Azure Native

v1.87.0 published on Tuesday, Nov 22, 2022 by Pulumi

ManagedHsm

Resource information with extended details. API Version: 2021-06-01-preview.

Example Usage

Create a new managed HSM Pool or update an existing managed HSM Pool

using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var managedHsm = new AzureNative.KeyVault.ManagedHsm("managedHsm", new()
    {
        Location = "westus",
        Name = "hsm1",
        Properties = new AzureNative.KeyVault.Inputs.ManagedHsmPropertiesArgs
        {
            EnablePurgeProtection = true,
            EnableSoftDelete = true,
            InitialAdminObjectIds = new[]
            {
                "00000000-0000-0000-0000-000000000000",
            },
            SoftDeleteRetentionInDays = 90,
            TenantId = "00000000-0000-0000-0000-000000000000",
        },
        ResourceGroupName = "hsm-group",
        Sku = new AzureNative.KeyVault.Inputs.ManagedHsmSkuArgs
        {
            Family = "B",
            Name = AzureNative.KeyVault.ManagedHsmSkuName.Standard_B1,
        },
        Tags = 
        {
            { "Dept", "hsm" },
            { "Environment", "dogfood" },
        },
    });

});
package main

import (
	keyvault "github.com/pulumi/pulumi-azure-native/sdk/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keyvault.NewManagedHsm(ctx, "managedHsm", &keyvault.ManagedHsmArgs{
			Location: pulumi.String("westus"),
			Name:     pulumi.String("hsm1"),
			Properties: &keyvault.ManagedHsmPropertiesArgs{
				EnablePurgeProtection: pulumi.Bool(true),
				EnableSoftDelete:      pulumi.Bool(true),
				InitialAdminObjectIds: pulumi.StringArray{
					pulumi.String("00000000-0000-0000-0000-000000000000"),
				},
				SoftDeleteRetentionInDays: pulumi.Int(90),
				TenantId:                  pulumi.String("00000000-0000-0000-0000-000000000000"),
			},
			ResourceGroupName: pulumi.String("hsm-group"),
			Sku: keyvault.ManagedHsmSkuResponse{
				Family: pulumi.String("B"),
				Name:   keyvault.ManagedHsmSkuName_Standard_B1,
			},
			Tags: pulumi.StringMap{
				"Dept":        pulumi.String("hsm"),
				"Environment": pulumi.String("dogfood"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.keyvault.ManagedHsm;
import com.pulumi.azurenative.keyvault.ManagedHsmArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var managedHsm = new ManagedHsm("managedHsm", ManagedHsmArgs.builder()        
            .location("westus")
            .name("hsm1")
            .properties(Map.ofEntries(
                Map.entry("enablePurgeProtection", true),
                Map.entry("enableSoftDelete", true),
                Map.entry("initialAdminObjectIds", "00000000-0000-0000-0000-000000000000"),
                Map.entry("softDeleteRetentionInDays", 90),
                Map.entry("tenantId", "00000000-0000-0000-0000-000000000000")
            ))
            .resourceGroupName("hsm-group")
            .sku(Map.ofEntries(
                Map.entry("family", "B"),
                Map.entry("name", "Standard_B1")
            ))
            .tags(Map.ofEntries(
                Map.entry("Dept", "hsm"),
                Map.entry("Environment", "dogfood")
            ))
            .build());

    }
}
import pulumi
import pulumi_azure_native as azure_native

managed_hsm = azure_native.keyvault.ManagedHsm("managedHsm",
    location="westus",
    name="hsm1",
    properties=azure_native.keyvault.ManagedHsmPropertiesArgs(
        enable_purge_protection=True,
        enable_soft_delete=True,
        initial_admin_object_ids=["00000000-0000-0000-0000-000000000000"],
        soft_delete_retention_in_days=90,
        tenant_id="00000000-0000-0000-0000-000000000000",
    ),
    resource_group_name="hsm-group",
    sku=azure_native.keyvault.ManagedHsmSkuResponseArgs(
        family="B",
        name=azure_native.keyvault.ManagedHsmSkuName.STANDARD_B1,
    ),
    tags={
        "Dept": "hsm",
        "Environment": "dogfood",
    })
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const managedHsm = new azure_native.keyvault.ManagedHsm("managedHsm", {
    location: "westus",
    name: "hsm1",
    properties: {
        enablePurgeProtection: true,
        enableSoftDelete: true,
        initialAdminObjectIds: ["00000000-0000-0000-0000-000000000000"],
        softDeleteRetentionInDays: 90,
        tenantId: "00000000-0000-0000-0000-000000000000",
    },
    resourceGroupName: "hsm-group",
    sku: {
        family: "B",
        name: azure_native.keyvault.ManagedHsmSkuName.Standard_B1,
    },
    tags: {
        Dept: "hsm",
        Environment: "dogfood",
    },
});
resources:
  managedHsm:
    type: azure-native:keyvault:ManagedHsm
    properties:
      location: westus
      name: hsm1
      properties:
        enablePurgeProtection: true
        enableSoftDelete: true
        initialAdminObjectIds:
          - 00000000-0000-0000-0000-000000000000
        softDeleteRetentionInDays: 90
        tenantId: 00000000-0000-0000-0000-000000000000
      resourceGroupName: hsm-group
      sku:
        family: B
        name: Standard_B1
      tags:
        Dept: hsm
        Environment: dogfood

