Azure Native

v1.87.0 published on Tuesday, Nov 22, 2022 by Pulumi

Vault

Resource information with extended details. API Version: 2019-09-01.

Example Usage

Create a new vault or update an existing vault

using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var vault = new AzureNative.KeyVault.Vault("vault", new()
    {
        Location = "westus",
        Properties = new AzureNative.KeyVault.Inputs.VaultPropertiesArgs
        {
            AccessPolicies = new[]
            {
                new AzureNative.KeyVault.Inputs.AccessPolicyEntryArgs
                {
                    ObjectId = "00000000-0000-0000-0000-000000000000",
                    Permissions = new AzureNative.KeyVault.Inputs.PermissionsArgs
                    {
                        Certificates = new[]
                        {
                            "get",
                            "list",
                            "delete",
                            "create",
                            "import",
                            "update",
                            "managecontacts",
                            "getissuers",
                            "listissuers",
                            "setissuers",
                            "deleteissuers",
                            "manageissuers",
                            "recover",
                            "purge",
                        },
                        Keys = new[]
                        {
                            "encrypt",
                            "decrypt",
                            "wrapKey",
                            "unwrapKey",
                            "sign",
                            "verify",
                            "get",
                            "list",
                            "create",
                            "update",
                            "import",
                            "delete",
                            "backup",
                            "restore",
                            "recover",
                            "purge",
                        },
                        Secrets = new[]
                        {
                            "get",
                            "list",
                            "set",
                            "delete",
                            "backup",
                            "restore",
                            "recover",
                            "purge",
                        },
                    },
                    TenantId = "00000000-0000-0000-0000-000000000000",
                },
            },
            EnabledForDeployment = true,
            EnabledForDiskEncryption = true,
            EnabledForTemplateDeployment = true,
            Sku = new AzureNative.KeyVault.Inputs.SkuArgs
            {
                Family = "A",
                Name = AzureNative.KeyVault.SkuName.Standard,
            },
            TenantId = "00000000-0000-0000-0000-000000000000",
        },
        ResourceGroupName = "sample-resource-group",
        VaultName = "sample-vault",
    });

});

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.keyvault.Vault;
import com.pulumi.azurenative.keyvault.VaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var vault = new Vault("vault", VaultArgs.builder()        
            .location("westus")
            .properties(Map.ofEntries(
                Map.entry("accessPolicies", Map.ofEntries(
                    Map.entry("objectId", "00000000-0000-0000-0000-000000000000"),
                    Map.entry("permissions", Map.ofEntries(
                        Map.entry("certificates",                         
                            "get",
                            "list",
                            "delete",
                            "create",
                            "import",
                            "update",
                            "managecontacts",
                            "getissuers",
                            "listissuers",
                            "setissuers",
                            "deleteissuers",
                            "manageissuers",
                            "recover",
                            "purge"),
                        Map.entry("keys",                         
                            "encrypt",
                            "decrypt",
                            "wrapKey",
                            "unwrapKey",
                            "sign",
                            "verify",
                            "get",
                            "list",
                            "create",
                            "update",
                            "import",
                            "delete",
                            "backup",
                            "restore",
                            "recover",
                            "purge"),
                        Map.entry("secrets",                         
                            "get",
                            "list",
                            "set",
                            "delete",
                            "backup",
                            "restore",
                            "recover",
                            "purge")
                    )),
                    Map.entry("tenantId", "00000000-0000-0000-0000-000000000000")
                )),
                Map.entry("enabledForDeployment", true),
                Map.entry("enabledForDiskEncryption", true),
                Map.entry("enabledForTemplateDeployment", true),
                Map.entry("sku", Map.ofEntries(
                    Map.entry("family", "A"),
                    Map.entry("name", "standard")
                )),
                Map.entry("tenantId", "00000000-0000-0000-0000-000000000000")
            ))
            .resourceGroupName("sample-resource-group")
            .vaultName("sample-vault")
            .build());

