Azure Native v3.3.0, Apr 28 25

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.3.0 published on Monday, Apr 28, 2025 by Pulumi

pulumi/pulumi-azure-native

azure-native.keyvault.getManagedHsm

Explore with Pulumi AI

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.3.0 published on Monday, Apr 28, 2025 by Pulumi

pulumi/pulumi-azure-native

Using getManagedHsm

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getManagedHsm(args: GetManagedHsmArgs, opts?: InvokeOptions): Promise<GetManagedHsmResult>
function getManagedHsmOutput(args: GetManagedHsmOutputArgs, opts?: InvokeOptions): Output<GetManagedHsmResult>

def get_managed_hsm(name: Optional[str] = None,
                    resource_group_name: Optional[str] = None,
                    opts: Optional[InvokeOptions] = None) -> GetManagedHsmResult
def get_managed_hsm_output(name: Optional[pulumi.Input[str]] = None,
                    resource_group_name: Optional[pulumi.Input[str]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetManagedHsmResult]

func LookupManagedHsm(ctx *Context, args *LookupManagedHsmArgs, opts ...InvokeOption) (*LookupManagedHsmResult, error)
func LookupManagedHsmOutput(ctx *Context, args *LookupManagedHsmOutputArgs, opts ...InvokeOption) LookupManagedHsmResultOutput

> Note: This function is named LookupManagedHsm in the Go SDK.

public static class GetManagedHsm 
{
    public static Task<GetManagedHsmResult> InvokeAsync(GetManagedHsmArgs args, InvokeOptions? opts = null)
    public static Output<GetManagedHsmResult> Invoke(GetManagedHsmInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetManagedHsmResult> getManagedHsm(GetManagedHsmArgs args, InvokeOptions options)
public static Output<GetManagedHsmResult> getManagedHsm(GetManagedHsmArgs args, InvokeOptions options)

fn::invoke:
  function: azure-native:keyvault:getManagedHsm
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: The name of the managed HSM Pool.
ResourceGroupName string: Name of the resource group that contains the managed HSM pool.

Name string: The name of the managed HSM Pool.
ResourceGroupName string: Name of the resource group that contains the managed HSM pool.

name String: The name of the managed HSM Pool.
resourceGroupName String: Name of the resource group that contains the managed HSM pool.

name string: The name of the managed HSM Pool.
resourceGroupName string: Name of the resource group that contains the managed HSM pool.

name str: The name of the managed HSM Pool.
resource_group_name str: Name of the resource group that contains the managed HSM pool.

name String: The name of the managed HSM Pool.
resourceGroupName String: Name of the resource group that contains the managed HSM pool.

getManagedHsm Result

The following output properties are available:

AzureApiVersion string: The Azure API version of the resource.
Id string: The Azure Resource Manager resource ID for the managed HSM Pool.
Name string: The name of the managed HSM Pool.
Properties Pulumi.AzureNative.KeyVault.Outputs.ManagedHsmPropertiesResponse: Properties of the managed HSM
SystemData Pulumi.AzureNative.KeyVault.Outputs.SystemDataResponse: Metadata pertaining to creation and last modification of the key vault resource.
Type string: The resource type of the managed HSM Pool.
Identity Pulumi.AzureNative.KeyVault.Outputs.ManagedServiceIdentityResponse: Managed service identity (system assigned and/or user assigned identities)
Location string: The supported Azure location where the managed HSM Pool should be created.
Sku Pulumi.AzureNative.KeyVault.Outputs.ManagedHsmSkuResponse: SKU details
Tags Dictionary<string, string>: Resource tags