Create ManagedHsm Resource

new ManagedHsm(name: string, args: ManagedHsmArgs, opts?: CustomResourceOptions);
@overload
def ManagedHsm(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               location: Optional[str] = None,
               name: Optional[str] = None,
               properties: Optional[ManagedHsmPropertiesArgs] = None,
               resource_group_name: Optional[str] = None,
               sku: Optional[ManagedHsmSkuArgs] = None,
               tags: Optional[Mapping[str, str]] = None)
@overload
def ManagedHsm(resource_name: str,
               args: ManagedHsmArgs,
               opts: Optional[ResourceOptions] = None)
func NewManagedHsm(ctx *Context, name string, args ManagedHsmArgs, opts ...ResourceOption) (*ManagedHsm, error)
public ManagedHsm(string name, ManagedHsmArgs args, CustomResourceOptions? opts = null)
public ManagedHsm(String name, ManagedHsmArgs args)
public ManagedHsm(String name, ManagedHsmArgs args, CustomResourceOptions options)
type: azure-native:keyvault:ManagedHsm
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ManagedHsmArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ManagedHsmArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ManagedHsmArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ManagedHsmArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ManagedHsmArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ManagedHsm Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ManagedHsm resource accepts the following input properties:

ResourceGroupName string

Name of the resource group that contains the managed HSM pool.

Location string

The supported Azure location where the managed HSM Pool should be created.

Name string

Name of the managed HSM Pool

Properties Pulumi.AzureNative.KeyVault.Inputs.ManagedHsmPropertiesArgs

Properties of the managed HSM

Sku Pulumi.AzureNative.KeyVault.Inputs.ManagedHsmSkuArgs

SKU details

Tags Dictionary<string, string>

Resource tags

ResourceGroupName string

Name of the resource group that contains the managed HSM pool.

Location string

The supported Azure location where the managed HSM Pool should be created.

Name string

Name of the managed HSM Pool

Properties ManagedHsmPropertiesArgs

Properties of the managed HSM

Sku ManagedHsmSkuArgs

SKU details

Tags map[string]string

Resource tags

resourceGroupName String

Name of the resource group that contains the managed HSM pool.

location String

The supported Azure location where the managed HSM Pool should be created.

name String

Name of the managed HSM Pool

properties ManagedHsmPropertiesArgs

Properties of the managed HSM

sku ManagedHsmSkuArgs

SKU details

tags Map<String,String>

Resource tags

resourceGroupName string

Name of the resource group that contains the managed HSM pool.

location string

The supported Azure location where the managed HSM Pool should be created.

name string

Name of the managed HSM Pool

properties ManagedHsmPropertiesArgs

Properties of the managed HSM

sku ManagedHsmSkuArgs

SKU details

tags {[key: string]: string}

Resource tags

resource_group_name str

Name of the resource group that contains the managed HSM pool.

location str

The supported Azure location where the managed HSM Pool should be created.

name str

Name of the managed HSM Pool

properties ManagedHsmPropertiesArgs

Properties of the managed HSM

sku ManagedHsmSkuArgs

SKU details

tags Mapping[str, str]

Resource tags

resourceGroupName String

Name of the resource group that contains the managed HSM pool.

location String

The supported Azure location where the managed HSM Pool should be created.

name String

Name of the managed HSM Pool

properties Property Map

Properties of the managed HSM

sku Property Map

SKU details

tags Map<String>

Resource tags

Outputs

All input properties are implicitly available as output properties. Additionally, the ManagedHsm resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

SystemData Pulumi.AzureNative.KeyVault.Outputs.SystemDataResponse

Metadata pertaining to creation and last modification of the key vault resource.