    }
}
import pulumi
import pulumi_azure_native as azure_native

vault = azure_native.keyvault.Vault("vault",
    location="westus",
    properties=azure_native.keyvault.VaultPropertiesResponseArgs(
        access_policies=[{
            "objectId": "00000000-0000-0000-0000-000000000000",
            "permissions": azure_native.keyvault.PermissionsArgs(
                certificates=[
                    "get",
                    "list",
                    "delete",
                    "create",
                    "import",
                    "update",
                    "managecontacts",
                    "getissuers",
                    "listissuers",
                    "setissuers",
                    "deleteissuers",
                    "manageissuers",
                    "recover",
                    "purge",
                ],
                keys=[
                    "encrypt",
                    "decrypt",
                    "wrapKey",
                    "unwrapKey",
                    "sign",
                    "verify",
                    "get",
                    "list",
                    "create",
                    "update",
                    "import",
                    "delete",
                    "backup",
                    "restore",
                    "recover",
                    "purge",
                ],
                secrets=[
                    "get",
                    "list",
                    "set",
                    "delete",
                    "backup",
                    "restore",
                    "recover",
                    "purge",
                ],
            ),
            "tenantId": "00000000-0000-0000-0000-000000000000",
        }],
        enabled_for_deployment=True,
        enabled_for_disk_encryption=True,
        enabled_for_template_deployment=True,
        sku=azure_native.keyvault.SkuArgs(
            family="A",
            name=azure_native.keyvault.SkuName.STANDARD,
        ),
        tenant_id="00000000-0000-0000-0000-000000000000",
    ),
    resource_group_name="sample-resource-group",
    vault_name="sample-vault")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const vault = new azure_native.keyvault.Vault("vault", {
    location: "westus",
    properties: {
        accessPolicies: [{
            objectId: "00000000-0000-0000-0000-000000000000",
            permissions: {
                certificates: [
                    "get",
                    "list",
                    "delete",
                    "create",
                    "import",
                    "update",
                    "managecontacts",
                    "getissuers",
                    "listissuers",
                    "setissuers",
                    "deleteissuers",
                    "manageissuers",
                    "recover",
                    "purge",
                ],
                keys: [
                    "encrypt",
                    "decrypt",
                    "wrapKey",
                    "unwrapKey",
                    "sign",
                    "verify",
                    "get",
                    "list",
                    "create",
                    "update",
                    "import",
                    "delete",
                    "backup",
                    "restore",
                    "recover",
                    "purge",
                ],
                secrets: [
                    "get",
                    "list",
                    "set",
                    "delete",
                    "backup",
                    "restore",
                    "recover",
                    "purge",
                ],
            },
            tenantId: "00000000-0000-0000-0000-000000000000",
        }],
        enabledForDeployment: true,
        enabledForDiskEncryption: true,
        enabledForTemplateDeployment: true,
        sku: {
            family: "A",
            name: azure_native.keyvault.SkuName.Standard,
        },
        tenantId: "00000000-0000-0000-0000-000000000000",
    },
    resourceGroupName: "sample-resource-group",
    vaultName: "sample-vault",
});
resources:
  vault:
    type: azure-native:keyvault:Vault
    properties:
      location: westus
      properties:
        accessPolicies:
          - objectId: 00000000-0000-0000-0000-000000000000
            permissions:
              certificates:
                - get
                - list
                - delete
                - create
                - import
                - update
                - managecontacts
                - getissuers
                - listissuers
                - setissuers
                - deleteissuers
                - manageissuers
                - recover
                - purge
              keys:
                - encrypt
                - decrypt
                - wrapKey
                - unwrapKey
                - sign
                - verify
                - get
                - list
                - create
                - update
                - import
                - delete
                - backup
                - restore
                - recover
                - purge
              secrets:
                - get
                - list
                - set
                - delete
                - backup
                - restore
                - recover
                - purge
            tenantId: 00000000-0000-0000-0000-000000000000
        enabledForDeployment: true
        enabledForDiskEncryption: true
        enabledForTemplateDeployment: true
        sku:
          family: A
          name: standard
        tenantId: 00000000-0000-0000-0000-000000000000
      resourceGroupName: sample-resource-group
      vaultName: sample-vault

Create or update a vault with network acls

using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var vault = new AzureNative.KeyVault.Vault("vault", new()
    {
        Location = "westus",
        Properties = new AzureNative.KeyVault.Inputs.VaultPropertiesArgs
        {
            EnabledForDeployment = true,
            EnabledForDiskEncryption = true,
            EnabledForTemplateDeployment = true,
            NetworkAcls = new AzureNative.KeyVault.Inputs.NetworkRuleSetArgs
            {
                Bypass = "AzureServices",
                DefaultAction = "Deny",
                IpRules = new[]
                {
                    new AzureNative.KeyVault.Inputs.IPRuleArgs
                    {
                        Value = "124.56.78.91",
                    },
                    new AzureNative.KeyVault.Inputs.IPRuleArgs
                    {
                        Value = "'10.91.4.0/24'",
                    },
                },
                VirtualNetworkRules = new[]
                {
                    new AzureNative.KeyVault.Inputs.VirtualNetworkRuleArgs
                    {
                        Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1",
                    },
                },
            },
            Sku = new AzureNative.KeyVault.Inputs.SkuArgs
            {
                Family = "A",
                Name = AzureNative.KeyVault.SkuName.Standard,
            },
            TenantId = "00000000-0000-0000-0000-000000000000",
        },
        ResourceGroupName = "sample-resource-group",
        VaultName = "sample-vault",
    });

});

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.keyvault.Vault;
import com.pulumi.azurenative.keyvault.VaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var vault = new Vault("vault", VaultArgs.builder()        
            .location("westus")
            .properties(Map.ofEntries(
                Map.entry("enabledForDeployment", true),
                Map.entry("enabledForDiskEncryption", true),
                Map.entry("enabledForTemplateDeployment", true),
                Map.entry("networkAcls", Map.ofEntries(
                    Map.entry("bypass", "AzureServices"),
                    Map.entry("defaultAction", "Deny"),
                    Map.entry("ipRules",                     
                        Map.of("value", "124.56.78.91"),
                        Map.of("value", "'10.91.4.0/24'")),
                    Map.entry("virtualNetworkRules", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1"))
                )),
                Map.entry("sku", Map.ofEntries(
                    Map.entry("family", "A"),
                    Map.entry("name", "standard")
                )),
                Map.entry("tenantId", "00000000-0000-0000-0000-000000000000")
            ))
            .resourceGroupName("sample-resource-group")
            .vaultName("sample-vault")
            .build());

