1. Packages
  2. Azure Native
  3. API Docs
  4. compute
  5. DiskEncryptionSet
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.8.0 published on Monday, Sep 18, 2023 by Pulumi

azure-native.compute.DiskEncryptionSet

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.8.0 published on Monday, Sep 18, 2023 by Pulumi

    disk encryption set resource. Azure REST API version: 2022-07-02. Prior API version in Azure Native 1.x: 2020-12-01

    Example Usage

    Create a disk encryption set with key vault from a different subscription.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
        {
            ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
            {
                KeyUrl = "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
            },
            DiskEncryptionSetName = "myDiskEncryptionSet",
            EncryptionType = "EncryptionAtRestWithCustomerKey",
            Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
            {
                Type = "SystemAssigned",
            },
            Location = "West US",
            ResourceGroupName = "myResourceGroup",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
    			ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
    				KeyUrl: pulumi.String("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"),
    			},
    			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
    			EncryptionType:        pulumi.String("EncryptionAtRestWithCustomerKey"),
    			Identity: &compute.EncryptionSetIdentityArgs{
    				Type: pulumi.String("SystemAssigned"),
    			},
    			Location:          pulumi.String("West US"),
    			ResourceGroupName: pulumi.String("myResourceGroup"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.compute.DiskEncryptionSet;
    import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()        
                .activeKey(Map.of("keyUrl", "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"))
                .diskEncryptionSetName("myDiskEncryptionSet")
                .encryptionType("EncryptionAtRestWithCustomerKey")
                .identity(Map.of("type", "SystemAssigned"))
                .location("West US")
                .resourceGroupName("myResourceGroup")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
        active_key=azure_native.compute.KeyForDiskEncryptionSetArgs(
            key_url="https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
        ),
        disk_encryption_set_name="myDiskEncryptionSet",
        encryption_type="EncryptionAtRestWithCustomerKey",
        identity=azure_native.compute.EncryptionSetIdentityArgs(
            type="SystemAssigned",
        ),
        location="West US",
        resource_group_name="myResourceGroup")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
        activeKey: {
            keyUrl: "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
        },
        diskEncryptionSetName: "myDiskEncryptionSet",
        encryptionType: "EncryptionAtRestWithCustomerKey",
        identity: {
            type: "SystemAssigned",
        },
        location: "West US",
        resourceGroupName: "myResourceGroup",
    });
    
    resources:
      diskEncryptionSet:
        type: azure-native:compute:DiskEncryptionSet
        properties:
          activeKey:
            keyUrl: https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}
          diskEncryptionSetName: myDiskEncryptionSet
          encryptionType: EncryptionAtRestWithCustomerKey
          identity:
            type: SystemAssigned
          location: West US
          resourceGroupName: myResourceGroup
    

    Create a disk encryption set.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
        {
            ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
            {
                KeyUrl = "https://myvmvault.vault-int.azure-int.net/keys/{key}",
                SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
                {
                    Id = "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
                },
            },
            DiskEncryptionSetName = "myDiskEncryptionSet",
            EncryptionType = "EncryptionAtRestWithCustomerKey",
            Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
            {
                Type = "SystemAssigned",
            },
            Location = "West US",
            ResourceGroupName = "myResourceGroup",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
    			ActiveKey: compute.KeyForDiskEncryptionSetResponse{
    				KeyUrl: pulumi.String("https://myvmvault.vault-int.azure-int.net/keys/{key}"),
    				SourceVault: &compute.SourceVaultArgs{
    					Id: pulumi.String("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"),
    				},
    			},
    			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
    			EncryptionType:        pulumi.String("EncryptionAtRestWithCustomerKey"),
    			Identity: &compute.EncryptionSetIdentityArgs{
    				Type: pulumi.String("SystemAssigned"),
    			},
    			Location:          pulumi.String("West US"),
    			ResourceGroupName: pulumi.String("myResourceGroup"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.compute.DiskEncryptionSet;
    import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()        
                .activeKey(Map.ofEntries(
                    Map.entry("keyUrl", "https://myvmvault.vault-int.azure-int.net/keys/{key}"),
                    Map.entry("sourceVault", Map.of("id", "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"))
                ))
                .diskEncryptionSetName("myDiskEncryptionSet")
                .encryptionType("EncryptionAtRestWithCustomerKey")
                .identity(Map.of("type", "SystemAssigned"))
                .location("West US")
                .resourceGroupName("myResourceGroup")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    disk_encryption_set = azure_native.compute.DiskEncryptionSet("diskEncryptionSet",
        active_key=azure_native.compute.KeyForDiskEncryptionSetResponseArgs(
            key_url="https://myvmvault.vault-int.azure-int.net/keys/{key}",
            source_vault=azure_native.compute.SourceVaultArgs(
                id="/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
            ),
        ),
        disk_encryption_set_name="myDiskEncryptionSet",
        encryption_type="EncryptionAtRestWithCustomerKey",
        identity=azure_native.compute.EncryptionSetIdentityArgs(
            type="SystemAssigned",
        ),
        location="West US",
        resource_group_name="myResourceGroup")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const diskEncryptionSet = new azure_native.compute.DiskEncryptionSet("diskEncryptionSet", {
        activeKey: {
            keyUrl: "https://myvmvault.vault-int.azure-int.net/keys/{key}",
            sourceVault: {
                id: "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
            },
        },
        diskEncryptionSetName: "myDiskEncryptionSet",
        encryptionType: "EncryptionAtRestWithCustomerKey",
        identity: {
            type: "SystemAssigned",
        },
        location: "West US",
        resourceGroupName: "myResourceGroup",
    });
    