Type string

The resource type of the managed HSM Pool.

Id string

The provider-assigned unique ID for this managed resource.

SystemData SystemDataResponse

Metadata pertaining to creation and last modification of the key vault resource.

Type string

The resource type of the managed HSM Pool.

id String

The provider-assigned unique ID for this managed resource.

systemData SystemDataResponse

Metadata pertaining to creation and last modification of the key vault resource.

type String

The resource type of the managed HSM Pool.

id string

The provider-assigned unique ID for this managed resource.

systemData SystemDataResponse

Metadata pertaining to creation and last modification of the key vault resource.

type string

The resource type of the managed HSM Pool.

id str

The provider-assigned unique ID for this managed resource.

system_data SystemDataResponse

Metadata pertaining to creation and last modification of the key vault resource.

type str

The resource type of the managed HSM Pool.

id String

The provider-assigned unique ID for this managed resource.

systemData Property Map

Metadata pertaining to creation and last modification of the key vault resource.

type String

The resource type of the managed HSM Pool.

Supporting Types

CreateMode

Recover
recover
@Default
default
CreateModeRecover
recover
CreateModeDefault
default
Recover
recover
Default_
default
Recover
recover
Default
default
RECOVER
recover
DEFAULT
default
"recover"
recover
"default"
default

MHSMIPRule

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value str

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

MHSMIPRuleResponse

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value str

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

MHSMNetworkRuleSet

Bypass string | Pulumi.AzureNative.KeyVault.NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string | Pulumi.AzureNative.KeyVault.NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMIPRule>

The list of IP address rules.

VirtualNetworkRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMVirtualNetworkRule>

The list of virtual network rules.

Bypass string | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules []MHSMIPRule

The list of IP address rules.

VirtualNetworkRules []MHSMVirtualNetworkRule

The list of virtual network rules.

bypass String | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<MHSMIPRule>

The list of IP address rules.

virtualNetworkRules List<MHSMVirtualNetworkRule>

The list of virtual network rules.

bypass string | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction string | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules MHSMIPRule[]

The list of IP address rules.

virtualNetworkRules MHSMVirtualNetworkRule[]

The list of virtual network rules.

bypass str | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

default_action str | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ip_rules Sequence[MHSMIPRule]

The list of IP address rules.

virtual_network_rules Sequence[MHSMVirtualNetworkRule]

The list of virtual network rules.

bypass String | "AzureServices" | "None"

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String | "Allow" | "Deny"

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<Property Map>

The list of IP address rules.

virtualNetworkRules List<Property Map>

The list of virtual network rules.

MHSMNetworkRuleSetResponse

Bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMIPRuleResponse>

The list of IP address rules.

VirtualNetworkRules List<Pulumi.AzureNative.KeyVault.Inputs.MHSMVirtualNetworkRuleResponse>

The list of virtual network rules.

Bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules []MHSMIPRuleResponse

The list of IP address rules.

VirtualNetworkRules []MHSMVirtualNetworkRuleResponse

The list of virtual network rules.

bypass String

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<MHSMIPRuleResponse>

The list of IP address rules.

virtualNetworkRules List<MHSMVirtualNetworkRuleResponse>

The list of virtual network rules.

bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules MHSMIPRuleResponse[]

The list of IP address rules.

virtualNetworkRules MHSMVirtualNetworkRuleResponse[]

The list of virtual network rules.

bypass str

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

default_action str

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ip_rules Sequence[MHSMIPRuleResponse]

The list of IP address rules.

virtual_network_rules Sequence[MHSMVirtualNetworkRuleResponse]

The list of virtual network rules.

bypass String

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<Property Map>

The list of IP address rules.

virtualNetworkRules List<Property Map>

The list of virtual network rules.

MHSMPrivateEndpointConnectionItemResponse

ProvisioningState string

Provisioning state of the private endpoint connection.

Etag string

Modified whenever there is a change in the state of private endpoint connection.

Id string

Id of private endpoint connection.

PrivateEndpoint Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateEndpointResponse

Properties of the private endpoint object.

PrivateLinkServiceConnectionState Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

ProvisioningState string

Provisioning state of the private endpoint connection.

Etag string

Modified whenever there is a change in the state of private endpoint connection.

Id string

Id of private endpoint connection.

PrivateEndpoint MHSMPrivateEndpointResponse

Properties of the private endpoint object.

PrivateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState String

Provisioning state of the private endpoint connection.

etag String

Modified whenever there is a change in the state of private endpoint connection.

id String

Id of private endpoint connection.

privateEndpoint MHSMPrivateEndpointResponse

Properties of the private endpoint object.

privateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState string

Provisioning state of the private endpoint connection.

etag string

Modified whenever there is a change in the state of private endpoint connection.

id string

Id of private endpoint connection.

privateEndpoint MHSMPrivateEndpointResponse

Properties of the private endpoint object.

privateLinkServiceConnectionState MHSMPrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioning_state str

Provisioning state of the private endpoint connection.

etag str

Modified whenever there is a change in the state of private endpoint connection.

id str

Id of private endpoint connection.

private_endpoint MHSMPrivateEndpointResponse

Properties of the private endpoint object.

private_link_service_connection_state MHSMPrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState String

Provisioning state of the private endpoint connection.

etag String

Modified whenever there is a change in the state of private endpoint connection.

id String

Id of private endpoint connection.

privateEndpoint Property Map

Properties of the private endpoint object.

privateLinkServiceConnectionState Property Map

Approval state of the private link connection.

MHSMPrivateEndpointResponse

Id string

Full identifier of the private endpoint resource.

Id string

Full identifier of the private endpoint resource.

id String

Full identifier of the private endpoint resource.

id string

Full identifier of the private endpoint resource.

id str

Full identifier of the private endpoint resource.

id String

Full identifier of the private endpoint resource.

MHSMPrivateLinkServiceConnectionStateResponse

ActionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

Description string

The reason for approval or rejection.

Status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

ActionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

Description string

The reason for approval or rejection.

Status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String

A message indicating if changes on the service provider require any updates on the consumer.

description String

The reason for approval or rejection.

status String

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

description string

The reason for approval or rejection.

status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actions_required str

A message indicating if changes on the service provider require any updates on the consumer.

description str

The reason for approval or rejection.

status str

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String

A message indicating if changes on the service provider require any updates on the consumer.

description String

The reason for approval or rejection.

status String

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

MHSMVirtualNetworkRule

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id str

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

MHSMVirtualNetworkRuleResponse

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id str

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ManagedHsmProperties

CreateMode Pulumi.AzureNative.KeyVault.CreateMode

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

InitialAdminObjectIds List<string>

Array of initial administrators object ids for this managed hsm pool.

NetworkAcls Pulumi.AzureNative.KeyVault.Inputs.MHSMNetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

PublicNetworkAccess string | Pulumi.AzureNative.KeyVault.PublicNetworkAccess

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

CreateMode CreateMode

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

InitialAdminObjectIds []string

Array of initial administrators object ids for this managed hsm pool.

NetworkAcls MHSMNetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

PublicNetworkAccess string | PublicNetworkAccess

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

createMode CreateMode

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds List<String>

Array of initial administrators object ids for this managed hsm pool.

networkAcls MHSMNetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess String | PublicNetworkAccess

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays Integer

softDelete data retention days. It accepts >=7 and <=90.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

createMode CreateMode

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds string[]

Array of initial administrators object ids for this managed hsm pool.

networkAcls MHSMNetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess string | PublicNetworkAccess

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays number

softDelete data retention days. It accepts >=7 and <=90.

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

create_mode CreateMode

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enable_purge_protection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enable_soft_delete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initial_admin_object_ids Sequence[str]

Array of initial administrators object ids for this managed hsm pool.

network_acls MHSMNetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

public_network_access str | PublicNetworkAccess

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

soft_delete_retention_in_days int

softDelete data retention days. It accepts >=7 and <=90.

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

createMode "recover" | "default"

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds List<String>

Array of initial administrators object ids for this managed hsm pool.

networkAcls Property Map

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess String | "Enabled" | "Disabled"

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays Number

softDelete data retention days. It accepts >=7 and <=90.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

ManagedHsmPropertiesResponse

HsmUri string

The URI of the managed hsm pool for performing operations on keys.

PrivateEndpointConnections List<Pulumi.AzureNative.KeyVault.Inputs.MHSMPrivateEndpointConnectionItemResponse>

List of private endpoint connections associated with the managed hsm pool.

ProvisioningState string

Provisioning state.

ScheduledPurgeDate string

The scheduled purge date in UTC.

StatusMessage string

Resource Status Message.

CreateMode string

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

InitialAdminObjectIds List<string>

Array of initial administrators object ids for this managed hsm pool.

NetworkAcls Pulumi.AzureNative.KeyVault.Inputs.MHSMNetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

PublicNetworkAccess string

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

HsmUri string

The URI of the managed hsm pool for performing operations on keys.

