Azure Classic v5.49.0, Aug 29 23

We recommend using Azure Native.

Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi

pulumi/pulumi-azure

azure.appconfiguration.ConfigurationStore

Explore with Pulumi AI

We recommend using Azure Native.

Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi

pulumi/pulumi-azure

Import

App Configurations can be imported using the resource id, e.g.

 $ pulumi import azure:appconfiguration/configurationStore:ConfigurationStore appconf /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.AppConfiguration/configurationStores/appConf1

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Location = "West Europe",
    });

    var appconf = new Azure.AppConfiguration.ConfigurationStore("appconf", new()
    {
        ResourceGroupName = example.Name,
        Location = example.Location,
    });

});

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appconfiguration"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		_, err = appconfiguration.NewConfigurationStore(ctx, "appconf", &appconfiguration.ConfigurationStoreArgs{
			ResourceGroupName: example.Name,
			Location:          example.Location,
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var appconf = new ConfigurationStore("appconf", ConfigurationStoreArgs.builder()        
            .resourceGroupName(example.name())
            .location(example.location())
            .build());

    }
}

import pulumi
import pulumi_azure as azure

example = azure.core.ResourceGroup("example", location="West Europe")
appconf = azure.appconfiguration.ConfigurationStore("appconf",
    resource_group_name=example.name,
    location=example.location)

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.core.ResourceGroup("example", {location: "West Europe"});
const appconf = new azure.appconfiguration.ConfigurationStore("appconf", {
    resourceGroupName: example.name,
    location: example.location,
});

resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  appconf:
    type: azure:appconfiguration:ConfigurationStore
    properties:
      resourceGroupName: ${example.name}
      location: ${example.location}

Encryption)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("exampleUserAssignedIdentity", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
    });

    var current = Azure.Core.GetClientConfig.Invoke();

    var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
        TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
        SkuName = "standard",
        SoftDeleteRetentionDays = 7,
        PurgeProtectionEnabled = true,
    });

    var server = new Azure.KeyVault.AccessPolicy("server", new()
    {
        KeyVaultId = exampleKeyVault.Id,
        TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
        ObjectId = exampleUserAssignedIdentity.PrincipalId,
        KeyPermissions = new[]
        {
            "Get",
            "UnwrapKey",
            "WrapKey",
        },
        SecretPermissions = new[]
        {
            "Get",
        },
    });

    var client = new Azure.KeyVault.AccessPolicy("client", new()
    {
        KeyVaultId = exampleKeyVault.Id,
        TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
        ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
        KeyPermissions = new[]
        {
            "Get",
            "Create",
            "Delete",
            "List",
            "Restore",
            "Recover",
            "UnwrapKey",
            "WrapKey",
            "Purge",
            "Encrypt",
            "Decrypt",
            "Sign",
            "Verify",
            "GetRotationPolicy",
        },
        SecretPermissions = new[]
        {
            "Get",
        },
    });

    var exampleKey = new Azure.KeyVault.Key("exampleKey", new()
    {
        KeyVaultId = exampleKeyVault.Id,
        KeyType = "RSA",
        KeySize = 2048,
        KeyOpts = new[]
        {
            "decrypt",
            "encrypt",
            "sign",
            "unwrapKey",
            "verify",
            "wrapKey",
        },
    }, new CustomResourceOptions
    {
        DependsOn = new[]
        {
            client,
            server,
        },
    });