    resources:
      diskEncryptionSet:
        type: azure-native:compute:DiskEncryptionSet
        properties:
          activeKey:
            keyUrl: https://myvmvault.vault-int.azure-int.net/keys/{key}
            sourceVault:
              id: /subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault
          diskEncryptionSetName: myDiskEncryptionSet
          encryptionType: EncryptionAtRestWithCustomerKey
          identity:
            type: SystemAssigned
          location: West US
          resourceGroupName: myResourceGroup
    

    Create DiskEncryptionSet Resource

    new DiskEncryptionSet(name: string, args: DiskEncryptionSetArgs, opts?: CustomResourceOptions);
    @overload
    def DiskEncryptionSet(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          active_key: Optional[KeyForDiskEncryptionSetArgs] = None,
                          disk_encryption_set_name: Optional[str] = None,
                          encryption_type: Optional[Union[str, DiskEncryptionSetType]] = None,
                          federated_client_id: Optional[str] = None,
                          identity: Optional[EncryptionSetIdentityArgs] = None,
                          location: Optional[str] = None,
                          resource_group_name: Optional[str] = None,
                          rotation_to_latest_key_version_enabled: Optional[bool] = None,
                          tags: Optional[Mapping[str, str]] = None)
    @overload
    def DiskEncryptionSet(resource_name: str,
                          args: DiskEncryptionSetArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewDiskEncryptionSet(ctx *Context, name string, args DiskEncryptionSetArgs, opts ...ResourceOption) (*DiskEncryptionSet, error)
    public DiskEncryptionSet(string name, DiskEncryptionSetArgs args, CustomResourceOptions? opts = null)
    public DiskEncryptionSet(String name, DiskEncryptionSetArgs args)
    public DiskEncryptionSet(String name, DiskEncryptionSetArgs args, CustomResourceOptions options)
    
    type: azure-native:compute:DiskEncryptionSet
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DiskEncryptionSetArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    DiskEncryptionSet Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The DiskEncryptionSet resource accepts the following input properties:

    ResourceGroupName string

    The name of the resource group.

    ActiveKey Pulumi.AzureNative.Compute.Inputs.KeyForDiskEncryptionSet

    The key vault key which is currently used by this disk encryption set.

    DiskEncryptionSetName string

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    EncryptionType string | Pulumi.AzureNative.Compute.DiskEncryptionSetType

    The type of key used to encrypt the data of the disk.

    FederatedClientId string

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    Identity Pulumi.AzureNative.Compute.Inputs.EncryptionSetIdentity

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    Location string

    Resource location

    RotationToLatestKeyVersionEnabled bool

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    Tags Dictionary<string, string>

    Resource tags

    ResourceGroupName string

    The name of the resource group.

    ActiveKey KeyForDiskEncryptionSetArgs

    The key vault key which is currently used by this disk encryption set.

    DiskEncryptionSetName string

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    EncryptionType string | DiskEncryptionSetType

    The type of key used to encrypt the data of the disk.

