Azure Native

v1.87.0 published on Tuesday, Nov 22, 2022 by Pulumi

Key

The key resource. API Version: 2019-09-01.

Example Usage

Create a key

using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var key = new AzureNative.KeyVault.Key("key", new()
    {
        KeyName = "sample-key-name",
        Properties = new AzureNative.KeyVault.Inputs.KeyPropertiesArgs
        {
            Kty = "RSA",
        },
        ResourceGroupName = "sample-group",
        VaultName = "sample-vault-name",
    });

});
package main

import (
	keyvault "github.com/pulumi/pulumi-azure-native/sdk/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keyvault.NewKey(ctx, "key", &keyvault.KeyArgs{
			KeyName: pulumi.String("sample-key-name"),
			Properties: &keyvault.KeyPropertiesArgs{
				Kty: pulumi.String("RSA"),
			},
			ResourceGroupName: pulumi.String("sample-group"),
			VaultName:         pulumi.String("sample-vault-name"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.keyvault.Key;
import com.pulumi.azurenative.keyvault.KeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var key = new Key("key", KeyArgs.builder()        
            .keyName("sample-key-name")
            .properties(Map.of("kty", "RSA"))
            .resourceGroupName("sample-group")
            .vaultName("sample-vault-name")
            .build());

    }
}
import pulumi
import pulumi_azure_native as azure_native

key = azure_native.keyvault.Key("key",
    key_name="sample-key-name",
    properties=azure_native.keyvault.KeyPropertiesArgs(
        kty="RSA",
    ),
    resource_group_name="sample-group",
    vault_name="sample-vault-name")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const key = new azure_native.keyvault.Key("key", {
    keyName: "sample-key-name",
    properties: {
        kty: "RSA",
    },
    resourceGroupName: "sample-group",
    vaultName: "sample-vault-name",
});
resources:
  key:
    type: azure-native:keyvault:Key
    properties:
      keyName: sample-key-name
      properties:
        kty: RSA
      resourceGroupName: sample-group
      vaultName: sample-vault-name

Create Key Resource

new Key(name: string, args: KeyArgs, opts?: CustomResourceOptions);
@overload
def Key(resource_name: str,
        opts: Optional[ResourceOptions] = None,
        key_name: Optional[str] = None,
        properties: Optional[KeyPropertiesArgs] = None,
        resource_group_name: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        vault_name: Optional[str] = None)
@overload
def Key(resource_name: str,
        args: KeyArgs,
        opts: Optional[ResourceOptions] = None)
func NewKey(ctx *Context, name string, args KeyArgs, opts ...ResourceOption) (*Key, error)
public Key(string name, KeyArgs args, CustomResourceOptions? opts = null)
public Key(String name, KeyArgs args)
public Key(String name, KeyArgs args, CustomResourceOptions options)
type: azure-native:keyvault:Key
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args KeyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args KeyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args KeyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args KeyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args KeyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Key Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Key resource accepts the following input properties:

Properties Pulumi.AzureNative.KeyVault.Inputs.KeyPropertiesArgs

The properties of the key to be created.

ResourceGroupName string

The name of the resource group which contains the specified key vault.

VaultName string

The name of the key vault which contains the key to be created.

KeyName string

The name of the key to be created.

Tags Dictionary<string, string>

The tags that will be assigned to the key.

Properties KeyPropertiesArgs

The properties of the key to be created.

ResourceGroupName string

The name of the resource group which contains the specified key vault.

VaultName string

The name of the key vault which contains the key to be created.

KeyName string

The name of the key to be created.