    var exampleConfigurationStore = new Azure.AppConfiguration.ConfigurationStore("exampleConfigurationStore", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        Sku = "standard",
        LocalAuthEnabled = true,
        PublicNetworkAccess = "Enabled",
        PurgeProtectionEnabled = false,
        SoftDeleteRetentionDays = 1,
        Identity = new Azure.AppConfiguration.Inputs.ConfigurationStoreIdentityArgs
        {
            Type = "UserAssigned",
            IdentityIds = new[]
            {
                exampleUserAssignedIdentity.Id,
            },
        },
        Encryption = new Azure.AppConfiguration.Inputs.ConfigurationStoreEncryptionArgs
        {
            KeyVaultKeyIdentifier = exampleKey.Id,
            IdentityClientId = exampleUserAssignedIdentity.ClientId,
        },
        Tags = 
        {
            { "environment", "development" },
        },
    }, new CustomResourceOptions
    {
        DependsOn = new[]
        {
            client,
            server,
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appconfiguration"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "exampleUserAssignedIdentity", &authorization.UserAssignedIdentityArgs{
			Location:          exampleResourceGroup.Location,
			ResourceGroupName: exampleResourceGroup.Name,
		})
		if err != nil {
			return err
		}
		current, err := core.GetClientConfig(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{
			Location:                exampleResourceGroup.Location,
			ResourceGroupName:       exampleResourceGroup.Name,
			TenantId:                *pulumi.String(current.TenantId),
			SkuName:                 pulumi.String("standard"),
			SoftDeleteRetentionDays: pulumi.Int(7),
			PurgeProtectionEnabled:  pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		server, err := keyvault.NewAccessPolicy(ctx, "server", &keyvault.AccessPolicyArgs{
			KeyVaultId: exampleKeyVault.ID(),
			TenantId:   *pulumi.String(current.TenantId),
			ObjectId:   exampleUserAssignedIdentity.PrincipalId,
			KeyPermissions: pulumi.StringArray{
				pulumi.String("Get"),
				pulumi.String("UnwrapKey"),
				pulumi.String("WrapKey"),
			},
			SecretPermissions: pulumi.StringArray{
				pulumi.String("Get"),
			},
		})
		if err != nil {
			return err
		}
		client, err := keyvault.NewAccessPolicy(ctx, "client", &keyvault.AccessPolicyArgs{
			KeyVaultId: exampleKeyVault.ID(),
			TenantId:   *pulumi.String(current.TenantId),
			ObjectId:   *pulumi.String(current.ObjectId),
			KeyPermissions: pulumi.StringArray{
				pulumi.String("Get"),
				pulumi.String("Create"),
				pulumi.String("Delete"),
				pulumi.String("List"),
				pulumi.String("Restore"),
				pulumi.String("Recover"),
				pulumi.String("UnwrapKey"),
				pulumi.String("WrapKey"),
				pulumi.String("Purge"),
				pulumi.String("Encrypt"),
				pulumi.String("Decrypt"),
				pulumi.String("Sign"),
				pulumi.String("Verify"),
				pulumi.String("GetRotationPolicy"),
			},
			SecretPermissions: pulumi.StringArray{
				pulumi.String("Get"),
			},
		})
		if err != nil {
			return err
		}
		exampleKey, err := keyvault.NewKey(ctx, "exampleKey", &keyvault.KeyArgs{
			KeyVaultId: exampleKeyVault.ID(),
			KeyType:    pulumi.String("RSA"),
			KeySize:    pulumi.Int(2048),
			KeyOpts: pulumi.StringArray{
				pulumi.String("decrypt"),
				pulumi.String("encrypt"),
				pulumi.String("sign"),
				pulumi.String("unwrapKey"),
				pulumi.String("verify"),
				pulumi.String("wrapKey"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			client,
			server,
		}))
		if err != nil {
			return err
		}
		_, err = appconfiguration.NewConfigurationStore(ctx, "exampleConfigurationStore", &appconfiguration.ConfigurationStoreArgs{
			ResourceGroupName:       exampleResourceGroup.Name,
			Location:                exampleResourceGroup.Location,
			Sku:                     pulumi.String("standard"),
			LocalAuthEnabled:        pulumi.Bool(true),
			PublicNetworkAccess:     pulumi.String("Enabled"),
			PurgeProtectionEnabled:  pulumi.Bool(false),
			SoftDeleteRetentionDays: pulumi.Int(1),
			Identity: &appconfiguration.ConfigurationStoreIdentityArgs{
				Type: pulumi.String("UserAssigned"),
				IdentityIds: pulumi.StringArray{
					exampleUserAssignedIdentity.ID(),
				},
			},
			Encryption: &appconfiguration.ConfigurationStoreEncryptionArgs{
				KeyVaultKeyIdentifier: exampleKey.ID(),
				IdentityClientId:      exampleUserAssignedIdentity.ClientId,
			},
			Tags: pulumi.StringMap{
				"environment": pulumi.String("development"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			client,
			server,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import com.pulumi.azure.appconfiguration.inputs.ConfigurationStoreIdentityArgs;
import com.pulumi.azure.appconfiguration.inputs.ConfigurationStoreEncryptionArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .build());

        final var current = CoreFunctions.getClientConfig();

        var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .skuName("standard")
            .softDeleteRetentionDays(7)
            .purgeProtectionEnabled(true)
            .build());

        var server = new AccessPolicy("server", AccessPolicyArgs.builder()        
            .keyVaultId(exampleKeyVault.id())
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .objectId(exampleUserAssignedIdentity.principalId())
            .keyPermissions(            
                "Get",
                "UnwrapKey",
                "WrapKey")
            .secretPermissions("Get")
            .build());

        var client = new AccessPolicy("client", AccessPolicyArgs.builder()        
            .keyVaultId(exampleKeyVault.id())
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
            .keyPermissions(            
                "Get",
                "Create",
                "Delete",
                "List",
                "Restore",
                "Recover",
                "UnwrapKey",
                "WrapKey",
                "Purge",
                "Encrypt",
                "Decrypt",
                "Sign",
                "Verify",
                "GetRotationPolicy")
            .secretPermissions("Get")
            .build());