    FederatedClientId string

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    Identity EncryptionSetIdentityArgs

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    Location string

    Resource location

    RotationToLatestKeyVersionEnabled bool

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    Tags map[string]string

    Resource tags

    resourceGroupName String

    The name of the resource group.

    activeKey KeyForDiskEncryptionSet

    The key vault key which is currently used by this disk encryption set.

    diskEncryptionSetName String

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    encryptionType String | DiskEncryptionSetType

    The type of key used to encrypt the data of the disk.

    federatedClientId String

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    identity EncryptionSetIdentity

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    location String

    Resource location

    rotationToLatestKeyVersionEnabled Boolean

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    tags Map<String,String>

    Resource tags

    resourceGroupName string

    The name of the resource group.

    activeKey KeyForDiskEncryptionSet

    The key vault key which is currently used by this disk encryption set.

    diskEncryptionSetName string

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    encryptionType string | DiskEncryptionSetType

    The type of key used to encrypt the data of the disk.

    federatedClientId string

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    identity EncryptionSetIdentity

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    location string

    Resource location

    rotationToLatestKeyVersionEnabled boolean

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    tags {[key: string]: string}

    Resource tags

    resource_group_name str

    The name of the resource group.

    active_key KeyForDiskEncryptionSetArgs

    The key vault key which is currently used by this disk encryption set.

    disk_encryption_set_name str

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    encryption_type str | DiskEncryptionSetType

    The type of key used to encrypt the data of the disk.

    federated_client_id str

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    identity EncryptionSetIdentityArgs

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    location str

    Resource location

    rotation_to_latest_key_version_enabled bool

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    tags Mapping[str, str]

    Resource tags

    resourceGroupName String

    The name of the resource group.

    activeKey Property Map

    The key vault key which is currently used by this disk encryption set.

    diskEncryptionSetName String

    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.

    encryptionType String | "EncryptionAtRestWithCustomerKey" | "EncryptionAtRestWithPlatformAndCustomerKeys" | "ConfidentialVmEncryptedWithCustomerKey"

    The type of key used to encrypt the data of the disk.

    federatedClientId String

    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

    identity Property Map

    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

    location String

    Resource location

    rotationToLatestKeyVersionEnabled Boolean

    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

    tags Map<String>

    Resource tags

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DiskEncryptionSet resource produces the following output properties:

    AutoKeyRotationError Pulumi.AzureNative.Compute.Outputs.ApiErrorResponse

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    Id string

    The provider-assigned unique ID for this managed resource.

    LastKeyRotationTimestamp string

    The time when the active key of this disk encryption set was updated.

    Name string

    Resource name

    PreviousKeys List<Pulumi.AzureNative.Compute.Outputs.KeyForDiskEncryptionSetResponse>

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    ProvisioningState string

    The disk encryption set provisioning state.

    Type string

    Resource type

    AutoKeyRotationError ApiErrorResponse

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    Id string

    The provider-assigned unique ID for this managed resource.

    LastKeyRotationTimestamp string

    The time when the active key of this disk encryption set was updated.

    Name string

    Resource name

    PreviousKeys []KeyForDiskEncryptionSetResponse

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    ProvisioningState string

    The disk encryption set provisioning state.

    Type string

    Resource type

    autoKeyRotationError ApiErrorResponse

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    id String

    The provider-assigned unique ID for this managed resource.

    lastKeyRotationTimestamp String

    The time when the active key of this disk encryption set was updated.

    name String

    Resource name

    previousKeys List<KeyForDiskEncryptionSetResponse>

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    provisioningState String

    The disk encryption set provisioning state.

    type String

    Resource type

    autoKeyRotationError ApiErrorResponse

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    id string

    The provider-assigned unique ID for this managed resource.

    lastKeyRotationTimestamp string

    The time when the active key of this disk encryption set was updated.

    name string

    Resource name

    previousKeys KeyForDiskEncryptionSetResponse[]

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    provisioningState string

    The disk encryption set provisioning state.

    type string

    Resource type

    auto_key_rotation_error ApiErrorResponse

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    id str

    The provider-assigned unique ID for this managed resource.

    last_key_rotation_timestamp str

    The time when the active key of this disk encryption set was updated.

    name str

    Resource name

    previous_keys Sequence[KeyForDiskEncryptionSetResponse]

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    provisioning_state str

    The disk encryption set provisioning state.

    type str

    Resource type

    autoKeyRotationError Property Map

    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

    id String

    The provider-assigned unique ID for this managed resource.

    lastKeyRotationTimestamp String

    The time when the active key of this disk encryption set was updated.

    name String

    Resource name

    previousKeys List<Property Map>

    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

    provisioningState String

    The disk encryption set provisioning state.

    type String

    Resource type

    Supporting Types

    ApiErrorBaseResponse, ApiErrorBaseResponseArgs

    Code string

    The error code.