Tags map[string]string

The tags that will be assigned to the key.

properties KeyPropertiesArgs

The properties of the key to be created.

resourceGroupName String

The name of the resource group which contains the specified key vault.

vaultName String

The name of the key vault which contains the key to be created.

keyName String

The name of the key to be created.

tags Map<String,String>

The tags that will be assigned to the key.

properties KeyPropertiesArgs

The properties of the key to be created.

resourceGroupName string

The name of the resource group which contains the specified key vault.

vaultName string

The name of the key vault which contains the key to be created.

keyName string

The name of the key to be created.

tags {[key: string]: string}

The tags that will be assigned to the key.

properties KeyPropertiesArgs

The properties of the key to be created.

resource_group_name str

The name of the resource group which contains the specified key vault.

vault_name str

The name of the key vault which contains the key to be created.

key_name str

The name of the key to be created.

tags Mapping[str, str]

The tags that will be assigned to the key.

properties Property Map

The properties of the key to be created.

resourceGroupName String

The name of the resource group which contains the specified key vault.

vaultName String

The name of the key vault which contains the key to be created.

keyName String

The name of the key to be created.

tags Map<String>

The tags that will be assigned to the key.

Outputs

All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

KeyUri string

The URI to retrieve the current version of the key.

KeyUriWithVersion string

The URI to retrieve the specific version of the key.

Location string

Azure location of the key vault resource.

Name string

Name of the key vault resource.

Type string

Resource type of the key vault resource.

Attributes Pulumi.AzureNative.KeyVault.Outputs.KeyAttributesResponse

The attributes of the key.

CurveName string

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

KeyOps List<string>
KeySize int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

Kty string

The type of the key. For valid values, see JsonWebKeyType.

Id string

The provider-assigned unique ID for this managed resource.

KeyUri string

The URI to retrieve the current version of the key.

KeyUriWithVersion string

The URI to retrieve the specific version of the key.

Location string

Azure location of the key vault resource.

Name string

Name of the key vault resource.

Type string

Resource type of the key vault resource.

Attributes KeyAttributesResponse

The attributes of the key.

CurveName string

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

KeyOps []string
KeySize int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

Kty string

The type of the key. For valid values, see JsonWebKeyType.

id String

The provider-assigned unique ID for this managed resource.

keyUri String

The URI to retrieve the current version of the key.

keyUriWithVersion String

The URI to retrieve the specific version of the key.

location String

Azure location of the key vault resource.

name String

Name of the key vault resource.

type String

Resource type of the key vault resource.

attributes KeyAttributesResponse

The attributes of the key.

curveName String

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps List<String>
keySize Integer

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty String

The type of the key. For valid values, see JsonWebKeyType.

id string

The provider-assigned unique ID for this managed resource.

keyUri string

The URI to retrieve the current version of the key.

keyUriWithVersion string

The URI to retrieve the specific version of the key.

location string

Azure location of the key vault resource.

name string

Name of the key vault resource.

type string

Resource type of the key vault resource.

attributes KeyAttributesResponse

The attributes of the key.

curveName string

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps string[]
keySize number

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty string

The type of the key. For valid values, see JsonWebKeyType.

id str

The provider-assigned unique ID for this managed resource.

key_uri str

The URI to retrieve the current version of the key.

key_uri_with_version str

The URI to retrieve the specific version of the key.

location str

Azure location of the key vault resource.

name str

Name of the key vault resource.

type str

Resource type of the key vault resource.

attributes KeyAttributesResponse

The attributes of the key.

curve_name str

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

key_ops Sequence[str]
key_size int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty str

The type of the key. For valid values, see JsonWebKeyType.

id String

The provider-assigned unique ID for this managed resource.

keyUri String

The URI to retrieve the current version of the key.

keyUriWithVersion String

The URI to retrieve the specific version of the key.

location String

Azure location of the key vault resource.

name String

Name of the key vault resource.

type String

Resource type of the key vault resource.

attributes Property Map

The attributes of the key.

curveName String

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps List<String>
keySize Number

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty String

The type of the key. For valid values, see JsonWebKeyType.