AzureApiVersion string: The Azure API version of the resource.
Id string: The Azure Resource Manager resource ID for the managed HSM Pool.
Name string: The name of the managed HSM Pool.
Properties ManagedHsmPropertiesResponse: Properties of the managed HSM
SystemData SystemDataResponse: Metadata pertaining to creation and last modification of the key vault resource.
Type string: The resource type of the managed HSM Pool.
Identity ManagedServiceIdentityResponse: Managed service identity (system assigned and/or user assigned identities)
Location string: The supported Azure location where the managed HSM Pool should be created.
Sku ManagedHsmSkuResponse: SKU details
Tags map[string]string: Resource tags

azureApiVersion String: The Azure API version of the resource.
id String: The Azure Resource Manager resource ID for the managed HSM Pool.
name String: The name of the managed HSM Pool.
properties ManagedHsmPropertiesResponse: Properties of the managed HSM
systemData SystemDataResponse: Metadata pertaining to creation and last modification of the key vault resource.
type String: The resource type of the managed HSM Pool.
identity ManagedServiceIdentityResponse: Managed service identity (system assigned and/or user assigned identities)
location String: The supported Azure location where the managed HSM Pool should be created.
sku ManagedHsmSkuResponse: SKU details
tags Map<String,String>: Resource tags

azureApiVersion string: The Azure API version of the resource.
id string: The Azure Resource Manager resource ID for the managed HSM Pool.
name string: The name of the managed HSM Pool.
properties ManagedHsmPropertiesResponse: Properties of the managed HSM
systemData SystemDataResponse: Metadata pertaining to creation and last modification of the key vault resource.
type string: The resource type of the managed HSM Pool.
identity ManagedServiceIdentityResponse: Managed service identity (system assigned and/or user assigned identities)
location string: The supported Azure location where the managed HSM Pool should be created.
sku ManagedHsmSkuResponse: SKU details
tags {[key: string]: string}: Resource tags

azure_api_version str: The Azure API version of the resource.
id str: The Azure Resource Manager resource ID for the managed HSM Pool.
name str: The name of the managed HSM Pool.
properties ManagedHsmPropertiesResponse: Properties of the managed HSM
system_data SystemDataResponse: Metadata pertaining to creation and last modification of the key vault resource.
type str: The resource type of the managed HSM Pool.
identity ManagedServiceIdentityResponse: Managed service identity (system assigned and/or user assigned identities)
location str: The supported Azure location where the managed HSM Pool should be created.
sku ManagedHsmSkuResponse: SKU details
tags Mapping[str, str]: Resource tags

azureApiVersion String: The Azure API version of the resource.
id String: The Azure Resource Manager resource ID for the managed HSM Pool.
name String: The name of the managed HSM Pool.
properties Property Map: Properties of the managed HSM
systemData Property Map: Metadata pertaining to creation and last modification of the key vault resource.
type String: The resource type of the managed HSM Pool.
identity Property Map: Managed service identity (system assigned and/or user assigned identities)
location String: The supported Azure location where the managed HSM Pool should be created.
sku Property Map: SKU details
tags Map<String>: Resource tags

Supporting Types

MHSMGeoReplicatedRegionResponse

ProvisioningState string: Provisioning state of the geo replicated region.
IsPrimary bool: A boolean value that indicates whether the region is the primary region or a secondary region.
Name string: Name of the geo replicated region.

ProvisioningState string: Provisioning state of the geo replicated region.
IsPrimary bool: A boolean value that indicates whether the region is the primary region or a secondary region.
Name string: Name of the geo replicated region.

provisioningState String: Provisioning state of the geo replicated region.
isPrimary Boolean: A boolean value that indicates whether the region is the primary region or a secondary region.
name String: Name of the geo replicated region.

provisioningState string: Provisioning state of the geo replicated region.
isPrimary boolean: A boolean value that indicates whether the region is the primary region or a secondary region.
name string: Name of the geo replicated region.

provisioning_state str: Provisioning state of the geo replicated region.
is_primary bool: A boolean value that indicates whether the region is the primary region or a secondary region.
name str: Name of the geo replicated region.

provisioningState String: Provisioning state of the geo replicated region.
isPrimary Boolean: A boolean value that indicates whether the region is the primary region or a secondary region.
name String: Name of the geo replicated region.

MHSMIPRuleResponse

Value string: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

Value string: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value string: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value str: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

MHSMNetworkRuleSetResponse

Bypass string: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
DefaultAction string: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
IpRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMIPRuleResponse>: The list of IP address rules.
VirtualNetworkRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMVirtualNetworkRuleResponse>: The list of virtual network rules.