        var exampleKey = new Key("exampleKey", KeyArgs.builder()        
            .keyVaultId(exampleKeyVault.id())
            .keyType("RSA")
            .keySize(2048)
            .keyOpts(            
                "decrypt",
                "encrypt",
                "sign",
                "unwrapKey",
                "verify",
                "wrapKey")
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    client,
                    server)
                .build());

        var exampleConfigurationStore = new ConfigurationStore("exampleConfigurationStore", ConfigurationStoreArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .sku("standard")
            .localAuthEnabled(true)
            .publicNetworkAccess("Enabled")
            .purgeProtectionEnabled(false)
            .softDeleteRetentionDays(1)
            .identity(ConfigurationStoreIdentityArgs.builder()
                .type("UserAssigned")
                .identityIds(exampleUserAssignedIdentity.id())
                .build())
            .encryption(ConfigurationStoreEncryptionArgs.builder()
                .keyVaultKeyIdentifier(exampleKey.id())
                .identityClientId(exampleUserAssignedIdentity.clientId())
                .build())
            .tags(Map.of("environment", "development"))
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    client,
                    server)
                .build());

    }
}

import pulumi
import pulumi_azure as azure

example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name)
current = azure.core.get_client_config()
example_key_vault = azure.keyvault.KeyVault("exampleKeyVault",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    tenant_id=current.tenant_id,
    sku_name="standard",
    soft_delete_retention_days=7,
    purge_protection_enabled=True)
server = azure.keyvault.AccessPolicy("server",
    key_vault_id=example_key_vault.id,
    tenant_id=current.tenant_id,
    object_id=example_user_assigned_identity.principal_id,
    key_permissions=[
        "Get",
        "UnwrapKey",
        "WrapKey",
    ],
    secret_permissions=["Get"])
client = azure.keyvault.AccessPolicy("client",
    key_vault_id=example_key_vault.id,
    tenant_id=current.tenant_id,
    object_id=current.object_id,
    key_permissions=[
        "Get",
        "Create",
        "Delete",
        "List",
        "Restore",
        "Recover",
        "UnwrapKey",
        "WrapKey",
        "Purge",
        "Encrypt",
        "Decrypt",
        "Sign",
        "Verify",
        "GetRotationPolicy",
    ],
    secret_permissions=["Get"])
example_key = azure.keyvault.Key("exampleKey",
    key_vault_id=example_key_vault.id,
    key_type="RSA",
    key_size=2048,
    key_opts=[
        "decrypt",
        "encrypt",
        "sign",
        "unwrapKey",
        "verify",
        "wrapKey",
    ],
    opts=pulumi.ResourceOptions(depends_on=[
            client,
            server,
        ]))
example_configuration_store = azure.appconfiguration.ConfigurationStore("exampleConfigurationStore",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    sku="standard",
    local_auth_enabled=True,
    public_network_access="Enabled",
    purge_protection_enabled=False,
    soft_delete_retention_days=1,
    identity=azure.appconfiguration.ConfigurationStoreIdentityArgs(
        type="UserAssigned",
        identity_ids=[example_user_assigned_identity.id],
    ),
    encryption=azure.appconfiguration.ConfigurationStoreEncryptionArgs(
        key_vault_key_identifier=example_key.id,
        identity_client_id=example_user_assigned_identity.client_id,
    ),
    tags={
        "environment": "development",
    },
    opts=pulumi.ResourceOptions(depends_on=[
            client,
            server,
        ]))

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("exampleUserAssignedIdentity", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
});
const current = azure.core.getClientConfig({});
const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
    tenantId: current.then(current => current.tenantId),
    skuName: "standard",
    softDeleteRetentionDays: 7,
    purgeProtectionEnabled: true,
});
const server = new azure.keyvault.AccessPolicy("server", {
    keyVaultId: exampleKeyVault.id,
    tenantId: current.then(current => current.tenantId),
    objectId: exampleUserAssignedIdentity.principalId,
    keyPermissions: [
        "Get",
        "UnwrapKey",
        "WrapKey",
    ],
    secretPermissions: ["Get"],
});
const client = new azure.keyvault.AccessPolicy("client", {
    keyVaultId: exampleKeyVault.id,
    tenantId: current.then(current => current.tenantId),
    objectId: current.then(current => current.objectId),
    keyPermissions: [
        "Get",
        "Create",
        "Delete",
        "List",
        "Restore",
        "Recover",
        "UnwrapKey",
        "WrapKey",
        "Purge",
        "Encrypt",
        "Decrypt",
        "Sign",
        "Verify",
        "GetRotationPolicy",
    ],
    secretPermissions: ["Get"],
});
const exampleKey = new azure.keyvault.Key("exampleKey", {
    keyVaultId: exampleKeyVault.id,
    keyType: "RSA",
    keySize: 2048,
    keyOpts: [
        "decrypt",
        "encrypt",
        "sign",
        "unwrapKey",
        "verify",
        "wrapKey",
    ],
}, {
    dependsOn: [
        client,
        server,
    ],
});
const exampleConfigurationStore = new azure.appconfiguration.ConfigurationStore("exampleConfigurationStore", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    sku: "standard",
    localAuthEnabled: true,
    publicNetworkAccess: "Enabled",
    purgeProtectionEnabled: false,
    softDeleteRetentionDays: 1,
    identity: {
        type: "UserAssigned",
        identityIds: [exampleUserAssignedIdentity.id],
    },
    encryption: {
        keyVaultKeyIdentifier: exampleKey.id,
        identityClientId: exampleUserAssignedIdentity.clientId,
    },
    tags: {
        environment: "development",
    },
}, {
    dependsOn: [
        client,
        server,
    ],
});

resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  exampleUserAssignedIdentity:
    type: azure:authorization:UserAssignedIdentity
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
  exampleKeyVault:
    type: azure:keyvault:KeyVault
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
      tenantId: ${current.tenantId}
      skuName: standard
      softDeleteRetentionDays: 7
      purgeProtectionEnabled: true
  server:
    type: azure:keyvault:AccessPolicy
    properties:
      keyVaultId: ${exampleKeyVault.id}
      tenantId: ${current.tenantId}
      objectId: ${exampleUserAssignedIdentity.principalId}
      keyPermissions:
        - Get
        - UnwrapKey
        - WrapKey
      secretPermissions:
        - Get
  client:
    type: azure:keyvault:AccessPolicy
    properties:
      keyVaultId: ${exampleKeyVault.id}
      tenantId: ${current.tenantId}
      objectId: ${current.objectId}
      keyPermissions:
        - Get
        - Create
        - Delete
        - List
        - Restore
        - Recover
        - UnwrapKey
        - WrapKey
        - Purge
        - Encrypt
        - Decrypt
        - Sign
        - Verify
        - GetRotationPolicy
      secretPermissions:
        - Get
  exampleKey:
    type: azure:keyvault:Key
    properties:
      keyVaultId: ${exampleKeyVault.id}
      keyType: RSA
      keySize: 2048
      keyOpts:
        - decrypt
        - encrypt
        - sign
        - unwrapKey
        - verify
        - wrapKey
    options:
      dependson:
        - ${client}
        - ${server}
  exampleConfigurationStore:
    type: azure:appconfiguration:ConfigurationStore
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
      sku: standard
      localAuthEnabled: true
      publicNetworkAccess: Enabled
      purgeProtectionEnabled: false
      softDeleteRetentionDays: 1
      identity:
        type: UserAssigned
        identityIds:
          - ${exampleUserAssignedIdentity.id}
      encryption:
        keyVaultKeyIdentifier: ${exampleKey.id}
        identityClientId: ${exampleUserAssignedIdentity.clientId}
      tags:
        environment: development
    options:
      dependson:
        - ${client}
        - ${server}
variables:
  current:
    fn::invoke:
      Function: azure:core:getClientConfig
      Arguments: {}

Create ConfigurationStore Resource

new ConfigurationStore(name: string, args: ConfigurationStoreArgs, opts?: CustomResourceOptions);

@overload
def ConfigurationStore(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       encryption: Optional[ConfigurationStoreEncryptionArgs] = None,
                       identity: Optional[ConfigurationStoreIdentityArgs] = None,
                       local_auth_enabled: Optional[bool] = None,
                       location: Optional[str] = None,
                       name: Optional[str] = None,
                       public_network_access: Optional[str] = None,
                       purge_protection_enabled: Optional[bool] = None,
                       resource_group_name: Optional[str] = None,
                       sku: Optional[str] = None,
                       soft_delete_retention_days: Optional[int] = None,
                       tags: Optional[Mapping[str, str]] = None)
@overload
def ConfigurationStore(resource_name: str,
                       args: ConfigurationStoreArgs,
                       opts: Optional[ResourceOptions] = None)

func NewConfigurationStore(ctx *Context, name string, args ConfigurationStoreArgs, opts ...ResourceOption) (*ConfigurationStore, error)

public ConfigurationStore(string name, ConfigurationStoreArgs args, CustomResourceOptions? opts = null)

public ConfigurationStore(String name, ConfigurationStoreArgs args)
public ConfigurationStore(String name, ConfigurationStoreArgs args, CustomResourceOptions options)

type: azure:appconfiguration:ConfigurationStore
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ConfigurationStoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ConfigurationStoreArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ConfigurationStoreArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ConfigurationStoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ConfigurationStoreArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ConfigurationStore Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ConfigurationStore resource accepts the following input properties:

ResourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

Encryption ConfigurationStoreEncryption

An encryption block as defined below.

Identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

LocalAuthEnabled bool

Whether local authentication methods is enabled. Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

PublicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

PurgeProtectionEnabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

!> Note: Once Purge Protection has been enabled it's not possible to disable it. Deleting the App Configuration with Purge Protection enabled will schedule the App Configuration to be deleted (which will happen by Azure in the configured number of days).

Sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

SoftDeleteRetentionDays int

The number of days that items should be retained for once soft-deleted. This field only works for standard sku. This value can be between 1 and 7 days. Defaults to 7. Changing this forces a new resource to be created.

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

ResourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

Encryption ConfigurationStoreEncryptionArgs

An encryption block as defined below.

Identity ConfigurationStoreIdentityArgs

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

LocalAuthEnabled bool

Whether local authentication methods is enabled. Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

PublicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

PurgeProtectionEnabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

Sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

SoftDeleteRetentionDays int

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

Tags map[string]string

A mapping of tags to assign to the resource.

resourceGroupName String

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

encryption ConfigurationStoreEncryption

An encryption block as defined below.

identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled Boolean

Whether local authentication methods is enabled. Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

publicNetworkAccess String

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled Boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

sku String

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays Integer

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Map<String,String>

A mapping of tags to assign to the resource.

resourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

encryption ConfigurationStoreEncryption

An encryption block as defined below.

identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled boolean

Whether local authentication methods is enabled. Defaults to true.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

publicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays number

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags {[key: string]: string}

A mapping of tags to assign to the resource.

resource_group_name str

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

encryption ConfigurationStoreEncryptionArgs

An encryption block as defined below.

identity ConfigurationStoreIdentityArgs

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

local_auth_enabled bool

Whether local authentication methods is enabled. Defaults to true.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name str

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

public_network_access str

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purge_protection_enabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

sku str

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

soft_delete_retention_days int

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Mapping[str, str]

A mapping of tags to assign to the resource.

resourceGroupName String

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

encryption Property Map

An encryption block as defined below.

identity Property Map

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled Boolean

Whether local authentication methods is enabled. Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

publicNetworkAccess String

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled Boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

sku String

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays Number

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Map<String>

A mapping of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the ConfigurationStore resource produces the following output properties:

Endpoint string: The URL of the App Configuration.
Id string: The provider-assigned unique ID for this managed resource.
PrimaryReadKeys List<ConfigurationStorePrimaryReadKey>: A primary_read_key block as defined below containing the primary read access key.
PrimaryWriteKeys List<ConfigurationStorePrimaryWriteKey>: A primary_write_key block as defined below containing the primary write access key.
SecondaryReadKeys List<ConfigurationStoreSecondaryReadKey>: A secondary_read_key block as defined below containing the secondary read access key.
SecondaryWriteKeys List<ConfigurationStoreSecondaryWriteKey>: A secondary_write_key block as defined below containing the secondary write access key.

Endpoint string: The URL of the App Configuration.
Id string: The provider-assigned unique ID for this managed resource.
PrimaryReadKeys []ConfigurationStorePrimaryReadKey: A primary_read_key block as defined below containing the primary read access key.
PrimaryWriteKeys []ConfigurationStorePrimaryWriteKey: A primary_write_key block as defined below containing the primary write access key.
SecondaryReadKeys []ConfigurationStoreSecondaryReadKey: A secondary_read_key block as defined below containing the secondary read access key.
SecondaryWriteKeys []ConfigurationStoreSecondaryWriteKey: A secondary_write_key block as defined below containing the secondary write access key.

endpoint String: The URL of the App Configuration.
id String: The provider-assigned unique ID for this managed resource.
primaryReadKeys List<ConfigurationStorePrimaryReadKey>: A primary_read_key block as defined below containing the primary read access key.
primaryWriteKeys List<ConfigurationStorePrimaryWriteKey>: A primary_write_key block as defined below containing the primary write access key.
secondaryReadKeys List<ConfigurationStoreSecondaryReadKey>: A secondary_read_key block as defined below containing the secondary read access key.
secondaryWriteKeys List<ConfigurationStoreSecondaryWriteKey>: A secondary_write_key block as defined below containing the secondary write access key.

