Azure Classic

Pulumi Official
Package maintained by Pulumi
v5.6.0 published on Friday, May 20, 2022 by Pulumi

getKeyVault

Use this data source to access information about an existing Key Vault.

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
    public MyStack()
    {
        var example = Output.Create(Azure.KeyVault.GetKeyVault.InvokeAsync(new Azure.KeyVault.GetKeyVaultArgs
        {
            Name = "mykeyvault",
            ResourceGroupName = "some-resource-group",
        }));
        this.VaultUri = example.Apply(example => example.VaultUri);
    }

    [Output("vaultUri")]
    public Output<string> VaultUri { get; set; }
}
package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
			Name:              "mykeyvault",
			ResourceGroupName: "some-resource-group",
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("vaultUri", example.VaultUri)
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = Output.of(KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
            .name("mykeyvault")
            .resourceGroupName("some-resource-group")
            .build()));

        ctx.export("vaultUri", example.apply(getKeyVaultResult -> getKeyVaultResult.getVaultUri()));
        }
}
import pulumi
import pulumi_azure as azure

example = azure.keyvault.get_key_vault(name="mykeyvault",
    resource_group_name="some-resource-group")
pulumi.export("vaultUri", example.vault_uri)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = azure.keyvault.getKeyVault({
    name: "mykeyvault",
    resourceGroupName: "some-resource-group",
});
export const vaultUri = example.then(example => example.vaultUri);
variables:
  example:
    Fn::Invoke:
      Function: azure:keyvault:getKeyVault
      Arguments:
        name: mykeyvault
        resourceGroupName: some-resource-group
outputs:
  vaultUri: ${example.vaultUri}

Using getKeyVault

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getKeyVault(args: GetKeyVaultArgs, opts?: InvokeOptions): Promise<GetKeyVaultResult>
function getKeyVaultOutput(args: GetKeyVaultOutputArgs, opts?: InvokeOptions): Output<GetKeyVaultResult>
def get_key_vault(name: Optional[str] = None,
                  resource_group_name: Optional[str] = None,
                  opts: Optional[InvokeOptions] = None) -> GetKeyVaultResult
def get_key_vault_output(name: Optional[pulumi.Input[str]] = None,
                  resource_group_name: Optional[pulumi.Input[str]] = None,
                  opts: Optional[InvokeOptions] = None) -> Output[GetKeyVaultResult]
func LookupKeyVault(ctx *Context, args *LookupKeyVaultArgs, opts ...InvokeOption) (*LookupKeyVaultResult, error)
func LookupKeyVaultOutput(ctx *Context, args *LookupKeyVaultOutputArgs, opts ...InvokeOption) LookupKeyVaultResultOutput

> Note: This function is named LookupKeyVault in the Go SDK.

public static class GetKeyVault 
{
    public static Task<GetKeyVaultResult> InvokeAsync(GetKeyVaultArgs args, InvokeOptions? opts = null)
    public static Output<GetKeyVaultResult> Invoke(GetKeyVaultInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetKeyVaultResult> getKeyVault(GetKeyVaultArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
  Function: azure:keyvault/getKeyVault:getKeyVault
  Arguments:
    # Arguments dictionary

The following arguments are supported:

Name string

Specifies the name of the Key Vault.

ResourceGroupName string

The name of the Resource Group in which the Key Vault exists.

Name string

Specifies the name of the Key Vault.

ResourceGroupName string

The name of the Resource Group in which the Key Vault exists.

name String

Specifies the name of the Key Vault.

resourceGroupName String

The name of the Resource Group in which the Key Vault exists.

name string

Specifies the name of the Key Vault.

resourceGroupName string

The name of the Resource Group in which the Key Vault exists.

name str

Specifies the name of the Key Vault.

resource_group_name str

The name of the Resource Group in which the Key Vault exists.

name String

Specifies the name of the Key Vault.

resourceGroupName String

The name of the Resource Group in which the Key Vault exists.

getKeyVault Result

The following output properties are available:

AccessPolicies List<GetKeyVaultAccessPolicy>

One or more access_policy blocks as defined below.