PrivateEndpointConnections []MHSMPrivateEndpointConnectionItemResponse

List of private endpoint connections associated with the managed hsm pool.

ProvisioningState string

Provisioning state.

ScheduledPurgeDate string

The scheduled purge date in UTC.

StatusMessage string

Resource Status Message.

CreateMode string

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

InitialAdminObjectIds []string

Array of initial administrators object ids for this managed hsm pool.

NetworkAcls MHSMNetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

PublicNetworkAccess string

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri String

The URI of the managed hsm pool for performing operations on keys.

privateEndpointConnections List<MHSMPrivateEndpointConnectionItemResponse>

List of private endpoint connections associated with the managed hsm pool.

provisioningState String

Provisioning state.

scheduledPurgeDate String

The scheduled purge date in UTC.

statusMessage String

Resource Status Message.

createMode String

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds List<String>

Array of initial administrators object ids for this managed hsm pool.

networkAcls MHSMNetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess String

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays Integer

softDelete data retention days. It accepts >=7 and <=90.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri string

The URI of the managed hsm pool for performing operations on keys.

privateEndpointConnections MHSMPrivateEndpointConnectionItemResponse[]

List of private endpoint connections associated with the managed hsm pool.

provisioningState string

Provisioning state.

scheduledPurgeDate string

The scheduled purge date in UTC.

statusMessage string

Resource Status Message.

createMode string

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds string[]

Array of initial administrators object ids for this managed hsm pool.

networkAcls MHSMNetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess string

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays number

softDelete data retention days. It accepts >=7 and <=90.

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsm_uri str

The URI of the managed hsm pool for performing operations on keys.

private_endpoint_connections Sequence[MHSMPrivateEndpointConnectionItemResponse]

List of private endpoint connections associated with the managed hsm pool.

provisioning_state str

Provisioning state.

scheduled_purge_date str

The scheduled purge date in UTC.

status_message str

Resource Status Message.

create_mode str

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enable_purge_protection bool

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enable_soft_delete bool

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initial_admin_object_ids Sequence[str]

Array of initial administrators object ids for this managed hsm pool.

network_acls MHSMNetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

public_network_access str

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

soft_delete_retention_in_days int

softDelete data retention days. It accepts >=7 and <=90.

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

hsmUri String

The URI of the managed hsm pool for performing operations on keys.

privateEndpointConnections List<Property Map>

List of private endpoint connections associated with the managed hsm pool.

provisioningState String

Provisioning state.

scheduledPurgeDate String

The scheduled purge date in UTC.

statusMessage String

Resource Status Message.

createMode String

The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. If it's not set to any value(true or false) when creating new managed HSM pool, it will be set to true by default. Once set to true, it cannot be reverted to false.

initialAdminObjectIds List<String>

Array of initial administrators object ids for this managed hsm pool.

networkAcls Property Map

Rules governing the accessibility of the key vault from specific network locations.

publicNetworkAccess String

Control permission for data plane traffic coming from public networks while private endpoint is enabled.

softDeleteRetentionInDays Number

softDelete data retention days. It accepts >=7 and <=90.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.

ManagedHsmSku

Family string | Pulumi.AzureNative.KeyVault.ManagedHsmSkuFamily

SKU Family of the managed HSM Pool

Name Pulumi.AzureNative.KeyVault.ManagedHsmSkuName

SKU of the managed HSM Pool

Family string | ManagedHsmSkuFamily

SKU Family of the managed HSM Pool

Name ManagedHsmSkuName

SKU of the managed HSM Pool

family String | ManagedHsmSkuFamily

SKU Family of the managed HSM Pool

name ManagedHsmSkuName

SKU of the managed HSM Pool

family string | ManagedHsmSkuFamily

SKU Family of the managed HSM Pool

name ManagedHsmSkuName

SKU of the managed HSM Pool

family str | ManagedHsmSkuFamily

SKU Family of the managed HSM Pool

name ManagedHsmSkuName

SKU of the managed HSM Pool

family String | "B"

SKU Family of the managed HSM Pool

name "Standard_B1" | "Custom_B32"

SKU of the managed HSM Pool

ManagedHsmSkuFamily

B
B
ManagedHsmSkuFamilyB
B
B
B
B
B
B
B
"B"
B

ManagedHsmSkuName

Standard_B1
Standard_B1
Custom_B32
Custom_B32
ManagedHsmSkuName_Standard_B1
Standard_B1
ManagedHsmSkuName_Custom_B32
Custom_B32
Standard_B1
Standard_B1
Custom_B32
Custom_B32
Standard_B1
Standard_B1
Custom_B32
Custom_B32
STANDARD_B1
Standard_B1
CUSTOM_B32
Custom_B32
"Standard_B1"
Standard_B1
"Custom_B32"
Custom_B32

