Docs
PackagesWe recommend using Azure Native.
azure.keyvault.getKeyVault
Explore with Pulumi AI
Use this data source to access information about an existing Key Vault.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.KeyVault.GetKeyVault.Invoke(new()
{
Name = "mykeyvault",
ResourceGroupName = "some-resource-group",
});
return new Dictionary<string, object?>
{
["vaultUri"] = example.Apply(getKeyVaultResult => getKeyVaultResult.VaultUri),
};
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
Name: "mykeyvault",
ResourceGroupName: "some-resource-group",
}, nil)
if err != nil {
return err
}
ctx.Export("vaultUri", example.VaultUri)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
.name("mykeyvault")
.resourceGroupName("some-resource-group")
.build());
ctx.export("vaultUri", example.applyValue(getKeyVaultResult -> getKeyVaultResult.vaultUri()));
}
}
import pulumi
import pulumi_azure as azure
example = azure.keyvault.get_key_vault(name="mykeyvault",
resource_group_name="some-resource-group")
pulumi.export("vaultUri", example.vault_uri)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.keyvault.getKeyVault({
name: "mykeyvault",
resourceGroupName: "some-resource-group",
});
export const vaultUri = example.then(example => example.vaultUri);
variables:
example:
fn::invoke:
Function: azure:keyvault:getKeyVault
Arguments:
name: mykeyvault
resourceGroupName: some-resource-group
outputs:
vaultUri: ${example.vaultUri}
Using getKeyVault
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getKeyVault(args: GetKeyVaultArgs, opts?: InvokeOptions): Promise<GetKeyVaultResult>
function getKeyVaultOutput(args: GetKeyVaultOutputArgs, opts?: InvokeOptions): Output<GetKeyVaultResult>def get_key_vault(name: Optional[str] = None,
resource_group_name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetKeyVaultResult
def get_key_vault_output(name: Optional[pulumi.Input[str]] = None,
resource_group_name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetKeyVaultResult]func LookupKeyVault(ctx *Context, args *LookupKeyVaultArgs, opts ...InvokeOption) (*LookupKeyVaultResult, error)
func LookupKeyVaultOutput(ctx *Context, args *LookupKeyVaultOutputArgs, opts ...InvokeOption) LookupKeyVaultResultOutput> Note: This function is named LookupKeyVault in the Go SDK.
public static class GetKeyVault
{
public static Task<GetKeyVaultResult> InvokeAsync(GetKeyVaultArgs args, InvokeOptions? opts = null)
public static Output<GetKeyVaultResult> Invoke(GetKeyVaultInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetKeyVaultResult> getKeyVault(GetKeyVaultArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: azure:keyvault/getKeyVault:getKeyVault
arguments:
# arguments dictionaryThe following arguments are supported:
- Name string
Specifies the name of the Key Vault.
- Resource
Group stringName The name of the Resource Group in which the Key Vault exists.
- Name string
Specifies the name of the Key Vault.
- Resource
Group stringName The name of the Resource Group in which the Key Vault exists.
- name String
Specifies the name of the Key Vault.
- resource
Group StringName The name of the Resource Group in which the Key Vault exists.
- name string
Specifies the name of the Key Vault.
- resource
Group stringName The name of the Resource Group in which the Key Vault exists.
- name str
Specifies the name of the Key Vault.
- resource_
group_ strname The name of the Resource Group in which the Key Vault exists.
- name String
Specifies the name of the Key Vault.
- resource
Group StringName The name of the Resource Group in which the Key Vault exists.
getKeyVault Result
The following output properties are available:
- Access
Policies List<GetKey Vault Access Policy> One or more
access_policyblocks as defined below.- bool
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- Enabled
For boolDeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- Enabled
For boolDisk Encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- Enabled
For boolTemplate Deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- Id string
The provider-assigned unique ID for this managed resource.
- Location string
The Azure Region in which the Key Vault exists.
- Name string
- Network
Acls List<GetKey Vault Network Acl> - Public
Network boolAccess Enabled Is public network access enabled on this Key Vault?
- Purge
Protection boolEnabled Is purge protection enabled on this Key Vault?
- Resource
Group stringName - Sku
Name string The Name of the SKU used for this Key Vault.
- Dictionary<string, string>
A mapping of tags assigned to the Key Vault.
- Tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- Vault
Uri string The URI of the vault for performing operations on keys and secrets.
- Access
Policies []GetKey Vault Access Policy One or more
access_policyblocks as defined below.- bool
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- Enabled
For boolDeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- Enabled
For boolDisk Encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- Enabled
For boolTemplate Deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- Id string
The provider-assigned unique ID for this managed resource.
- Location string
The Azure Region in which the Key Vault exists.
- Name string
- Network
Acls []GetKey Vault Network Acl - Public
Network boolAccess Enabled Is public network access enabled on this Key Vault?
- Purge
Protection boolEnabled Is purge protection enabled on this Key Vault?
- Resource
Group stringName - Sku
Name string The Name of the SKU used for this Key Vault.
- map[string]string
A mapping of tags assigned to the Key Vault.
- Tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- Vault
Uri string The URI of the vault for performing operations on keys and secrets.