    Message string

    The error message.

    Target string

    The target of the particular error.

    Code string

    The error code.

    Message string

    The error message.

    Target string

    The target of the particular error.

    code String

    The error code.

    message String

    The error message.

    target String

    The target of the particular error.

    code string

    The error code.

    message string

    The error message.

    target string

    The target of the particular error.

    code str

    The error code.

    message str

    The error message.

    target str

    The target of the particular error.

    code String

    The error code.

    message String

    The error message.

    target String

    The target of the particular error.

    ApiErrorResponse, ApiErrorResponseArgs

    Code string

    The error code.

    Details List<Pulumi.AzureNative.Compute.Inputs.ApiErrorBaseResponse>

    The Api error details

    Innererror Pulumi.AzureNative.Compute.Inputs.InnerErrorResponse

    The Api inner error

    Message string

    The error message.

    Target string

    The target of the particular error.

    Code string

    The error code.

    Details []ApiErrorBaseResponse

    The Api error details

    Innererror InnerErrorResponse

    The Api inner error

    Message string

    The error message.

    Target string

    The target of the particular error.

    code String

    The error code.

    details List<ApiErrorBaseResponse>

    The Api error details

    innererror InnerErrorResponse

    The Api inner error

    message String

    The error message.

    target String

    The target of the particular error.

    code string

    The error code.

    details ApiErrorBaseResponse[]

    The Api error details

    innererror InnerErrorResponse

    The Api inner error

    message string

    The error message.

    target string

    The target of the particular error.

    code str

    The error code.

    details Sequence[ApiErrorBaseResponse]

    The Api error details

    innererror InnerErrorResponse

    The Api inner error

    message str

    The error message.

    target str

    The target of the particular error.

    code String

    The error code.

    details List<Property Map>

    The Api error details

    innererror Property Map

    The Api inner error

    message String

    The error message.

    target String

    The target of the particular error.

    DiskEncryptionSetIdentityType, DiskEncryptionSetIdentityTypeArgs

    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    DiskEncryptionSetIdentityTypeSystemAssigned
    SystemAssigned
    DiskEncryptionSetIdentityTypeUserAssigned
    UserAssigned
    DiskEncryptionSetIdentityType_SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    DiskEncryptionSetIdentityTypeNone
    None
    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    SystemAssigned
    SystemAssigned
    UserAssigned
    UserAssigned
    SystemAssigned_UserAssigned
    SystemAssigned, UserAssigned
    None
    None
    SYSTEM_ASSIGNED
    SystemAssigned
    USER_ASSIGNED
    UserAssigned
    SYSTEM_ASSIGNED_USER_ASSIGNED
    SystemAssigned, UserAssigned
    NONE
    None
    "SystemAssigned"
    SystemAssigned
    "UserAssigned"
    UserAssigned
    "SystemAssigned, UserAssigned"
    SystemAssigned, UserAssigned
    "None"
    None

    DiskEncryptionSetType, DiskEncryptionSetTypeArgs

    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    DiskEncryptionSetTypeEncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    DiskEncryptionSetTypeEncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    DiskEncryptionSetTypeConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    EncryptionAtRestWithCustomerKey
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    EncryptionAtRestWithPlatformAndCustomerKeys
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    ConfidentialVmEncryptedWithCustomerKey
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    ENCRYPTION_AT_REST_WITH_PLATFORM_AND_CUSTOMER_KEYS
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    CONFIDENTIAL_VM_ENCRYPTED_WITH_CUSTOMER_KEY
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    "EncryptionAtRestWithCustomerKey"
    EncryptionAtRestWithCustomerKey

    Resource using diskEncryptionSet would be encrypted at rest with Customer managed key that can be changed and revoked by a customer.

    "EncryptionAtRestWithPlatformAndCustomerKeys"
    EncryptionAtRestWithPlatformAndCustomerKeys

    Resource using diskEncryptionSet would be encrypted at rest with two layers of encryption. One of the keys is Customer managed and the other key is Platform managed.

    "ConfidentialVmEncryptedWithCustomerKey"
    ConfidentialVmEncryptedWithCustomerKey

    Confidential VM supported disk and VM guest state would be encrypted with customer managed key.