    }
}
import pulumi
import pulumi_azure_native as azure_native

vault = azure_native.keyvault.Vault("vault",
    location="westus",
    properties=azure_native.keyvault.VaultPropertiesResponseArgs(
        enabled_for_deployment=True,
        enabled_for_disk_encryption=True,
        enabled_for_template_deployment=True,
        network_acls={
            "bypass": "AzureServices",
            "defaultAction": "Deny",
            "ipRules": [
                azure_native.keyvault.IPRuleArgs(
                    value="124.56.78.91",
                ),
                azure_native.keyvault.IPRuleArgs(
                    value="'10.91.4.0/24'",
                ),
            ],
            "virtualNetworkRules": [azure_native.keyvault.VirtualNetworkRuleArgs(
                id="/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1",
            )],
        },
        sku=azure_native.keyvault.SkuArgs(
            family="A",
            name=azure_native.keyvault.SkuName.STANDARD,
        ),
        tenant_id="00000000-0000-0000-0000-000000000000",
    ),
    resource_group_name="sample-resource-group",
    vault_name="sample-vault")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const vault = new azure_native.keyvault.Vault("vault", {
    location: "westus",
    properties: {
        enabledForDeployment: true,
        enabledForDiskEncryption: true,
        enabledForTemplateDeployment: true,
        networkAcls: {
            bypass: "AzureServices",
            defaultAction: "Deny",
            ipRules: [
                {
                    value: "124.56.78.91",
                },
                {
                    value: "'10.91.4.0/24'",
                },
            ],
            virtualNetworkRules: [{
                id: "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1",
            }],
        },
        sku: {
            family: "A",
            name: azure_native.keyvault.SkuName.Standard,
        },
        tenantId: "00000000-0000-0000-0000-000000000000",
    },
    resourceGroupName: "sample-resource-group",
    vaultName: "sample-vault",
});
resources:
  vault:
    type: azure-native:keyvault:Vault
    properties:
      location: westus
      properties:
        enabledForDeployment: true
        enabledForDiskEncryption: true
        enabledForTemplateDeployment: true
        networkAcls:
          bypass: AzureServices
          defaultAction: Deny
          ipRules:
            - value: 124.56.78.91
            - value: '''10.91.4.0/24'''
          virtualNetworkRules:
            - id: /subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1
        sku:
          family: A
          name: standard
        tenantId: 00000000-0000-0000-0000-000000000000
      resourceGroupName: sample-resource-group
      vaultName: sample-vault

Create Vault Resource

new Vault(name: string, args: VaultArgs, opts?: CustomResourceOptions);
@overload
def Vault(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          location: Optional[str] = None,
          properties: Optional[VaultPropertiesArgs] = None,
          resource_group_name: Optional[str] = None,
          tags: Optional[Mapping[str, str]] = None,
          vault_name: Optional[str] = None)
@overload
def Vault(resource_name: str,
          args: VaultArgs,
          opts: Optional[ResourceOptions] = None)
func NewVault(ctx *Context, name string, args VaultArgs, opts ...ResourceOption) (*Vault, error)
public Vault(string name, VaultArgs args, CustomResourceOptions? opts = null)
public Vault(String name, VaultArgs args)
public Vault(String name, VaultArgs args, CustomResourceOptions options)
type: azure-native:keyvault:Vault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args VaultArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args VaultArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args VaultArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args VaultArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args VaultArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Vault Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Vault resource accepts the following input properties:

Properties Pulumi.AzureNative.KeyVault.Inputs.VaultPropertiesArgs

Properties of the vault

ResourceGroupName string

The name of the Resource Group to which the server belongs.

Location string

The supported Azure location where the key vault should be created.

Tags Dictionary<string, string>

The tags that will be assigned to the key vault.

VaultName string

Name of the vault

Properties VaultPropertiesArgs

Properties of the vault

ResourceGroupName string

The name of the Resource Group to which the server belongs.

Location string

The supported Azure location where the key vault should be created.

Tags map[string]string

The tags that will be assigned to the key vault.

VaultName string

Name of the vault

properties VaultPropertiesArgs

Properties of the vault

resourceGroupName String

The name of the Resource Group to which the server belongs.

location String

The supported Azure location where the key vault should be created.

tags Map<String,String>

The tags that will be assigned to the key vault.

vaultName String

Name of the vault

properties VaultPropertiesArgs

Properties of the vault

resourceGroupName string

The name of the Resource Group to which the server belongs.

location string

The supported Azure location where the key vault should be created.

tags {[key: string]: string}

The tags that will be assigned to the key vault.

vaultName string

Name of the vault

properties VaultPropertiesArgs

Properties of the vault

resource_group_name str

The name of the Resource Group to which the server belongs.

location str

The supported Azure location where the key vault should be created.

tags Mapping[str, str]

The tags that will be assigned to the key vault.

vault_name str

Name of the vault

properties Property Map

Properties of the vault

resourceGroupName String

The name of the Resource Group to which the server belongs.

location String

The supported Azure location where the key vault should be created.

tags Map<String>

The tags that will be assigned to the key vault.

vaultName String

Name of the vault

Outputs

All input properties are implicitly available as output properties. Additionally, the Vault resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Name string

Name of the key vault resource.

Type string

Resource type of the key vault resource.

Id string

The provider-assigned unique ID for this managed resource.

Name string

Name of the key vault resource.

Type string

Resource type of the key vault resource.

id String

The provider-assigned unique ID for this managed resource.

name String

Name of the key vault resource.

type String

Resource type of the key vault resource.

id string

The provider-assigned unique ID for this managed resource.

name string

Name of the key vault resource.

type string

Resource type of the key vault resource.

id str

The provider-assigned unique ID for this managed resource.

name str

Name of the key vault resource.

type str

Resource type of the key vault resource.

id String

The provider-assigned unique ID for this managed resource.

name String

Name of the key vault resource.

type String

Resource type of the key vault resource.

Supporting Types

AccessPolicyEntry

ObjectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

Permissions Pulumi.AzureNative.KeyVault.Inputs.Permissions

Permissions the identity has for keys, secrets and certificates.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

ApplicationId string

Application ID of the client making request on behalf of a principal

ObjectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

Permissions Permissions

Permissions the identity has for keys, secrets and certificates.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

ApplicationId string

Application ID of the client making request on behalf of a principal

objectId String

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions Permissions

Permissions the identity has for keys, secrets and certificates.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId String

Application ID of the client making request on behalf of a principal

objectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions Permissions

Permissions the identity has for keys, secrets and certificates.

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId string

Application ID of the client making request on behalf of a principal

object_id str

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions Permissions

Permissions the identity has for keys, secrets and certificates.

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

application_id str

Application ID of the client making request on behalf of a principal

objectId String

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions Property Map

Permissions the identity has for keys, secrets and certificates.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId String

Application ID of the client making request on behalf of a principal

AccessPolicyEntryResponse

ObjectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

Permissions Pulumi.AzureNative.KeyVault.Inputs.PermissionsResponse

Permissions the identity has for keys, secrets and certificates.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

ApplicationId string

Application ID of the client making request on behalf of a principal

ObjectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

Permissions PermissionsResponse

Permissions the identity has for keys, secrets and certificates.