Supporting Types

JsonWebKeyCurveName

P_256
P-256
P_384
P-384
P_521
P-521
P_256K
P-256K
JsonWebKeyCurveName_P_256
P-256
JsonWebKeyCurveName_P_384
P-384
JsonWebKeyCurveName_P_521
P-521
JsonWebKeyCurveName_P_256K
P-256K
P256
P-256
P384
P-384
P521
P-521
P256K
P-256K
P_256
P-256
P_384
P-384
P_521
P-521
P_256K
P-256K
P_256
P-256
P_384
P-384
P_521
P-521
P_256_K
P-256K
"P-256"
P-256
"P-384"
P-384
"P-521"
P-521
"P-256K"
P-256K

JsonWebKeyOperation

Encrypt
encrypt
Decrypt
decrypt
Sign
sign
Verify
verify
WrapKey
wrapKey
UnwrapKey
unwrapKey
Import
import
JsonWebKeyOperationEncrypt
encrypt
JsonWebKeyOperationDecrypt
decrypt
JsonWebKeyOperationSign
sign
JsonWebKeyOperationVerify
verify
JsonWebKeyOperationWrapKey
wrapKey
JsonWebKeyOperationUnwrapKey
unwrapKey
JsonWebKeyOperationImport
import
Encrypt
encrypt
Decrypt
decrypt
Sign
sign
Verify
verify
WrapKey
wrapKey
UnwrapKey
unwrapKey
Import_
import
Encrypt
encrypt
Decrypt
decrypt
Sign
sign
Verify
verify
WrapKey
wrapKey
UnwrapKey
unwrapKey
Import
import
ENCRYPT
encrypt
DECRYPT
decrypt
SIGN
sign
VERIFY
verify
WRAP_KEY
wrapKey
UNWRAP_KEY
unwrapKey
IMPORT_
import
"encrypt"
encrypt
"decrypt"
decrypt
"sign"
sign
"verify"
verify
"wrapKey"
wrapKey
"unwrapKey"
unwrapKey
"import"
import

JsonWebKeyType

EC
EC
EC_HSM
EC-HSM
RSA
RSA
RSA_HSM
RSA-HSM
JsonWebKeyTypeEC
EC
JsonWebKeyType_EC_HSM
EC-HSM
JsonWebKeyTypeRSA
RSA
JsonWebKeyType_RSA_HSM
RSA-HSM
EC
EC
ECHSM
EC-HSM
RSA
RSA
RSAHSM
RSA-HSM
EC
EC
EC_HSM
EC-HSM
RSA
RSA
RSA_HSM
RSA-HSM
EC
EC
E_C_HSM
EC-HSM
RSA
RSA
RS_A_HSM
RSA-HSM
"EC"
EC
"EC-HSM"
EC-HSM
"RSA"
RSA
"RSA-HSM"
RSA-HSM

KeyAttributes

Enabled bool

Determines whether or not the object is enabled.

Expires double

Expiry date in seconds since 1970-01-01T00:00:00Z.

NotBefore double

Not before date in seconds since 1970-01-01T00:00:00Z.

Enabled bool

Determines whether or not the object is enabled.

Expires float64

Expiry date in seconds since 1970-01-01T00:00:00Z.

NotBefore float64

Not before date in seconds since 1970-01-01T00:00:00Z.

enabled Boolean

Determines whether or not the object is enabled.

expires Double

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore Double

Not before date in seconds since 1970-01-01T00:00:00Z.

enabled boolean

Determines whether or not the object is enabled.

expires number

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore number

Not before date in seconds since 1970-01-01T00:00:00Z.

enabled bool

Determines whether or not the object is enabled.

expires float

Expiry date in seconds since 1970-01-01T00:00:00Z.

not_before float

Not before date in seconds since 1970-01-01T00:00:00Z.

enabled Boolean

Determines whether or not the object is enabled.

expires Number

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore Number

Not before date in seconds since 1970-01-01T00:00:00Z.

KeyAttributesResponse

Created double

Creation time in seconds since 1970-01-01T00:00:00Z.

RecoveryLevel string

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

Updated double

Last updated time in seconds since 1970-01-01T00:00:00Z.

Enabled bool

Determines whether or not the object is enabled.

Expires double

Expiry date in seconds since 1970-01-01T00:00:00Z.

NotBefore double

Not before date in seconds since 1970-01-01T00:00:00Z.

Created float64

Creation time in seconds since 1970-01-01T00:00:00Z.