    EncryptionSetIdentity, EncryptionSetIdentityArgs

    Type string | Pulumi.AzureNative.Compute.DiskEncryptionSetIdentityType

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    UserAssignedIdentities List<string>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    Type string | DiskEncryptionSetIdentityType

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    UserAssignedIdentities []string

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    type String | DiskEncryptionSetIdentityType

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities List<String>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    type string | DiskEncryptionSetIdentityType

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities string[]

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    type str | DiskEncryptionSetIdentityType

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    user_assigned_identities Sequence[str]

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    type String | "SystemAssigned" | "UserAssigned" | "SystemAssigned, UserAssigned" | "None"

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities List<String>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    EncryptionSetIdentityResponse, EncryptionSetIdentityResponseArgs

    PrincipalId string

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    TenantId string

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    Type string

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    UserAssignedIdentities Dictionary<string, Pulumi.AzureNative.Compute.Inputs.UserAssignedIdentitiesResponseUserAssignedIdentities>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    PrincipalId string

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    TenantId string

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    Type string

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    UserAssignedIdentities map[string]UserAssignedIdentitiesResponseUserAssignedIdentities

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    principalId String

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    tenantId String

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    type String

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities Map<String,UserAssignedIdentitiesResponseUserAssignedIdentities>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    principalId string

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    tenantId string

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    type string

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities {[key: string]: UserAssignedIdentitiesResponseUserAssignedIdentities}

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    principal_id str

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    tenant_id str

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    type str

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    user_assigned_identities Mapping[str, UserAssignedIdentitiesResponseUserAssignedIdentities]

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    principalId String

    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    tenantId String

    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity

    type String

    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.

    userAssignedIdentities Map<Property Map>

    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    InnerErrorResponse, InnerErrorResponseArgs

    Errordetail string

    The internal error message or exception dump.

    Exceptiontype string

    The exception type.

    Errordetail string

    The internal error message or exception dump.

    Exceptiontype string

    The exception type.

    errordetail String

    The internal error message or exception dump.

    exceptiontype String

    The exception type.

    errordetail string

    The internal error message or exception dump.

    exceptiontype string

    The exception type.

    errordetail str

    The internal error message or exception dump.

    exceptiontype str

    The exception type.

    errordetail String

    The internal error message or exception dump.

    exceptiontype String

    The exception type.

    KeyForDiskEncryptionSet, KeyForDiskEncryptionSetArgs

    KeyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    SourceVault Pulumi.AzureNative.Compute.Inputs.SourceVault

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    KeyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    SourceVault SourceVault

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl String

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault SourceVault

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault SourceVault

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    key_url str

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    source_vault SourceVault

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl String

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault Property Map

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    KeyForDiskEncryptionSetResponse, KeyForDiskEncryptionSetResponseArgs

    KeyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    SourceVault Pulumi.AzureNative.Compute.Inputs.SourceVaultResponse

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    KeyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    SourceVault SourceVaultResponse

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl String

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault SourceVaultResponse

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl string

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault SourceVaultResponse

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    key_url str

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    source_vault SourceVaultResponse

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    keyUrl String

    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.

    sourceVault Property Map

    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    SourceVault, SourceVaultArgs

    Id string

    Resource Id

    Id string

    Resource Id

    id String

    Resource Id

    id string

    Resource Id

    id str

    Resource Id

    id String

    Resource Id

    SourceVaultResponse, SourceVaultResponseArgs

    Id string

    Resource Id

    Id string

    Resource Id

    id String

    Resource Id

    id string

    Resource Id

    id str

    Resource Id

    id String

    Resource Id

    UserAssignedIdentitiesResponseUserAssignedIdentities, UserAssignedIdentitiesResponseUserAssignedIdentitiesArgs

    ClientId string

    The client id of user assigned identity.

    PrincipalId string

    The principal id of user assigned identity.

    ClientId string

    The client id of user assigned identity.

    PrincipalId string

    The principal id of user assigned identity.

    clientId String

    The client id of user assigned identity.

    principalId String

    The principal id of user assigned identity.

    clientId string

    The client id of user assigned identity.

    principalId string

    The principal id of user assigned identity.

    client_id str

    The client id of user assigned identity.

    principal_id str

    The principal id of user assigned identity.

    clientId String

    The client id of user assigned identity.

    principalId String

    The principal id of user assigned identity.

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:compute:DiskEncryptionSet myDiskEncryptionSet /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName} 
    

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.8.0 published on Monday, Sep 18, 2023 by Pulumi