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

ApplicationId string

Application ID of the client making request on behalf of a principal

objectId String

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions PermissionsResponse

Permissions the identity has for keys, secrets and certificates.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId String

Application ID of the client making request on behalf of a principal

objectId string

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions PermissionsResponse

Permissions the identity has for keys, secrets and certificates.

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId string

Application ID of the client making request on behalf of a principal

object_id str

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions PermissionsResponse

Permissions the identity has for keys, secrets and certificates.

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

application_id str

Application ID of the client making request on behalf of a principal

objectId String

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.

permissions Property Map

Permissions the identity has for keys, secrets and certificates.

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

applicationId String

Application ID of the client making request on behalf of a principal

CertificatePermissions

All
all
@Get
get
List
list
Delete
delete
Create
create
Import
import
Update
update
Managecontacts
managecontacts
Getissuers
getissuers
Listissuers
listissuers
Setissuers
setissuers
Deleteissuers
deleteissuers
Manageissuers
manageissuers
Recover
recover
Purge
purge
Backup
backup
Restore
restore
CertificatePermissionsAll
all
CertificatePermissionsGet
get
CertificatePermissionsList
list
CertificatePermissionsDelete
delete
CertificatePermissionsCreate
create
CertificatePermissionsImport
import
CertificatePermissionsUpdate
update
CertificatePermissionsManagecontacts
managecontacts
CertificatePermissionsGetissuers
getissuers
CertificatePermissionsListissuers
listissuers
CertificatePermissionsSetissuers
setissuers
CertificatePermissionsDeleteissuers
deleteissuers
CertificatePermissionsManageissuers
manageissuers
CertificatePermissionsRecover
recover
CertificatePermissionsPurge
purge
CertificatePermissionsBackup
backup
CertificatePermissionsRestore
restore
All
all
Get
get
List
list
Delete
delete
Create
create
Import_
import
Update
update
Managecontacts
managecontacts
Getissuers
getissuers
Listissuers
listissuers
Setissuers
setissuers
Deleteissuers
deleteissuers
Manageissuers
manageissuers
Recover
recover
Purge
purge
Backup
backup
Restore
restore
All
all
Get
get
List
list
Delete
delete
Create
create
Import
import
Update
update
Managecontacts
managecontacts
Getissuers
getissuers
Listissuers
listissuers
Setissuers
setissuers
Deleteissuers
deleteissuers
Manageissuers
manageissuers
Recover
recover
Purge
purge
Backup
backup
Restore
restore
ALL
all
GET
get
LIST
list
DELETE
delete
CREATE
create
IMPORT_
import
UPDATE
update
MANAGECONTACTS
managecontacts
GETISSUERS
getissuers
LISTISSUERS
listissuers
SETISSUERS
setissuers
DELETEISSUERS
deleteissuers
MANAGEISSUERS
manageissuers
RECOVER
recover
PURGE
purge
BACKUP
backup
RESTORE
restore
"all"
all
"get"
get
"list"
list
"delete"
delete
"create"
create
"import"
import
"update"
update
"managecontacts"
managecontacts
"getissuers"
getissuers
"listissuers"
listissuers
"setissuers"
setissuers
"deleteissuers"
deleteissuers
"manageissuers"
manageissuers
"recover"
recover
"purge"
purge
"backup"
backup
"restore"
restore

CreateMode

Recover
recover
@Default
default
CreateModeRecover
recover
CreateModeDefault
default
Recover
recover
Default_
default
Recover
recover
Default
default
RECOVER
recover
DEFAULT
default
"recover"
recover
"default"
default

IPRule

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value str

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

IPRuleResponse

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

Value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value string

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value str

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

value String

An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).

KeyPermissions

All
all
Encrypt
encrypt
Decrypt
decrypt
WrapKey
wrapKey
UnwrapKey
unwrapKey
Sign
sign
Verify
verify
@Get
get
List
list
Create
create
Update
update
Import
import
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
KeyPermissionsAll
all
KeyPermissionsEncrypt
encrypt
KeyPermissionsDecrypt
decrypt
KeyPermissionsWrapKey
wrapKey
KeyPermissionsUnwrapKey
unwrapKey
KeyPermissionsSign
sign
KeyPermissionsVerify
verify
KeyPermissionsGet
get
KeyPermissionsList
list
KeyPermissionsCreate
create
KeyPermissionsUpdate
update
KeyPermissionsImport
import
KeyPermissionsDelete
delete
KeyPermissionsBackup
backup
KeyPermissionsRestore
restore
KeyPermissionsRecover
recover
KeyPermissionsPurge
purge
All
all
Encrypt
encrypt
Decrypt
decrypt
WrapKey
wrapKey
UnwrapKey
unwrapKey
Sign
sign
Verify
verify
Get
get
List
list
Create
create
Update
update
Import_
import
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
All
all
Encrypt
encrypt
Decrypt
decrypt
WrapKey
wrapKey
UnwrapKey
unwrapKey
Sign
sign
Verify
verify
Get
get
List
list
Create
create
Update
update
Import
import
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
ALL
all
ENCRYPT
encrypt
DECRYPT
decrypt
WRAP_KEY
wrapKey
UNWRAP_KEY
unwrapKey
SIGN
sign
VERIFY
verify
GET
get
LIST
list
CREATE
create
UPDATE
update
IMPORT_
import
DELETE
delete
BACKUP
backup
RESTORE
restore
RECOVER
recover
PURGE
purge
"all"
all
"encrypt"
encrypt
"decrypt"
decrypt
"wrapKey"
wrapKey
"unwrapKey"
unwrapKey
"sign"
sign
"verify"
verify
"get"
get
"list"
list
"create"
create
"update"
update
"import"
import
"delete"
delete
"backup"
backup
"restore"
restore
"recover"
recover
"purge"
purge