Bypass string: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
DefaultAction string: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
IpRules []MHSMIPRuleResponse: The list of IP address rules.
VirtualNetworkRules []MHSMVirtualNetworkRuleResponse: The list of virtual network rules.

bypass String: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
defaultAction String: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
ipRules List<MHSMIPRuleResponse>: The list of IP address rules.
virtualNetworkRules List<MHSMVirtualNetworkRuleResponse>: The list of virtual network rules.

bypass string: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
defaultAction string: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
ipRules MHSMIPRuleResponse[]: The list of IP address rules.
virtualNetworkRules MHSMVirtualNetworkRuleResponse[]: The list of virtual network rules.

bypass str: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
default_action str: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
ip_rules Sequence[MHSMIPRuleResponse]: The list of IP address rules.
virtual_network_rules Sequence[MHSMVirtualNetworkRuleResponse]: The list of virtual network rules.

bypass String: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.
defaultAction String: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
ipRules List<Property Map>: The list of IP address rules.
virtualNetworkRules List<Property Map>: The list of virtual network rules.

MHSMPrivateEndpointConnectionItemResponse

ProvisioningState string: Provisioning state of the private endpoint connection.
Etag string: Modified whenever there is a change in the state of private endpoint connection.
Id string: Id of private endpoint connection.
PrivateEndpoint Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateEndpointResponse: Properties of the private endpoint object.
PrivateLinkServiceConnectionState Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateLinkServiceConnectionStateResponse: Approval state of the private link connection.

ProvisioningState string: Provisioning state of the private endpoint connection.
Etag string: Modified whenever there is a change in the state of private endpoint connection.
Id string: Id of private endpoint connection.
PrivateEndpoint MHSMPrivateEndpointResponse: Properties of the private endpoint object.
PrivateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse: Approval state of the private link connection.

provisioningState String: Provisioning state of the private endpoint connection.
etag String: Modified whenever there is a change in the state of private endpoint connection.
id String: Id of private endpoint connection.
privateEndpoint MHSMPrivateEndpointResponse: Properties of the private endpoint object.
privateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse: Approval state of the private link connection.

provisioningState string: Provisioning state of the private endpoint connection.
etag string: Modified whenever there is a change in the state of private endpoint connection.
id string: Id of private endpoint connection.
privateEndpoint MHSMPrivateEndpointResponse: Properties of the private endpoint object.
privateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse: Approval state of the private link connection.

provisioning_state str: Provisioning state of the private endpoint connection.
etag str: Modified whenever there is a change in the state of private endpoint connection.
id str: Id of private endpoint connection.
private_endpoint MHSMPrivateEndpointResponse: Properties of the private endpoint object.
private_link_service_connection_state MHSMPrivateLinkServiceConnectionStateResponse: Approval state of the private link connection.

provisioningState String: Provisioning state of the private endpoint connection.
etag String: Modified whenever there is a change in the state of private endpoint connection.
id String: Id of private endpoint connection.
privateEndpoint Property Map: Properties of the private endpoint object.
privateLinkServiceConnectionState Property Map: Approval state of the private link connection.

MHSMPrivateEndpointResponse

Id string: Full identifier of the private endpoint resource.

Id string: Full identifier of the private endpoint resource.

id String: Full identifier of the private endpoint resource.

id string: Full identifier of the private endpoint resource.

id str: Full identifier of the private endpoint resource.

id String: Full identifier of the private endpoint resource.

MHSMPrivateLinkServiceConnectionStateResponse

ActionsRequired string: A message indicating if changes on the service provider require any updates on the consumer.
Description string: The reason for approval or rejection.
Status string: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

ActionsRequired string: A message indicating if changes on the service provider require any updates on the consumer.
Description string: The reason for approval or rejection.
Status string: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String: A message indicating if changes on the service provider require any updates on the consumer.
description String: The reason for approval or rejection.
status String: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired string: A message indicating if changes on the service provider require any updates on the consumer.
description string: The reason for approval or rejection.
status string: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actions_required str: A message indicating if changes on the service provider require any updates on the consumer.
description str: The reason for approval or rejection.
status str: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String: A message indicating if changes on the service provider require any updates on the consumer.
description String: The reason for approval or rejection.
status String: Indicates whether the connection has been approved, rejected or removed by the key vault owner.