endpoint string: The URL of the App Configuration.
id string: The provider-assigned unique ID for this managed resource.
primaryReadKeys ConfigurationStorePrimaryReadKey[]: A primary_read_key block as defined below containing the primary read access key.
primaryWriteKeys ConfigurationStorePrimaryWriteKey[]: A primary_write_key block as defined below containing the primary write access key.
secondaryReadKeys ConfigurationStoreSecondaryReadKey[]: A secondary_read_key block as defined below containing the secondary read access key.
secondaryWriteKeys ConfigurationStoreSecondaryWriteKey[]: A secondary_write_key block as defined below containing the secondary write access key.

endpoint str: The URL of the App Configuration.
id str: The provider-assigned unique ID for this managed resource.
primary_read_keys Sequence[ConfigurationStorePrimaryReadKey]: A primary_read_key block as defined below containing the primary read access key.
primary_write_keys Sequence[ConfigurationStorePrimaryWriteKey]: A primary_write_key block as defined below containing the primary write access key.
secondary_read_keys Sequence[ConfigurationStoreSecondaryReadKey]: A secondary_read_key block as defined below containing the secondary read access key.
secondary_write_keys Sequence[ConfigurationStoreSecondaryWriteKey]: A secondary_write_key block as defined below containing the secondary write access key.

endpoint String: The URL of the App Configuration.
id String: The provider-assigned unique ID for this managed resource.
primaryReadKeys List<Property Map>: A primary_read_key block as defined below containing the primary read access key.
primaryWriteKeys List<Property Map>: A primary_write_key block as defined below containing the primary write access key.
secondaryReadKeys List<Property Map>: A secondary_read_key block as defined below containing the secondary read access key.
secondaryWriteKeys List<Property Map>: A secondary_write_key block as defined below containing the secondary write access key.

Look up Existing ConfigurationStore Resource

Get an existing ConfigurationStore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ConfigurationStoreState, opts?: CustomResourceOptions): ConfigurationStore

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        encryption: Optional[ConfigurationStoreEncryptionArgs] = None,
        endpoint: Optional[str] = None,
        identity: Optional[ConfigurationStoreIdentityArgs] = None,
        local_auth_enabled: Optional[bool] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        primary_read_keys: Optional[Sequence[ConfigurationStorePrimaryReadKeyArgs]] = None,
        primary_write_keys: Optional[Sequence[ConfigurationStorePrimaryWriteKeyArgs]] = None,
        public_network_access: Optional[str] = None,
        purge_protection_enabled: Optional[bool] = None,
        resource_group_name: Optional[str] = None,
        secondary_read_keys: Optional[Sequence[ConfigurationStoreSecondaryReadKeyArgs]] = None,
        secondary_write_keys: Optional[Sequence[ConfigurationStoreSecondaryWriteKeyArgs]] = None,
        sku: Optional[str] = None,
        soft_delete_retention_days: Optional[int] = None,
        tags: Optional[Mapping[str, str]] = None) -> ConfigurationStore

func GetConfigurationStore(ctx *Context, name string, id IDInput, state *ConfigurationStoreState, opts ...ResourceOption) (*ConfigurationStore, error)

public static ConfigurationStore Get(string name, Input<string> id, ConfigurationStoreState? state, CustomResourceOptions? opts = null)

public static ConfigurationStore get(String name, Output<String> id, ConfigurationStoreState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Encryption ConfigurationStoreEncryption

An encryption block as defined below.

Endpoint string

The URL of the App Configuration.

Identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

LocalAuthEnabled bool

Whether local authentication methods is enabled. Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

PrimaryReadKeys List<ConfigurationStorePrimaryReadKey>

A primary_read_key block as defined below containing the primary read access key.

PrimaryWriteKeys List<ConfigurationStorePrimaryWriteKey>

A primary_write_key block as defined below containing the primary write access key.

PublicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

PurgeProtectionEnabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

ResourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

SecondaryReadKeys List<ConfigurationStoreSecondaryReadKey>

A secondary_read_key block as defined below containing the secondary read access key.

SecondaryWriteKeys List<ConfigurationStoreSecondaryWriteKey>

A secondary_write_key block as defined below containing the secondary write access key.

Sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

SoftDeleteRetentionDays int

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

Tags Dictionary<string, string>

A mapping of tags to assign to the resource.

Encryption ConfigurationStoreEncryptionArgs

An encryption block as defined below.

Endpoint string

The URL of the App Configuration.

Identity ConfigurationStoreIdentityArgs

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

LocalAuthEnabled bool

Whether local authentication methods is enabled. Defaults to true.

Location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

Name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

PrimaryReadKeys []ConfigurationStorePrimaryReadKeyArgs

A primary_read_key block as defined below containing the primary read access key.

PrimaryWriteKeys []ConfigurationStorePrimaryWriteKeyArgs

A primary_write_key block as defined below containing the primary write access key.

PublicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

PurgeProtectionEnabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

ResourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

SecondaryReadKeys []ConfigurationStoreSecondaryReadKeyArgs

A secondary_read_key block as defined below containing the secondary read access key.