NetworkRuleAction

Allow
Allow
Deny
Deny
NetworkRuleActionAllow
Allow
NetworkRuleActionDeny
Deny
Allow
Allow
Deny
Deny
Allow
Allow
Deny
Deny
ALLOW
Allow
DENY
Deny
"Allow"
Allow
"Deny"
Deny

NetworkRuleBypassOptions

AzureServices
AzureServices
None
None
NetworkRuleBypassOptionsAzureServices
AzureServices
NetworkRuleBypassOptionsNone
None
AzureServices
AzureServices
None
None
AzureServices
AzureServices
None
None
AZURE_SERVICES
AzureServices
NONE
None
"AzureServices"
AzureServices
"None"
None

NetworkRuleSet

Bypass string | Pulumi.AzureNative.KeyVault.NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string | Pulumi.AzureNative.KeyVault.NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules List<Pulumi.AzureNative.KeyVault.Inputs.IPRule>

The list of IP address rules.

VirtualNetworkRules List<Pulumi.AzureNative.KeyVault.Inputs.VirtualNetworkRule>

The list of virtual network rules.

Bypass string | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules []IPRule

The list of IP address rules.

VirtualNetworkRules []VirtualNetworkRule

The list of virtual network rules.

bypass String | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<IPRule>

The list of IP address rules.

virtualNetworkRules List<VirtualNetworkRule>

The list of virtual network rules.

bypass string | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction string | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules IPRule[]

The list of IP address rules.

virtualNetworkRules VirtualNetworkRule[]

The list of virtual network rules.

bypass str | NetworkRuleBypassOptions

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

default_action str | NetworkRuleAction

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ip_rules Sequence[IPRule]

The list of IP address rules.

virtual_network_rules Sequence[VirtualNetworkRule]

The list of virtual network rules.

bypass String | "AzureServices" | "None"

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String | "Allow" | "Deny"

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<Property Map>

The list of IP address rules.

virtualNetworkRules List<Property Map>

The list of virtual network rules.

NetworkRuleSetResponse

Bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules List<Pulumi.AzureNative.KeyVault.Inputs.IPRuleResponse>

The list of IP address rules.

VirtualNetworkRules List<Pulumi.AzureNative.KeyVault.Inputs.VirtualNetworkRuleResponse>

The list of virtual network rules.

Bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

DefaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

IpRules []IPRuleResponse

The list of IP address rules.

VirtualNetworkRules []VirtualNetworkRuleResponse

The list of virtual network rules.

bypass String

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<IPRuleResponse>

The list of IP address rules.

virtualNetworkRules List<VirtualNetworkRuleResponse>

The list of virtual network rules.

bypass string

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction string

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules IPRuleResponse[]

The list of IP address rules.

virtualNetworkRules VirtualNetworkRuleResponse[]

The list of virtual network rules.

bypass str

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

default_action str

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ip_rules Sequence[IPRuleResponse]

The list of IP address rules.

virtual_network_rules Sequence[VirtualNetworkRuleResponse]

The list of virtual network rules.

bypass String

Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'. If not specified the default is 'AzureServices'.

defaultAction String

The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.

ipRules List<Property Map>

The list of IP address rules.

virtualNetworkRules List<Property Map>

The list of virtual network rules.

Permissions

Certificates List<Union<string, Pulumi.AzureNative.KeyVault.CertificatePermissions>>

Permissions to certificates

Keys List<Union<string, Pulumi.AzureNative.KeyVault.KeyPermissions>>

Permissions to keys

Secrets List<Union<string, Pulumi.AzureNative.KeyVault.SecretPermissions>>

Permissions to secrets

Storage List<Union<string, Pulumi.AzureNative.KeyVault.StoragePermissions>>

Permissions to storage accounts

Certificates []string

Permissions to certificates

Keys []string

Permissions to keys

Secrets []string

Permissions to secrets

Storage []string

Permissions to storage accounts

certificates List<Either<String,CertificatePermissions>>

Permissions to certificates

keys List<Either<String,KeyPermissions>>

Permissions to keys

secrets List<Either<String,SecretPermissions>>

Permissions to secrets

storage List<Either<String,StoragePermissions>>

Permissions to storage accounts

certificates (string | CertificatePermissions)[]

Permissions to certificates

keys (string | KeyPermissions)[]

Permissions to keys

secrets (string | SecretPermissions)[]

Permissions to secrets

storage (string | StoragePermissions)[]

Permissions to storage accounts

certificates Sequence[Union[str, CertificatePermissions]]

Permissions to certificates

keys Sequence[Union[str, KeyPermissions]]

Permissions to keys

secrets Sequence[Union[str, SecretPermissions]]

Permissions to secrets

storage Sequence[Union[str, StoragePermissions]]

Permissions to storage accounts

certificates List<String | "all" | "get" | "list" | "delete" | "create" | "import" | "update" | "managecontacts" | "getissuers" | "listissuers" | "setissuers" | "deleteissuers" | "manageissuers" | "recover" | "purge" | "backup" | "restore">

Permissions to certificates

keys List<String | "all" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "sign" | "verify" | "get" | "list" | "create" | "update" | "import" | "delete" | "backup" | "restore" | "recover" | "purge">

Permissions to keys

secrets List<String | "all" | "get" | "list" | "set" | "delete" | "backup" | "restore" | "recover" | "purge">

Permissions to secrets

storage List<String | "all" | "get" | "list" | "delete" | "set" | "update" | "regeneratekey" | "recover" | "purge" | "backup" | "restore" | "setsas" | "listsas" | "getsas" | "deletesas">

