azure.keyvault.getEncryptedValue
Explore with Pulumi AI
Encrypts or Decrypts a value using a Key Vault Key.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleKeyVault = Azure.KeyVault.GetKeyVault.Invoke(new()
{
Name = "mykeyvault",
ResourceGroupName = "some-resource-group",
});
var exampleKey = Azure.KeyVault.GetKey.Invoke(new()
{
Name = "some-key",
KeyVaultId = exampleKeyVault.Apply(getKeyVaultResult => getKeyVaultResult.Id),
});
var encrypted = Azure.KeyVault.GetEncryptedValue.Invoke(new()
{
KeyVaultKeyId = azurerm_key_vault_key.Test.Id,
Algorithm = "RSA1_5",
PlainTextValue = "some-encrypted-value",
});
return new Dictionary<string, object?>
{
["id"] = data.Azurerm_key_vault_encrypted_value.Example.Encrypted_data,
};
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleKeyVault, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
Name: "mykeyvault",
ResourceGroupName: "some-resource-group",
}, nil)
if err != nil {
return err
}
_, err = keyvault.LookupKey(ctx, &keyvault.LookupKeyArgs{
Name: "some-key",
KeyVaultId: exampleKeyVault.Id,
}, nil)
if err != nil {
return err
}
_, err = keyvault.GetEncryptedValue(ctx, &keyvault.GetEncryptedValueArgs{
KeyVaultKeyId: azurerm_key_vault_key.Test.Id,
Algorithm: "RSA1_5",
PlainTextValue: pulumi.StringRef("some-encrypted-value"),
}, nil)
if err != nil {
return err
}
ctx.Export("id", data.Azurerm_key_vault_encrypted_value.Example.Encrypted_data)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.GetKeyArgs;
import com.pulumi.azure.keyvault.inputs.GetEncryptedValueArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleKeyVault = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
.name("mykeyvault")
.resourceGroupName("some-resource-group")
.build());
final var exampleKey = KeyvaultFunctions.getKey(GetKeyArgs.builder()
.name("some-key")
.keyVaultId(exampleKeyVault.applyValue(getKeyVaultResult -> getKeyVaultResult.id()))
.build());
final var encrypted = KeyvaultFunctions.getEncryptedValue(GetEncryptedValueArgs.builder()
.keyVaultKeyId(azurerm_key_vault_key.test().id())
.algorithm("RSA1_5")
.plainTextValue("some-encrypted-value")
.build());
ctx.export("id", data.azurerm_key_vault_encrypted_value().example().encrypted_data());
}
}
import pulumi
import pulumi_azure as azure
example_key_vault = azure.keyvault.get_key_vault(name="mykeyvault",
resource_group_name="some-resource-group")
example_key = azure.keyvault.get_key(name="some-key",
key_vault_id=example_key_vault.id)
encrypted = azure.keyvault.get_encrypted_value(key_vault_key_id=azurerm_key_vault_key["test"]["id"],
algorithm="RSA1_5",
plain_text_value="some-encrypted-value")
pulumi.export("id", data["azurerm_key_vault_encrypted_value"]["example"]["encrypted_data"])
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleKeyVault = azure.keyvault.getKeyVault({
name: "mykeyvault",
resourceGroupName: "some-resource-group",
});
const exampleKey = exampleKeyVault.then(exampleKeyVault => azure.keyvault.getKey({
name: "some-key",
keyVaultId: exampleKeyVault.id,
}));
const encrypted = azure.keyvault.getEncryptedValue({
keyVaultKeyId: azurerm_key_vault_key.test.id,
algorithm: "RSA1_5",
plainTextValue: "some-encrypted-value",
});
export const id = data.azurerm_key_vault_encrypted_value.example.encrypted_data;
variables:
exampleKeyVault:
fn::invoke:
Function: azure:keyvault:getKeyVault
Arguments:
name: mykeyvault
resourceGroupName: some-resource-group
exampleKey:
fn::invoke:
Function: azure:keyvault:getKey
Arguments:
name: some-key
keyVaultId: ${exampleKeyVault.id}
encrypted:
fn::invoke:
Function: azure:keyvault:getEncryptedValue
Arguments:
keyVaultKeyId: ${azurerm_key_vault_key.test.id}
algorithm: RSA1_5
plainTextValue: some-encrypted-value
outputs:
id: ${data.azurerm_key_vault_encrypted_value.example.encrypted_data}
Using getEncryptedValue
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getEncryptedValue(args: GetEncryptedValueArgs, opts?: InvokeOptions): Promise<GetEncryptedValueResult>
function getEncryptedValueOutput(args: GetEncryptedValueOutputArgs, opts?: InvokeOptions): Output<GetEncryptedValueResult>
def get_encrypted_value(algorithm: Optional[str] = None,
encrypted_data: Optional[str] = None,
key_vault_key_id: Optional[str] = None,
plain_text_value: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetEncryptedValueResult
def get_encrypted_value_output(algorithm: Optional[pulumi.Input[str]] = None,
encrypted_data: Optional[pulumi.Input[str]] = None,
key_vault_key_id: Optional[pulumi.Input[str]] = None,
plain_text_value: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetEncryptedValueResult]
func GetEncryptedValue(ctx *Context, args *GetEncryptedValueArgs, opts ...InvokeOption) (*GetEncryptedValueResult, error)
func GetEncryptedValueOutput(ctx *Context, args *GetEncryptedValueOutputArgs, opts ...InvokeOption) GetEncryptedValueResultOutput
> Note: This function is named GetEncryptedValue
in the Go SDK.
public static class GetEncryptedValue
{
public static Task<GetEncryptedValueResult> InvokeAsync(GetEncryptedValueArgs args, InvokeOptions? opts = null)
public static Output<GetEncryptedValueResult> Invoke(GetEncryptedValueInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetEncryptedValueResult> getEncryptedValue(GetEncryptedValueArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure:keyvault/getEncryptedValue:getEncryptedValue
arguments:
# arguments dictionary
The following arguments are supported:
- Algorithm string
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- Key
Vault stringKey Id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- Encrypted
Data string The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- Plain
Text stringValue The plain-text value which should be Encrypted into
encrypted_data
.
- Algorithm string
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- Key
Vault stringKey Id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- Encrypted
Data string The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- Plain
Text stringValue The plain-text value which should be Encrypted into
encrypted_data
.
- algorithm String
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- key
Vault StringKey Id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- encrypted
Data String The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- plain
Text StringValue The plain-text value which should be Encrypted into
encrypted_data
.
- algorithm string
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- key
Vault stringKey Id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- encrypted
Data string The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- plain
Text stringValue The plain-text value which should be Encrypted into
encrypted_data
.
- algorithm str
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- key_
vault_ strkey_ id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- encrypted_
data str The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- plain_
text_ strvalue The plain-text value which should be Encrypted into
encrypted_data
.
- algorithm String
The Algorithm which should be used to Decrypt/Encrypt this Value. Possible values are
RSA1_5
,RSA-OAEP
andRSA-OAEP-256
.- key
Vault StringKey Id The ID of the Key Vault Key which should be used to Decrypt/Encrypt this Value.
- encrypted
Data String The Base64 URL Encoded Encrypted Data which should be decrypted into
plain_text_value
.- plain
Text StringValue The plain-text value which should be Encrypted into
encrypted_data
.
getEncryptedValue Result
The following output properties are available:
- Algorithm string
- Id string
The provider-assigned unique ID for this managed resource.
- Key
Vault stringKey Id - Encrypted
Data string - Plain
Text stringValue
- Algorithm string
- Id string
The provider-assigned unique ID for this managed resource.
- Key
Vault stringKey Id - Encrypted
Data string - Plain
Text stringValue
- algorithm String
- id String
The provider-assigned unique ID for this managed resource.
- key
Vault StringKey Id - encrypted
Data String - plain
Text StringValue
- algorithm string
- id string
The provider-assigned unique ID for this managed resource.
- key
Vault stringKey Id - encrypted
Data string - plain
Text stringValue
- algorithm str
- id str
The provider-assigned unique ID for this managed resource.
- key_
vault_ strkey_ id - encrypted_
data str - plain_
text_ strvalue
- algorithm String
- id String
The provider-assigned unique ID for this managed resource.
- key
Vault StringKey Id - encrypted
Data String - plain
Text StringValue
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurerm
Terraform Provider.