SecondaryWriteKeys []ConfigurationStoreSecondaryWriteKeyArgs

A secondary_write_key block as defined below containing the secondary write access key.

Sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

SoftDeleteRetentionDays int

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

Tags map[string]string

A mapping of tags to assign to the resource.

encryption ConfigurationStoreEncryption

An encryption block as defined below.

endpoint String

The URL of the App Configuration.

identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled Boolean

Whether local authentication methods is enabled. Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

primaryReadKeys List<ConfigurationStorePrimaryReadKey>

A primary_read_key block as defined below containing the primary read access key.

primaryWriteKeys List<ConfigurationStorePrimaryWriteKey>

A primary_write_key block as defined below containing the primary write access key.

publicNetworkAccess String

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled Boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

resourceGroupName String

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

secondaryReadKeys List<ConfigurationStoreSecondaryReadKey>

A secondary_read_key block as defined below containing the secondary read access key.

secondaryWriteKeys List<ConfigurationStoreSecondaryWriteKey>

A secondary_write_key block as defined below containing the secondary write access key.

sku String

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays Integer

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Map<String,String>

A mapping of tags to assign to the resource.

encryption ConfigurationStoreEncryption

An encryption block as defined below.

endpoint string

The URL of the App Configuration.

identity ConfigurationStoreIdentity

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled boolean

Whether local authentication methods is enabled. Defaults to true.

location string

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name string

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

primaryReadKeys ConfigurationStorePrimaryReadKey[]

A primary_read_key block as defined below containing the primary read access key.

primaryWriteKeys ConfigurationStorePrimaryWriteKey[]

A primary_write_key block as defined below containing the primary write access key.

publicNetworkAccess string

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

resourceGroupName string

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

secondaryReadKeys ConfigurationStoreSecondaryReadKey[]

A secondary_read_key block as defined below containing the secondary read access key.

secondaryWriteKeys ConfigurationStoreSecondaryWriteKey[]

A secondary_write_key block as defined below containing the secondary write access key.

sku string

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays number

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags {[key: string]: string}

A mapping of tags to assign to the resource.

encryption ConfigurationStoreEncryptionArgs

An encryption block as defined below.

endpoint str

The URL of the App Configuration.

identity ConfigurationStoreIdentityArgs

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

local_auth_enabled bool

Whether local authentication methods is enabled. Defaults to true.

location str

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name str

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

primary_read_keys Sequence[ConfigurationStorePrimaryReadKeyArgs]

A primary_read_key block as defined below containing the primary read access key.

primary_write_keys Sequence[ConfigurationStorePrimaryWriteKeyArgs]

A primary_write_key block as defined below containing the primary write access key.

public_network_access str

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purge_protection_enabled bool

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

resource_group_name str

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

secondary_read_keys Sequence[ConfigurationStoreSecondaryReadKeyArgs]

A secondary_read_key block as defined below containing the secondary read access key.

secondary_write_keys Sequence[ConfigurationStoreSecondaryWriteKeyArgs]

A secondary_write_key block as defined below containing the secondary write access key.

sku str

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

soft_delete_retention_days int

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Mapping[str, str]

A mapping of tags to assign to the resource.

encryption Property Map

An encryption block as defined below.

endpoint String

The URL of the App Configuration.

identity Property Map

An identity block as defined below.

NOTE: Azure does not allow a downgrade from standard to free.

localAuthEnabled Boolean

Whether local authentication methods is enabled. Defaults to true.

location String

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

name String

Specifies the name of the App Configuration. Changing this forces a new resource to be created.

primaryReadKeys List<Property Map>

A primary_read_key block as defined below containing the primary read access key.

primaryWriteKeys List<Property Map>

A primary_write_key block as defined below containing the primary write access key.

publicNetworkAccess String

The Public Network Access setting of the App Configuration. Possible values are Enabled and Disabled.

NOTE: If public_network_access is not specified, the App Configuration will be created as Automatic. However, once a different value is defined, can not be set again as automatic.

purgeProtectionEnabled Boolean

Whether Purge Protection is enabled. This field only works for standard sku. Defaults to false.

resourceGroupName String

The name of the resource group in which to create the App Configuration. Changing this forces a new resource to be created.

secondaryReadKeys List<Property Map>

A secondary_read_key block as defined below containing the secondary read access key.

secondaryWriteKeys List<Property Map>

A secondary_write_key block as defined below containing the secondary write access key.

sku String

The SKU name of the App Configuration. Possible values are free and standard. Defaults to free.

softDeleteRetentionDays Number

Note: If Purge Protection is enabled, this field can only be configured one time and cannot be updated.

tags Map<String>

A mapping of tags to assign to the resource.