Permissions to storage accounts

PermissionsResponse

Certificates List<string>

Permissions to certificates

Keys List<string>

Permissions to keys

Secrets List<string>

Permissions to secrets

Storage List<string>

Permissions to storage accounts

Certificates []string

Permissions to certificates

Keys []string

Permissions to keys

Secrets []string

Permissions to secrets

Storage []string

Permissions to storage accounts

certificates List<String>

Permissions to certificates

keys List<String>

Permissions to keys

secrets List<String>

Permissions to secrets

storage List<String>

Permissions to storage accounts

certificates string[]

Permissions to certificates

keys string[]

Permissions to keys

secrets string[]

Permissions to secrets

storage string[]

Permissions to storage accounts

certificates Sequence[str]

Permissions to certificates

keys Sequence[str]

Permissions to keys

secrets Sequence[str]

Permissions to secrets

storage Sequence[str]

Permissions to storage accounts

certificates List<String>

Permissions to certificates

keys List<String>

Permissions to keys

secrets List<String>

Permissions to secrets

storage List<String>

Permissions to storage accounts

PrivateEndpointConnectionItemResponse

ProvisioningState string

Provisioning state of the private endpoint connection.

Etag string

Modified whenever there is a change in the state of private endpoint connection.

Id string

Id of private endpoint connection.

PrivateEndpoint Pulumi.AzureNative.KeyVault.Inputs.PrivateEndpointResponse

Properties of the private endpoint object.

PrivateLinkServiceConnectionState Pulumi.AzureNative.KeyVault.Inputs.PrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

ProvisioningState string

Provisioning state of the private endpoint connection.

Etag string

Modified whenever there is a change in the state of private endpoint connection.

Id string

Id of private endpoint connection.

PrivateEndpoint PrivateEndpointResponse

Properties of the private endpoint object.

PrivateLinkServiceConnectionState PrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState String

Provisioning state of the private endpoint connection.

etag String

Modified whenever there is a change in the state of private endpoint connection.

id String

Id of private endpoint connection.

privateEndpoint PrivateEndpointResponse

Properties of the private endpoint object.

privateLinkServiceConnectionState PrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState string

Provisioning state of the private endpoint connection.

etag string

Modified whenever there is a change in the state of private endpoint connection.

id string

Id of private endpoint connection.

privateEndpoint PrivateEndpointResponse

Properties of the private endpoint object.

privateLinkServiceConnectionState PrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioning_state str

Provisioning state of the private endpoint connection.

etag str

Modified whenever there is a change in the state of private endpoint connection.

id str

Id of private endpoint connection.

private_endpoint PrivateEndpointResponse

Properties of the private endpoint object.

private_link_service_connection_state PrivateLinkServiceConnectionStateResponse

Approval state of the private link connection.

provisioningState String

Provisioning state of the private endpoint connection.

etag String

Modified whenever there is a change in the state of private endpoint connection.

id String

Id of private endpoint connection.

privateEndpoint Property Map

Properties of the private endpoint object.

privateLinkServiceConnectionState Property Map

Approval state of the private link connection.

PrivateEndpointResponse

Id string

Full identifier of the private endpoint resource.

Id string

Full identifier of the private endpoint resource.

id String

Full identifier of the private endpoint resource.

id string

Full identifier of the private endpoint resource.

id str

Full identifier of the private endpoint resource.

id String

Full identifier of the private endpoint resource.

PrivateLinkServiceConnectionStateResponse

ActionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

Description string

The reason for approval or rejection.

Status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

ActionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

Description string

The reason for approval or rejection.

Status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String

A message indicating if changes on the service provider require any updates on the consumer.

description String

The reason for approval or rejection.

status String

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired string

A message indicating if changes on the service provider require any updates on the consumer.

description string

The reason for approval or rejection.

status string

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actions_required str

A message indicating if changes on the service provider require any updates on the consumer.

description str

The reason for approval or rejection.

status str

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

actionsRequired String

A message indicating if changes on the service provider require any updates on the consumer.

description String

The reason for approval or rejection.

status String

Indicates whether the connection has been approved, rejected or removed by the key vault owner.

SecretPermissions

All
all
@Get
get
List
list
@Set
set
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
SecretPermissionsAll
all
SecretPermissionsGet
get
SecretPermissionsList
list
SecretPermissionsSet
set
SecretPermissionsDelete
delete
SecretPermissionsBackup
backup
SecretPermissionsRestore
restore
SecretPermissionsRecover
recover
SecretPermissionsPurge
purge
All
all
Get
get
List
list
Set
set
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
All
all
Get
get
List
list
Set
set
Delete
delete
Backup
backup
Restore
restore
Recover
recover
Purge
purge
ALL
all
GET
get
LIST
list
SET
set
DELETE
delete
BACKUP
backup
RESTORE
restore
RECOVER
recover
PURGE
purge
"all"
all
"get"
get
"list"
list
"set"
set
"delete"
delete
"backup"
backup
"restore"
restore
"recover"
recover
"purge"
purge

Sku

Family string | Pulumi.AzureNative.KeyVault.SkuFamily

SKU family name

Name Pulumi.AzureNative.KeyVault.SkuName

SKU name to specify whether the key vault is a standard vault or a premium vault.

Family string | SkuFamily

SKU family name

Name SkuName

SKU name to specify whether the key vault is a standard vault or a premium vault.

family String | SkuFamily

SKU family name

name SkuName

SKU name to specify whether the key vault is a standard vault or a premium vault.

family string | SkuFamily

SKU family name

name SkuName

SKU name to specify whether the key vault is a standard vault or a premium vault.

family str | SkuFamily

SKU family name

name SkuName

SKU name to specify whether the key vault is a standard vault or a premium vault.

family String | "A"

SKU family name

name "standard" | "premium"

SKU name to specify whether the key vault is a standard vault or a premium vault.