EnableRbacAuthorization bool

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

EnabledForDeployment bool

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

EnabledForDiskEncryption bool

Can Azure Disk Encryption retrieve secrets from the Key Vault?

EnabledForTemplateDeployment bool

Can Azure Resource Manager retrieve secrets from the Key Vault?

Id string

The provider-assigned unique ID for this managed resource.

Location string

The Azure Region in which the Key Vault exists.

Name string
NetworkAcls List<GetKeyVaultNetworkAcl>
PurgeProtectionEnabled bool

Is purge protection enabled on this Key Vault?

ResourceGroupName string
SkuName string

The Name of the SKU used for this Key Vault.

Tags Dictionary<string, string>

A mapping of tags assigned to the Key Vault.

TenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

VaultUri string

The URI of the vault for performing operations on keys and secrets.

AccessPolicies []GetKeyVaultAccessPolicy

One or more access_policy blocks as defined below.

EnableRbacAuthorization bool

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

EnabledForDeployment bool

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

EnabledForDiskEncryption bool

Can Azure Disk Encryption retrieve secrets from the Key Vault?

EnabledForTemplateDeployment bool

Can Azure Resource Manager retrieve secrets from the Key Vault?

Id string

The provider-assigned unique ID for this managed resource.

Location string

The Azure Region in which the Key Vault exists.

Name string
NetworkAcls []GetKeyVaultNetworkAcl
PurgeProtectionEnabled bool

Is purge protection enabled on this Key Vault?

ResourceGroupName string
SkuName string

The Name of the SKU used for this Key Vault.

Tags map[string]string

A mapping of tags assigned to the Key Vault.

TenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

VaultUri string

The URI of the vault for performing operations on keys and secrets.

accessPolicies ListKeyVaultAccessPolicy>

One or more access_policy blocks as defined below.

enableRbacAuthorization Boolean

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

enabledForDeployment Boolean

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

enabledForDiskEncryption Boolean

Can Azure Disk Encryption retrieve secrets from the Key Vault?

enabledForTemplateDeployment Boolean

Can Azure Resource Manager retrieve secrets from the Key Vault?

id String

The provider-assigned unique ID for this managed resource.

location String

The Azure Region in which the Key Vault exists.

name String
networkAcls ListKeyVaultNetworkAcl>
purgeProtectionEnabled Boolean

Is purge protection enabled on this Key Vault?

resourceGroupName String
skuName String

The Name of the SKU used for this Key Vault.

tags Map

A mapping of tags assigned to the Key Vault.

tenantId String

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

vaultUri String

The URI of the vault for performing operations on keys and secrets.

accessPolicies GetKeyVaultAccessPolicy[]

One or more access_policy blocks as defined below.

enableRbacAuthorization boolean

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

enabledForDeployment boolean

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

enabledForDiskEncryption boolean

Can Azure Disk Encryption retrieve secrets from the Key Vault?

enabledForTemplateDeployment boolean

Can Azure Resource Manager retrieve secrets from the Key Vault?

id string

The provider-assigned unique ID for this managed resource.

location string

The Azure Region in which the Key Vault exists.

name string
networkAcls GetKeyVaultNetworkAcl[]
purgeProtectionEnabled boolean

Is purge protection enabled on this Key Vault?

resourceGroupName string
skuName string

The Name of the SKU used for this Key Vault.

tags {[key: string]: string}

A mapping of tags assigned to the Key Vault.

tenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

vaultUri string

The URI of the vault for performing operations on keys and secrets.

access_policies Sequence[GetKeyVaultAccessPolicy]

One or more access_policy blocks as defined below.

enable_rbac_authorization bool

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

enabled_for_deployment bool

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

enabled_for_disk_encryption bool

Can Azure Disk Encryption retrieve secrets from the Key Vault?

enabled_for_template_deployment bool

Can Azure Resource Manager retrieve secrets from the Key Vault?

id str

The provider-assigned unique ID for this managed resource.

location str

The Azure Region in which the Key Vault exists.

name str
network_acls Sequence[GetKeyVaultNetworkAcl]
purge_protection_enabled bool

Is purge protection enabled on this Key Vault?

resource_group_name str
sku_name str

The Name of the SKU used for this Key Vault.

tags Mapping[str, str]