MHSMVirtualNetworkRuleResponse

Id string: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

Id string: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id string: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id str: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ManagedHSMSecurityDomainPropertiesResponse

ActivationStatus string: Activation Status
ActivationStatusMessage string: Activation Status Message.

ActivationStatus string: Activation Status
ActivationStatusMessage string: Activation Status Message.

activationStatus String: Activation Status
activationStatusMessage String: Activation Status Message.

activationStatus string: Activation Status
activationStatusMessage string: Activation Status Message.

activation_status str: Activation Status
activation_status_message str: Activation Status Message.

activationStatus String: Activation Status
activationStatusMessage String: Activation Status Message.

ManagedHsmPropertiesResponse

HsmUri string: The URI of the managed hsm pool for performing operations on keys.
PrivateEndpointConnections List<Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateEndpointConnectionItemResponse>: List of private endpoint connections associated with the managed hsm pool.
ProvisioningState string: Provisioning state.
ScheduledPurgeDate string: The scheduled purge date in UTC.
SecurityDomainProperties Pulumi.AzureNative.KeyVault.Inputs.ManagedHSMSecurityDomainPropertiesResponse: Managed HSM security domain properties.
StatusMessage string: Resource Status Message.
EnablePurgeProtection bool: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
EnableSoftDelete bool: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
InitialAdminObjectIds List<string>: Array of initial administrators object ids for this managed hsm pool.
NetworkAcls Pulumi.AzureNative.KeyVault.Inputs.MHSMNetworkRuleSetResponse: Rules governing the accessibility of the key vault from specific network locations.
PublicNetworkAccess string: Control permission to the managed HSM from public networks.
Regions List<Pulumi.AzureNative.KeyVault.Inputs.MHSMGeoReplicatedRegionResponse>: List of all regions associated with the managed hsm pool.
SoftDeleteRetentionInDays int: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
TenantId string: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

