Type_System Assigned_User Assigned - SystemAssigned, UserAssigned
- Disk
Encryption Set Identity Type None - None
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- System
Assigned - SystemAssigned
- User
Assigned - UserAssigned
- System
Assigned_User Assigned - SystemAssigned, UserAssigned
- None
- None
- SYSTEM_ASSIGNED
- SystemAssigned
- USER_ASSIGNED
- UserAssigned
- SYSTEM_ASSIGNED_USER_ASSIGNED
- SystemAssigned, UserAssigned
- NONE
- None
- "System
Assigned" - SystemAssigned
- "User
Assigned" - UserAssigned
- "System
Assigned, User Assigned" - SystemAssigned, UserAssigned
- "None"
- None
DiskEncryptionSetType, DiskEncryptionSetTypeArgs
- Encryption
At Rest With Customer Key - EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- Encryption
At Rest With Platform And Customer Keys - EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- Confidential
Vm Encrypted With Customer Key - ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
- Disk
Encryption Set Type Encryption At Rest With Customer Key - EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- Disk
Encryption Set Type Encryption At Rest With Platform And Customer Keys - EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- Disk
Encryption Set Type Confidential Vm Encrypted With Customer Key - ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
- Encryption
At Rest With Customer Key - EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- Encryption
At Rest With Platform And Customer Keys - EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- Confidential
Vm Encrypted With Customer Key - ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
- Encryption
At Rest With Customer Key - EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- Encryption
At Rest With Platform And Customer Keys - EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- Confidential
Vm Encrypted With Customer Key - ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
- ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY
- EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- ENCRYPTION_AT_REST_WITH_PLATFORM_AND_CUSTOMER_KEYS
- EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- CONFIDENTIAL_VM_ENCRYPTED_WITH_CUSTOMER_KEY
- ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
- "Encryption
At Rest With Customer Key" - EncryptionAtRestWithCustomerKeyResource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.
- "Encryption
At Rest With Platform And Customer Keys" - EncryptionAtRestWithPlatformAndCustomerKeysResource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.
- "Confidential
Vm Encrypted With Customer Key" - ConfidentialVmEncryptedWithCustomerKeyConfidential VM supported disk and VM guest state would be encrypted with customer managed key.
EncryptionSetIdentity, EncryptionSetIdentityArgs
- Type
string | Pulumi.
Azure Native. Compute. Disk Encryption Set Identity Type - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- User
Assigned List<string>Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- Type
string | Disk
Encryption Set Identity Type - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- User
Assigned []stringIdentities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
String | Disk
Encryption Set Identity Type - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned List<String>Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
string | Disk
Encryption Set Identity Type - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned string[]Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
str | Disk
Encryption Set Identity Type - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user_
assigned_ Sequence[str]identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- type
String | "System
Assigned" | "User Assigned" | "System Assigned, User Assigned" | "None" - The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned List<String>Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
EncryptionSetIdentityResponse, EncryptionSetIdentityResponseArgs
- Principal
Id string - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- Tenant
Id string - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- Type string
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- User
Assigned Dictionary<string, Pulumi.Identities Azure Native. Compute. Inputs. User Assigned Identities Response User Assigned Identities> - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- Principal
Id string - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- Tenant
Id string - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- Type string
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- User
Assigned map[string]UserIdentities Assigned Identities Response User Assigned Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id String - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- tenant
Id String - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- type String
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned Map<String,UserIdentities Assigned Identities Response User Assigned Identities> - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id string - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- tenant
Id string - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- type string
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned {[key: string]: UserIdentities Assigned Identities Response User Assigned Identities} - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal_
id str - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- tenant_
id str - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- type str
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user_
assigned_ Mapping[str, Useridentities Assigned Identities Response User Assigned Identities] - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
- principal
Id String - The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- tenant
Id String - The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
- type String
- The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
- user
Assigned Map<Property Map>Identities - The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
InnerErrorResponse, InnerErrorResponseArgs
- Errordetail string
- The internal error message or exception dump.
- Exceptiontype string
- The exception type.
- Errordetail string
- The internal error message or exception dump.
- Exceptiontype string
- The exception type.
- errordetail String
- The internal error message or exception dump.
- exceptiontype String
- The exception type.
- errordetail string
- The internal error message or exception dump.
- exceptiontype string
- The exception type.
- errordetail str
- The internal error message or exception dump.
- exceptiontype str
- The exception type.
- errordetail String
- The internal error message or exception dump.
- exceptiontype String
- The exception type.
KeyForDiskEncryptionSet, KeyForDiskEncryptionSetArgs
- Key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- Source
Vault Pulumi.Azure Native. Compute. Inputs. Source Vault - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- Key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- Source
Vault SourceVault - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url String - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault SourceVault - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault SourceVault - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key_
url str - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source_
vault SourceVault - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url String - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault Property Map - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
KeyForDiskEncryptionSetResponse, KeyForDiskEncryptionSetResponseArgs
- Key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- Source
Vault Pulumi.Azure Native. Compute. Inputs. Source Vault Response - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- Key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- Source
Vault SourceVault Response - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url String - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault SourceVault Response - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url string - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault SourceVault Response - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key_
url str - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source_
vault SourceVault Response - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
- key
Url String - Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
- source
Vault Property Map - Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
SourceVault, SourceVaultArgs
- Id string
- Resource Id
- Id string
- Resource Id
- id String
- Resource Id
- id string
- Resource Id
- id str
- Resource Id
- id String
- Resource Id
SourceVaultResponse, SourceVaultResponseArgs
- Id string
- Resource Id
- Id string
- Resource Id
- id String
- Resource Id
- id string
- Resource Id
- id str
- Resource Id
- id String
- Resource Id
UserAssignedIdentitiesResponseUserAssignedIdentities, UserAssignedIdentitiesResponseUserAssignedIdentitiesArgs
- Client
Id string - The client id of user assigned identity.
- Principal
Id string - The principal id of user assigned identity.
- Client
Id string - The client id of user assigned identity.
- Principal
Id string - The principal id of user assigned identity.
- client
Id String - The client id of user assigned identity.
- principal
Id String - The principal id of user assigned identity.
- client
Id string - The client id of user assigned identity.
- principal
Id string - The principal id of user assigned identity.
- client_
id str - The client id of user assigned identity.
- principal_
id str - The principal id of user assigned identity.
- client
Id String - The client id of user assigned identity.
- principal
Id String - The principal id of user assigned identity.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:compute:DiskEncryptionSet myDiskEncryptionSet /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.4.0 published on Wednesday, May 7, 2025 by Pulumi