ManagedHsmSkuResponse

Family string

SKU Family of the managed HSM Pool

Name string

SKU of the managed HSM Pool

Family string

SKU Family of the managed HSM Pool

Name string

SKU of the managed HSM Pool

family String

SKU Family of the managed HSM Pool

name String

SKU of the managed HSM Pool

family string

SKU Family of the managed HSM Pool

name string

SKU of the managed HSM Pool

family str

SKU Family of the managed HSM Pool

name str

SKU of the managed HSM Pool

family String

SKU Family of the managed HSM Pool

name String

SKU of the managed HSM Pool

NetworkRuleAction

Allow
Allow
Deny
Deny
NetworkRuleActionAllow
Allow
NetworkRuleActionDeny
Deny
Allow
Allow
Deny
Deny
Allow
Allow
Deny
Deny
ALLOW
Allow
DENY
Deny
"Allow"
Allow
"Deny"
Deny

NetworkRuleBypassOptions

AzureServices
AzureServices
None
None
NetworkRuleBypassOptionsAzureServices
AzureServices
NetworkRuleBypassOptionsNone
None
AzureServices
AzureServices
None
None
AzureServices
AzureServices
None
None
AZURE_SERVICES
AzureServices
NONE
None
"AzureServices"
AzureServices
"None"
None

PublicNetworkAccess

Enabled
Enabled
Disabled
Disabled
PublicNetworkAccessEnabled
Enabled
PublicNetworkAccessDisabled
Disabled
Enabled
Enabled
Disabled
Disabled
Enabled
Enabled
Disabled
Disabled
ENABLED
Enabled
DISABLED
Disabled
"Enabled"
Enabled
"Disabled"
Disabled

SystemDataResponse

CreatedAt string

The timestamp of the key vault resource creation (UTC).

CreatedBy string

The identity that created the key vault resource.

CreatedByType string

The type of identity that created the key vault resource.

LastModifiedAt string

The timestamp of the key vault resource last modification (UTC).

LastModifiedBy string

The identity that last modified the key vault resource.

LastModifiedByType string

The type of identity that last modified the key vault resource.

CreatedAt string

The timestamp of the key vault resource creation (UTC).

CreatedBy string

The identity that created the key vault resource.

CreatedByType string

The type of identity that created the key vault resource.

LastModifiedAt string

The timestamp of the key vault resource last modification (UTC).

LastModifiedBy string

The identity that last modified the key vault resource.

LastModifiedByType string

The type of identity that last modified the key vault resource.

createdAt String

The timestamp of the key vault resource creation (UTC).

createdBy String

The identity that created the key vault resource.

createdByType String

The type of identity that created the key vault resource.

lastModifiedAt String

The timestamp of the key vault resource last modification (UTC).

lastModifiedBy String

The identity that last modified the key vault resource.

lastModifiedByType String

The type of identity that last modified the key vault resource.

createdAt string

The timestamp of the key vault resource creation (UTC).

createdBy string

The identity that created the key vault resource.

createdByType string

The type of identity that created the key vault resource.

lastModifiedAt string

The timestamp of the key vault resource last modification (UTC).

lastModifiedBy string

The identity that last modified the key vault resource.

lastModifiedByType string

The type of identity that last modified the key vault resource.

created_at str

The timestamp of the key vault resource creation (UTC).

created_by str

The identity that created the key vault resource.

created_by_type str

The type of identity that created the key vault resource.

last_modified_at str

The timestamp of the key vault resource last modification (UTC).

last_modified_by str

The identity that last modified the key vault resource.

last_modified_by_type str

The type of identity that last modified the key vault resource.

createdAt String

The timestamp of the key vault resource creation (UTC).

createdBy String

The identity that created the key vault resource.

createdByType String

The type of identity that created the key vault resource.

lastModifiedAt String

The timestamp of the key vault resource last modification (UTC).

lastModifiedBy String

The identity that last modified the key vault resource.

lastModifiedByType String

The type of identity that last modified the key vault resource.

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:keyvault:ManagedHsm hsm1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/hsm-group/providers/Microsoft.KeyVault/managedHSMs/hsm1 

Package Details

Repository
https://github.com/pulumi/pulumi-azure-native
License
Apache-2.0