A mapping of tags assigned to the Key Vault.

tenant_id str

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

vault_uri str

The URI of the vault for performing operations on keys and secrets.

accessPolicies List

One or more access_policy blocks as defined below.

enableRbacAuthorization Boolean

Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?

enabledForDeployment Boolean

Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?

enabledForDiskEncryption Boolean

Can Azure Disk Encryption retrieve secrets from the Key Vault?

enabledForTemplateDeployment Boolean

Can Azure Resource Manager retrieve secrets from the Key Vault?

id String

The provider-assigned unique ID for this managed resource.

location String

The Azure Region in which the Key Vault exists.

name String
networkAcls List
purgeProtectionEnabled Boolean

Is purge protection enabled on this Key Vault?

resourceGroupName String
skuName String

The Name of the SKU used for this Key Vault.

tags Map

A mapping of tags assigned to the Key Vault.

tenantId String

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

vaultUri String

The URI of the vault for performing operations on keys and secrets.

Supporting Types

GetKeyVaultAccessPolicy

ApplicationId string

The Object ID of a Azure Active Directory Application.

CertificatePermissions List<string>

A list of certificate permissions applicable to this Access Policy.

KeyPermissions List<string>

A list of key permissions applicable to this Access Policy.

ObjectId string

An Object ID of a User, Service Principal or Security Group.

SecretPermissions List<string>

A list of secret permissions applicable to this Access Policy.

StoragePermissions List<string>

A list of storage permissions applicable to this Access Policy.

TenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

ApplicationId string

The Object ID of a Azure Active Directory Application.

CertificatePermissions []string

A list of certificate permissions applicable to this Access Policy.

KeyPermissions []string

A list of key permissions applicable to this Access Policy.

ObjectId string

An Object ID of a User, Service Principal or Security Group.

SecretPermissions []string

A list of secret permissions applicable to this Access Policy.

StoragePermissions []string

A list of storage permissions applicable to this Access Policy.

TenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

applicationId String

The Object ID of a Azure Active Directory Application.

certificatePermissions List

A list of certificate permissions applicable to this Access Policy.

keyPermissions List

A list of key permissions applicable to this Access Policy.

objectId String

An Object ID of a User, Service Principal or Security Group.

secretPermissions List

A list of secret permissions applicable to this Access Policy.

storagePermissions List

A list of storage permissions applicable to this Access Policy.

tenantId String

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

applicationId string

The Object ID of a Azure Active Directory Application.

certificatePermissions string[]

A list of certificate permissions applicable to this Access Policy.

keyPermissions string[]

A list of key permissions applicable to this Access Policy.

objectId string

An Object ID of a User, Service Principal or Security Group.

secretPermissions string[]

A list of secret permissions applicable to this Access Policy.

storagePermissions string[]

A list of storage permissions applicable to this Access Policy.

tenantId string

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

application_id str

The Object ID of a Azure Active Directory Application.

certificate_permissions Sequence[str]

A list of certificate permissions applicable to this Access Policy.

key_permissions Sequence[str]

A list of key permissions applicable to this Access Policy.

object_id str

An Object ID of a User, Service Principal or Security Group.

secret_permissions Sequence[str]

A list of secret permissions applicable to this Access Policy.

storage_permissions Sequence[str]

A list of storage permissions applicable to this Access Policy.

tenant_id str

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

applicationId String

The Object ID of a Azure Active Directory Application.

certificatePermissions List

A list of certificate permissions applicable to this Access Policy.

keyPermissions List

A list of key permissions applicable to this Access Policy.

objectId String

An Object ID of a User, Service Principal or Security Group.

secretPermissions List

A list of secret permissions applicable to this Access Policy.

storagePermissions List

A list of storage permissions applicable to this Access Policy.

tenantId String

The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

GetKeyVaultNetworkAcl

Bypass string
DefaultAction string
IpRules List<string>
VirtualNetworkSubnetIds List<string>
bypass str
default_action str
ip_rules Sequence[str]
virtual_network_subnet_ids Sequence[str]

Package Details

Repository
https://github.com/pulumi/pulumi-azure
License
Apache-2.0
Notes

This Pulumi package is based on the azurerm Terraform Provider.