HsmUri string: The URI of the managed hsm pool for performing operations on keys.
PrivateEndpointConnections []MHSMPrivateEndpointConnectionItemResponse: List of private endpoint connections associated with the managed hsm pool.
ProvisioningState string: Provisioning state.
ScheduledPurgeDate string: The scheduled purge date in UTC.
SecurityDomainProperties ManagedHSMSecurityDomainPropertiesResponse: Managed HSM security domain properties.
StatusMessage string: Resource Status Message.
EnablePurgeProtection bool: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
EnableSoftDelete bool: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
InitialAdminObjectIds []string: Array of initial administrators object ids for this managed hsm pool.
NetworkAcls MHSMNetworkRuleSetResponse: Rules governing the accessibility of the key vault from specific network locations.
PublicNetworkAccess string: Control permission to the managed HSM from public networks.
Regions []MHSMGeoReplicatedRegionResponse: List of all regions associated with the managed hsm pool.
SoftDeleteRetentionInDays int: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
TenantId string: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri String: The URI of the managed hsm pool for performing operations on keys.
privateEndpointConnections List<MHSMPrivateEndpointConnectionItemResponse>: List of private endpoint connections associated with the managed hsm pool.
provisioningState String: Provisioning state.
scheduledPurgeDate String: The scheduled purge date in UTC.
securityDomainProperties ManagedHSMSecurityDomainPropertiesResponse: Managed HSM security domain properties.
statusMessage String: Resource Status Message.
enablePurgeProtection Boolean: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
enableSoftDelete Boolean: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
initialAdminObjectIds List<String>: Array of initial administrators object ids for this managed hsm pool.
networkAcls MHSMNetworkRuleSetResponse: Rules governing the accessibility of the key vault from specific network locations.
publicNetworkAccess String: Control permission to the managed HSM from public networks.
regions List<MHSMGeoReplicatedRegionResponse>: List of all regions associated with the managed hsm pool.
softDeleteRetentionInDays Integer: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
tenantId String: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri string: The URI of the managed hsm pool for performing operations on keys.
privateEndpointConnections MHSMPrivateEndpointConnectionItemResponse[]: List of private endpoint connections associated with the managed hsm pool.
provisioningState string: Provisioning state.
scheduledPurgeDate string: The scheduled purge date in UTC.
securityDomainProperties ManagedHSMSecurityDomainPropertiesResponse: Managed HSM security domain properties.
statusMessage string: Resource Status Message.
enablePurgeProtection boolean: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
enableSoftDelete boolean: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
initialAdminObjectIds string[]: Array of initial administrators object ids for this managed hsm pool.
networkAcls MHSMNetworkRuleSetResponse: Rules governing the accessibility of the key vault from specific network locations.
publicNetworkAccess string: Control permission to the managed HSM from public networks.
regions MHSMGeoReplicatedRegionResponse[]: List of all regions associated with the managed hsm pool.
softDeleteRetentionInDays number: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
tenantId string: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsm_uri str: The URI of the managed hsm pool for performing operations on keys.
private_endpoint_connections Sequence[MHSMPrivateEndpointConnectionItemResponse]: List of private endpoint connections associated with the managed hsm pool.
provisioning_state str: Provisioning state.
scheduled_purge_date str: The scheduled purge date in UTC.
security_domain_properties ManagedHSMSecurityDomainPropertiesResponse: Managed HSM security domain properties.
status_message str: Resource Status Message.
enable_purge_protection bool: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
enable_soft_delete bool: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
initial_admin_object_ids Sequence[str]: Array of initial administrators object ids for this managed hsm pool.
network_acls MHSMNetworkRuleSetResponse: Rules governing the accessibility of the key vault from specific network locations.
public_network_access str: Control permission to the managed HSM from public networks.
regions Sequence[MHSMGeoReplicatedRegionResponse]: List of all regions associated with the managed hsm pool.
soft_delete_retention_in_days int: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
tenant_id str: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri String: The URI of the managed hsm pool for performing operations on keys.
privateEndpointConnections List<Property Map>: List of private endpoint connections associated with the managed hsm pool.
provisioningState String: Provisioning state.
scheduledPurgeDate String: The scheduled purge date in UTC.
securityDomainProperties Property Map: Managed HSM security domain properties.
statusMessage String: Resource Status Message.
enablePurgeProtection Boolean: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
enableSoftDelete Boolean: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
initialAdminObjectIds List<String>: Array of initial administrators object ids for this managed hsm pool.
networkAcls Property Map: Rules governing the accessibility of the key vault from specific network locations.
publicNetworkAccess String: Control permission to the managed HSM from public networks.
regions List<Property Map>: List of all regions associated with the managed hsm pool.
softDeleteRetentionInDays Number: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
tenantId String: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

ManagedHsmSkuResponse

Family string: SKU Family of the managed HSM Pool
Name string: SKU of the managed HSM Pool

Family string: SKU Family of the managed HSM Pool
Name string: SKU of the managed HSM Pool

family String: SKU Family of the managed HSM Pool
name String: SKU of the managed HSM Pool

family string: SKU Family of the managed HSM Pool
name string: SKU of the managed HSM Pool

family str: SKU Family of the managed HSM Pool
name str: SKU of the managed HSM Pool

family String: SKU Family of the managed HSM Pool
name String: SKU of the managed HSM Pool

ManagedServiceIdentityResponse

PrincipalId string: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
TenantId string: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
Type string: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
UserAssignedIdentities Dictionary<string, Pulumi.AzureNative.KeyVault.Inputs.UserAssignedIdentityResponse>: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

PrincipalId string: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
TenantId string: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
Type string: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
UserAssignedIdentities map[string]UserAssignedIdentityResponse: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

principalId String: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId String: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
type String: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
userAssignedIdentities Map<String,UserAssignedIdentityResponse>: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

principalId string: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId string: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
type string: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
userAssignedIdentities {[key: string]: UserAssignedIdentityResponse}: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

principal_id str: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
tenant_id str: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
type str: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
user_assigned_identities Mapping[str, UserAssignedIdentityResponse]: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

principalId String: The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity.
tenantId String: The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity.
type String: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
userAssignedIdentities Map<Property Map>: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.