SkuFamily

A
A
SkuFamilyA
A
A
A
A
A
A
A
"A"
A

SkuName

Standard
standard
Premium
premium
SkuNameStandard
standard
SkuNamePremium
premium
Standard
standard
Premium
premium
Standard
standard
Premium
premium
STANDARD
standard
PREMIUM
premium
"standard"
standard
"premium"
premium

SkuResponse

Family string

SKU family name

Name string

SKU name to specify whether the key vault is a standard vault or a premium vault.

Family string

SKU family name

Name string

SKU name to specify whether the key vault is a standard vault or a premium vault.

family String

SKU family name

name String

SKU name to specify whether the key vault is a standard vault or a premium vault.

family string

SKU family name

name string

SKU name to specify whether the key vault is a standard vault or a premium vault.

family str

SKU family name

name str

SKU name to specify whether the key vault is a standard vault or a premium vault.

family String

SKU family name

name String

SKU name to specify whether the key vault is a standard vault or a premium vault.

StoragePermissions

All
all
@Get
get
List
list
Delete
delete
@Set
set
Update
update
Regeneratekey
regeneratekey
Recover
recover
Purge
purge
Backup
backup
Restore
restore
Setsas
setsas
Listsas
listsas
Getsas
getsas
Deletesas
deletesas
StoragePermissionsAll
all
StoragePermissionsGet
get
StoragePermissionsList
list
StoragePermissionsDelete
delete
StoragePermissionsSet
set
StoragePermissionsUpdate
update
StoragePermissionsRegeneratekey
regeneratekey
StoragePermissionsRecover
recover
StoragePermissionsPurge
purge
StoragePermissionsBackup
backup
StoragePermissionsRestore
restore
StoragePermissionsSetsas
setsas
StoragePermissionsListsas
listsas
StoragePermissionsGetsas
getsas
StoragePermissionsDeletesas
deletesas
All
all
Get
get
List
list
Delete
delete
Set
set
Update
update
Regeneratekey
regeneratekey
Recover
recover
Purge
purge
Backup
backup
Restore
restore
Setsas
setsas
Listsas
listsas
Getsas
getsas
Deletesas
deletesas
All
all
Get
get
List
list
Delete
delete
Set
set
Update
update
Regeneratekey
regeneratekey
Recover
recover
Purge
purge
Backup
backup
Restore
restore
Setsas
setsas
Listsas
listsas
Getsas
getsas
Deletesas
deletesas
ALL
all
GET
get
LIST
list
DELETE
delete
SET
set
UPDATE
update
REGENERATEKEY
regeneratekey
RECOVER
recover
PURGE
purge
BACKUP
backup
RESTORE
restore
SETSAS
setsas
LISTSAS
listsas
GETSAS
getsas
DELETESAS
deletesas
"all"
all
"get"
get
"list"
list
"delete"
delete
"set"
set
"update"
update
"regeneratekey"
regeneratekey
"recover"
recover
"purge"
purge
"backup"
backup
"restore"
restore
"setsas"
setsas
"listsas"
listsas
"getsas"
getsas
"deletesas"
deletesas

VaultProperties

Sku Pulumi.AzureNative.KeyVault.Inputs.Sku

SKU details

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

AccessPolicies List<Pulumi.AzureNative.KeyVault.Inputs.AccessPolicyEntry>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

CreateMode Pulumi.AzureNative.KeyVault.CreateMode

The vault's create mode to indicate whether the vault need to be recovered or not.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

EnableRbacAuthorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

EnabledForDeployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

EnabledForDiskEncryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

EnabledForTemplateDeployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

NetworkAcls Pulumi.AzureNative.KeyVault.Inputs.NetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

ProvisioningState string | Pulumi.AzureNative.KeyVault.VaultProvisioningState

Provisioning state of the vault.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

VaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

Sku Sku

SKU details

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

AccessPolicies []AccessPolicyEntry

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

CreateMode CreateMode

The vault's create mode to indicate whether the vault need to be recovered or not.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

EnableRbacAuthorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

EnabledForDeployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

EnabledForDiskEncryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

EnabledForTemplateDeployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

NetworkAcls NetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

ProvisioningState string | VaultProvisioningState

Provisioning state of the vault.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

VaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

sku Sku

SKU details

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies List<AccessPolicyEntry>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

createMode CreateMode

The vault's create mode to indicate whether the vault need to be recovered or not.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization Boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment Boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption Boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment Boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls NetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

provisioningState String | VaultProvisioningState

Provisioning state of the vault.

softDeleteRetentionInDays Integer

softDelete data retention days. It accepts >=7 and <=90.

vaultUri String

The URI of the vault for performing operations on keys and secrets. This property is readonly

sku Sku

SKU details

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies AccessPolicyEntry[]

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

createMode CreateMode

The vault's create mode to indicate whether the vault need to be recovered or not.

enablePurgeProtection boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls NetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

provisioningState string | VaultProvisioningState

Provisioning state of the vault.

softDeleteRetentionInDays number

softDelete data retention days. It accepts >=7 and <=90.

vaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

sku Sku

SKU details

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

access_policies Sequence[AccessPolicyEntry]

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

create_mode CreateMode

The vault's create mode to indicate whether the vault need to be recovered or not.

enable_purge_protection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enable_rbac_authorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enable_soft_delete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabled_for_deployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabled_for_disk_encryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabled_for_template_deployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

network_acls NetworkRuleSet

Rules governing the accessibility of the key vault from specific network locations.

provisioning_state str | VaultProvisioningState

Provisioning state of the vault.

soft_delete_retention_in_days int

softDelete data retention days. It accepts >=7 and <=90.

vault_uri str

The URI of the vault for performing operations on keys and secrets. This property is readonly

sku Property Map

SKU details

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies List<Property Map>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

createMode "recover" | "default"

The vault's create mode to indicate whether the vault need to be recovered or not.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization Boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment Boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption Boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment Boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls Property Map

Rules governing the accessibility of the key vault from specific network locations.

provisioningState String | "Succeeded" | "RegisteringDns"

Provisioning state of the vault.

softDeleteRetentionInDays Number

softDelete data retention days. It accepts >=7 and <=90.

vaultUri String

The URI of the vault for performing operations on keys and secrets. This property is readonly

VaultPropertiesResponse

HsmPoolResourceId string

The resource id of HSM Pool.