Supporting Types

ConfigurationStoreEncryption, ConfigurationStoreEncryptionArgs

IdentityClientId string: Specifies the client id of the identity which will be used to access key vault.
KeyVaultKeyIdentifier string: Specifies the URI of the key vault key used to encrypt data.

IdentityClientId string: Specifies the client id of the identity which will be used to access key vault.
KeyVaultKeyIdentifier string: Specifies the URI of the key vault key used to encrypt data.

identityClientId String: Specifies the client id of the identity which will be used to access key vault.
keyVaultKeyIdentifier String: Specifies the URI of the key vault key used to encrypt data.

identityClientId string: Specifies the client id of the identity which will be used to access key vault.
keyVaultKeyIdentifier string: Specifies the URI of the key vault key used to encrypt data.

identity_client_id str: Specifies the client id of the identity which will be used to access key vault.
key_vault_key_identifier str: Specifies the URI of the key vault key used to encrypt data.

identityClientId String: Specifies the client id of the identity which will be used to access key vault.
keyVaultKeyIdentifier String: Specifies the URI of the key vault key used to encrypt data.

ConfigurationStoreIdentity, ConfigurationStoreIdentityArgs

Type string: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds List<string>: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
PrincipalId string: The Principal ID associated with this Managed Service Identity.
TenantId string: The Tenant ID associated with this Managed Service Identity.

Type string: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
IdentityIds []string: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
PrincipalId string: The Principal ID associated with this Managed Service Identity.
TenantId string: The Tenant ID associated with this Managed Service Identity.

type String: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
principalId String: The Principal ID associated with this Managed Service Identity.
tenantId String: The Tenant ID associated with this Managed Service Identity.

type string: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds string[]: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
principalId string: The Principal ID associated with this Managed Service Identity.
tenantId string: The Tenant ID associated with this Managed Service Identity.

type str: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identity_ids Sequence[str]: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
principal_id str: The Principal ID associated with this Managed Service Identity.
tenant_id str: The Tenant ID associated with this Managed Service Identity.

type String: Specifies the type of Managed Service Identity that should be configured on this App Configuration. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).
identityIds List<String>: A list of User Assigned Managed Identity IDs to be assigned to this App Configuration.
NOTE: This is required when type is set to UserAssigned or SystemAssigned, UserAssigned.
principalId String: The Principal ID associated with this Managed Service Identity.
tenantId String: The Tenant ID associated with this Managed Service Identity.

ConfigurationStorePrimaryReadKey, ConfigurationStorePrimaryReadKeyArgs

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

connectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id string: The ID of the Access Key.
secret string: The Secret of the Access Key.

connection_string str: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id str: The ID of the Access Key.
secret str: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

ConfigurationStorePrimaryWriteKey, ConfigurationStorePrimaryWriteKeyArgs

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

connectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id string: The ID of the Access Key.
secret string: The Secret of the Access Key.

connection_string str: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id str: The ID of the Access Key.
secret str: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

ConfigurationStoreSecondaryReadKey, ConfigurationStoreSecondaryReadKeyArgs

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

connectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id string: The ID of the Access Key.
secret string: The Secret of the Access Key.

connection_string str: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id str: The ID of the Access Key.
secret str: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

ConfigurationStoreSecondaryWriteKey, ConfigurationStoreSecondaryWriteKeyArgs

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

ConnectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
Id string: The ID of the Access Key.
Secret string: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

connectionString string: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id string: The ID of the Access Key.
secret string: The Secret of the Access Key.

connection_string str: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id str: The ID of the Access Key.
secret str: The Secret of the Access Key.

connectionString String: The Connection String for this Access Key - comprising of the Endpoint, ID and Secret.
id String: The ID of the Access Key.
secret String: The Secret of the Access Key.

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

We recommend using Azure Native.

Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi

pulumi/pulumi-azure

azure.appconfiguration.ConfigurationStore

On this page

On this page

Import

Example Usage

Encryption)

Create ConfigurationStore Resource

ConfigurationStore Resource Properties

Inputs

Outputs

Look up Existing ConfigurationStore Resource

Supporting Types

ConfigurationStoreEncryption, ConfigurationStoreEncryptionArgs

ConfigurationStoreIdentity, ConfigurationStoreIdentityArgs

ConfigurationStorePrimaryReadKey, ConfigurationStorePrimaryReadKeyArgs

ConfigurationStorePrimaryWriteKey, ConfigurationStorePrimaryWriteKeyArgs

ConfigurationStoreSecondaryReadKey, ConfigurationStoreSecondaryReadKeyArgs

ConfigurationStoreSecondaryWriteKey, ConfigurationStoreSecondaryWriteKeyArgs

Package Details

On this page

On this page