SystemDataResponse

CreatedAt string: The timestamp of the key vault resource creation (UTC).
CreatedBy string: The identity that created the key vault resource.
CreatedByType string: The type of identity that created the key vault resource.
LastModifiedAt string: The timestamp of the key vault resource last modification (UTC).
LastModifiedBy string: The identity that last modified the key vault resource.
LastModifiedByType string: The type of identity that last modified the key vault resource.

CreatedAt string: The timestamp of the key vault resource creation (UTC).
CreatedBy string: The identity that created the key vault resource.
CreatedByType string: The type of identity that created the key vault resource.
LastModifiedAt string: The timestamp of the key vault resource last modification (UTC).
LastModifiedBy string: The identity that last modified the key vault resource.
LastModifiedByType string: The type of identity that last modified the key vault resource.

createdAt String: The timestamp of the key vault resource creation (UTC).
createdBy String: The identity that created the key vault resource.
createdByType String: The type of identity that created the key vault resource.
lastModifiedAt String: The timestamp of the key vault resource last modification (UTC).
lastModifiedBy String: The identity that last modified the key vault resource.
lastModifiedByType String: The type of identity that last modified the key vault resource.

createdAt string: The timestamp of the key vault resource creation (UTC).
createdBy string: The identity that created the key vault resource.
createdByType string: The type of identity that created the key vault resource.
lastModifiedAt string: The timestamp of the key vault resource last modification (UTC).
lastModifiedBy string: The identity that last modified the key vault resource.
lastModifiedByType string: The type of identity that last modified the key vault resource.

created_at str: The timestamp of the key vault resource creation (UTC).
created_by str: The identity that created the key vault resource.
created_by_type str: The type of identity that created the key vault resource.
last_modified_at str: The timestamp of the key vault resource last modification (UTC).
last_modified_by str: The identity that last modified the key vault resource.
last_modified_by_type str: The type of identity that last modified the key vault resource.

createdAt String: The timestamp of the key vault resource creation (UTC).
createdBy String: The identity that created the key vault resource.
createdByType String: The type of identity that created the key vault resource.
lastModifiedAt String: The timestamp of the key vault resource last modification (UTC).
lastModifiedBy String: The identity that last modified the key vault resource.
lastModifiedByType String: The type of identity that last modified the key vault resource.

UserAssignedIdentityResponse

ClientId string: The client ID of the assigned identity.
PrincipalId string: The principal ID of the assigned identity.

ClientId string: The client ID of the assigned identity.
PrincipalId string: The principal ID of the assigned identity.

clientId String: The client ID of the assigned identity.
principalId String: The principal ID of the assigned identity.

clientId string: The client ID of the assigned identity.
principalId string: The principal ID of the assigned identity.

client_id str: The client ID of the assigned identity.
principal_id str: The principal ID of the assigned identity.

clientId String: The client ID of the assigned identity.
principalId String: The principal ID of the assigned identity.

Package Details

Repository: Azure Native pulumi/pulumi-azure-native
License: Apache-2.0

This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.

Azure Native v3.3.0 published on Monday, Apr 28, 2025 by Pulumi

pulumi/pulumi-azure-native

azure-native.keyvault.getManagedHsm

On this page

On this page

Using getManagedHsm

getManagedHsm Result

Supporting Types

MHSMGeoReplicatedRegionResponse

MHSMIPRuleResponse

MHSMNetworkRuleSetResponse

MHSMPrivateEndpointConnectionItemResponse

MHSMPrivateEndpointResponse

MHSMPrivateLinkServiceConnectionStateResponse

MHSMVirtualNetworkRuleResponse

ManagedHSMSecurityDomainPropertiesResponse

ManagedHsmPropertiesResponse

ManagedHsmSkuResponse

ManagedServiceIdentityResponse

SystemDataResponse

UserAssignedIdentityResponse

Package Details

On this page

On this page