PrivateEndpointConnections List<Pulumi.AzureNative.KeyVault.Inputs.PrivateEndpointConnectionItemResponse>

List of private endpoint connections associated with the key vault.

Sku Pulumi.AzureNative.KeyVault.Inputs.SkuResponse

SKU details

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

AccessPolicies List<Pulumi.AzureNative.KeyVault.Inputs.AccessPolicyEntryResponse>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

EnableRbacAuthorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

EnabledForDeployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

EnabledForDiskEncryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

EnabledForTemplateDeployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

NetworkAcls Pulumi.AzureNative.KeyVault.Inputs.NetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

ProvisioningState string

Provisioning state of the vault.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

VaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

HsmPoolResourceId string

The resource id of HSM Pool.

PrivateEndpointConnections []PrivateEndpointConnectionItemResponse

List of private endpoint connections associated with the key vault.

Sku SkuResponse

SKU details

TenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

AccessPolicies []AccessPolicyEntryResponse

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

EnablePurgeProtection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

EnableRbacAuthorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

EnableSoftDelete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

EnabledForDeployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

EnabledForDiskEncryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

EnabledForTemplateDeployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

NetworkAcls NetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

ProvisioningState string

Provisioning state of the vault.

SoftDeleteRetentionInDays int

softDelete data retention days. It accepts >=7 and <=90.

VaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

hsmPoolResourceId String

The resource id of HSM Pool.

privateEndpointConnections List<PrivateEndpointConnectionItemResponse>

List of private endpoint connections associated with the key vault.

sku SkuResponse

SKU details

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies List<AccessPolicyEntryResponse>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization Boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment Boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption Boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment Boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls NetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

provisioningState String

Provisioning state of the vault.

softDeleteRetentionInDays Integer

softDelete data retention days. It accepts >=7 and <=90.

vaultUri String

The URI of the vault for performing operations on keys and secrets. This property is readonly

hsmPoolResourceId string

The resource id of HSM Pool.

privateEndpointConnections PrivateEndpointConnectionItemResponse[]

List of private endpoint connections associated with the key vault.

sku SkuResponse

SKU details

tenantId string

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies AccessPolicyEntryResponse[]

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

enablePurgeProtection boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls NetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

provisioningState string

Provisioning state of the vault.

softDeleteRetentionInDays number

softDelete data retention days. It accepts >=7 and <=90.

vaultUri string

The URI of the vault for performing operations on keys and secrets. This property is readonly

hsm_pool_resource_id str

The resource id of HSM Pool.

private_endpoint_connections Sequence[PrivateEndpointConnectionItemResponse]

List of private endpoint connections associated with the key vault.

sku SkuResponse

SKU details

tenant_id str

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

access_policies Sequence[AccessPolicyEntryResponse]

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

enable_purge_protection bool

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enable_rbac_authorization bool

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enable_soft_delete bool

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabled_for_deployment bool

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabled_for_disk_encryption bool

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabled_for_template_deployment bool

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

network_acls NetworkRuleSetResponse

Rules governing the accessibility of the key vault from specific network locations.

provisioning_state str

Provisioning state of the vault.

soft_delete_retention_in_days int

softDelete data retention days. It accepts >=7 and <=90.

vault_uri str

The URI of the vault for performing operations on keys and secrets. This property is readonly

hsmPoolResourceId String

The resource id of HSM Pool.

privateEndpointConnections List<Property Map>

List of private endpoint connections associated with the key vault.

sku Property Map

SKU details

tenantId String

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

accessPolicies List<Property Map>

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

enablePurgeProtection Boolean

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization Boolean

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enableSoftDelete Boolean

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabledForDeployment Boolean

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption Boolean

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment Boolean

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

networkAcls Property Map

Rules governing the accessibility of the key vault from specific network locations.

provisioningState String

Provisioning state of the vault.

softDeleteRetentionInDays Number

softDelete data retention days. It accepts >=7 and <=90.

vaultUri String

The URI of the vault for performing operations on keys and secrets. This property is readonly

VaultProvisioningState

Succeeded
Succeeded
RegisteringDns
RegisteringDns
VaultProvisioningStateSucceeded
Succeeded
VaultProvisioningStateRegisteringDns
RegisteringDns
Succeeded
Succeeded
RegisteringDns
RegisteringDns
Succeeded
Succeeded
RegisteringDns
RegisteringDns
SUCCEEDED
Succeeded
REGISTERING_DNS
RegisteringDns
"Succeeded"
Succeeded
"RegisteringDns"
RegisteringDns

VirtualNetworkRule

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

IgnoreMissingVnetServiceEndpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

IgnoreMissingVnetServiceEndpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint Boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id str

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignore_missing_vnet_service_endpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint Boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

VirtualNetworkRuleResponse

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

IgnoreMissingVnetServiceEndpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

Id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

IgnoreMissingVnetServiceEndpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint Boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id string

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id str

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignore_missing_vnet_service_endpoint bool

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

id String

Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.

ignoreMissingVnetServiceEndpoint Boolean

Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:keyvault:Vault sample-vault /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-resource-group/providers/Microsoft.KeyVault/vaults/sample-vault 

Package Details

Repository
https://github.com/pulumi/pulumi-azure-native
License
Apache-2.0