RecoveryLevel string

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

Updated float64

Last updated time in seconds since 1970-01-01T00:00:00Z.

Enabled bool

Determines whether or not the object is enabled.

Expires float64

Expiry date in seconds since 1970-01-01T00:00:00Z.

NotBefore float64

Not before date in seconds since 1970-01-01T00:00:00Z.

created Double

Creation time in seconds since 1970-01-01T00:00:00Z.

recoveryLevel String

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

updated Double

Last updated time in seconds since 1970-01-01T00:00:00Z.

enabled Boolean

Determines whether or not the object is enabled.

expires Double

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore Double

Not before date in seconds since 1970-01-01T00:00:00Z.

created number

Creation time in seconds since 1970-01-01T00:00:00Z.

recoveryLevel string

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

updated number

Last updated time in seconds since 1970-01-01T00:00:00Z.

enabled boolean

Determines whether or not the object is enabled.

expires number

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore number

Not before date in seconds since 1970-01-01T00:00:00Z.

created float

Creation time in seconds since 1970-01-01T00:00:00Z.

recovery_level str

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

updated float

Last updated time in seconds since 1970-01-01T00:00:00Z.

enabled bool

Determines whether or not the object is enabled.

expires float

Expiry date in seconds since 1970-01-01T00:00:00Z.

not_before float

Not before date in seconds since 1970-01-01T00:00:00Z.

created Number

Creation time in seconds since 1970-01-01T00:00:00Z.

recoveryLevel String

The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.

updated Number

Last updated time in seconds since 1970-01-01T00:00:00Z.

enabled Boolean

Determines whether or not the object is enabled.

expires Number

Expiry date in seconds since 1970-01-01T00:00:00Z.

notBefore Number

Not before date in seconds since 1970-01-01T00:00:00Z.

KeyProperties

Attributes Pulumi.AzureNative.KeyVault.Inputs.KeyAttributes

The attributes of the key.

CurveName string | Pulumi.AzureNative.KeyVault.JsonWebKeyCurveName

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

KeyOps List<Union<string, Pulumi.AzureNative.KeyVault.JsonWebKeyOperation>>
KeySize int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

Kty string | Pulumi.AzureNative.KeyVault.JsonWebKeyType

The type of the key. For valid values, see JsonWebKeyType.

Attributes KeyAttributes

The attributes of the key.

CurveName string | JsonWebKeyCurveName

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

KeyOps []string
KeySize int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

Kty string | JsonWebKeyType

The type of the key. For valid values, see JsonWebKeyType.

attributes KeyAttributes

The attributes of the key.

curveName String | JsonWebKeyCurveName

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps List<Either<String,JsonWebKeyOperation>>
keySize Integer

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty String | JsonWebKeyType

The type of the key. For valid values, see JsonWebKeyType.

attributes KeyAttributes

The attributes of the key.

curveName string | JsonWebKeyCurveName

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps (string | JsonWebKeyOperation)[]
keySize number

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty string | JsonWebKeyType

The type of the key. For valid values, see JsonWebKeyType.

attributes KeyAttributes

The attributes of the key.

curve_name str | JsonWebKeyCurveName

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

key_ops Sequence[Union[str, JsonWebKeyOperation]]
key_size int

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty str | JsonWebKeyType

The type of the key. For valid values, see JsonWebKeyType.

attributes Property Map

The attributes of the key.

curveName String | "P-256" | "P-384" | "P-521" | "P-256K"

The elliptic curve name. For valid values, see JsonWebKeyCurveName.

keyOps List<String | "encrypt" | "decrypt" | "sign" | "verify" | "wrapKey" | "unwrapKey" | "import">
keySize Number

The key size in bits. For example: 2048, 3072, or 4096 for RSA.

kty String | "EC" | "EC-HSM" | "RSA" | "RSA-HSM"

The type of the key. For valid values, see JsonWebKeyType.

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:keyvault:Key sample-key-name /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name 

Package Details

Repository
https://github.com/pulumi/pulumi-azure-native
License
Apache-2.0