- access
Policies List<GetKey Vault Access Policy> One or more
access_policyblocks as defined below.- Boolean
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- enabled
For BooleanDeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- enabled
For BooleanDisk Encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- enabled
For BooleanTemplate Deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- id String
The provider-assigned unique ID for this managed resource.
- location String
The Azure Region in which the Key Vault exists.
- name String
- network
Acls List<GetKey Vault Network Acl> - public
Network BooleanAccess Enabled Is public network access enabled on this Key Vault?
- purge
Protection BooleanEnabled Is purge protection enabled on this Key Vault?
- resource
Group StringName - sku
Name String The Name of the SKU used for this Key Vault.
- Map<String,String>
A mapping of tags assigned to the Key Vault.
- tenant
Id String The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- vault
Uri String The URI of the vault for performing operations on keys and secrets.
- access
Policies GetKey Vault Access Policy[] One or more
access_policyblocks as defined below.- boolean
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- enabled
For booleanDeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- enabled
For booleanDisk Encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- enabled
For booleanTemplate Deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- id string
The provider-assigned unique ID for this managed resource.
- location string
The Azure Region in which the Key Vault exists.
- name string
- network
Acls GetKey Vault Network Acl[] - public
Network booleanAccess Enabled Is public network access enabled on this Key Vault?
- purge
Protection booleanEnabled Is purge protection enabled on this Key Vault?
- resource
Group stringName - sku
Name string The Name of the SKU used for this Key Vault.
- {[key: string]: string}
A mapping of tags assigned to the Key Vault.
- tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- vault
Uri string The URI of the vault for performing operations on keys and secrets.
- access_
policies Sequence[GetKey Vault Access Policy] One or more
access_policyblocks as defined below.- bool
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- enabled_
for_ booldeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- enabled_
for_ booldisk_ encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- enabled_
for_ booltemplate_ deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- id str
The provider-assigned unique ID for this managed resource.
- location str
The Azure Region in which the Key Vault exists.
- name str
- network_
acls Sequence[GetKey Vault Network Acl] - public_
network_ boolaccess_ enabled Is public network access enabled on this Key Vault?
- purge_
protection_ boolenabled Is purge protection enabled on this Key Vault?
- resource_
group_ strname - sku_
name str The Name of the SKU used for this Key Vault.
- Mapping[str, str]
A mapping of tags assigned to the Key Vault.
- tenant_
id str The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- vault_
uri str The URI of the vault for performing operations on keys and secrets.
- access
Policies List<Property Map> One or more
access_policyblocks as defined below.- Boolean
Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
- enabled
For BooleanDeployment Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
- enabled
For BooleanDisk Encryption Can Azure Disk Encryption retrieve secrets from the Key Vault?
- enabled
For BooleanTemplate Deployment Can Azure Resource Manager retrieve secrets from the Key Vault?
- id String
The provider-assigned unique ID for this managed resource.
- location String
The Azure Region in which the Key Vault exists.
- name String
- network
Acls List<Property Map> - public
Network BooleanAccess Enabled Is public network access enabled on this Key Vault?
- purge
Protection BooleanEnabled Is purge protection enabled on this Key Vault?
- resource
Group StringName - sku
Name String The Name of the SKU used for this Key Vault.
- Map<String>
A mapping of tags assigned to the Key Vault.
- tenant
Id String The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- vault
Uri String The URI of the vault for performing operations on keys and secrets.
Supporting Types
GetKeyVaultAccessPolicy
- Application
Id string The Object ID of a Azure Active Directory Application.
- Certificate
Permissions List<string> A list of certificate permissions applicable to this Access Policy.
- Key
Permissions List<string> A list of key permissions applicable to this Access Policy.
- Object
Id string An Object ID of a User, Service Principal or Security Group.
- Secret
Permissions List<string> A list of secret permissions applicable to this Access Policy.
- Storage
Permissions List<string> A list of storage permissions applicable to this Access Policy.
- Tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- Application
Id string The Object ID of a Azure Active Directory Application.
- Certificate
Permissions []string A list of certificate permissions applicable to this Access Policy.
- Key
Permissions []string A list of key permissions applicable to this Access Policy.
- Object
Id string An Object ID of a User, Service Principal or Security Group.
- Secret
Permissions []string A list of secret permissions applicable to this Access Policy.
- Storage
Permissions []string A list of storage permissions applicable to this Access Policy.
- Tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- application
Id String The Object ID of a Azure Active Directory Application.
- certificate
Permissions List<String> A list of certificate permissions applicable to this Access Policy.
- key
Permissions List<String> A list of key permissions applicable to this Access Policy.
- object
Id String An Object ID of a User, Service Principal or Security Group.
- secret
Permissions List<String> A list of secret permissions applicable to this Access Policy.
- storage
Permissions List<String> A list of storage permissions applicable to this Access Policy.
- tenant
Id String The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- application
Id string The Object ID of a Azure Active Directory Application.
- certificate
Permissions string[] A list of certificate permissions applicable to this Access Policy.
- key
Permissions string[] A list of key permissions applicable to this Access Policy.
- object
Id string An Object ID of a User, Service Principal or Security Group.
- secret
Permissions string[] A list of secret permissions applicable to this Access Policy.
- storage
Permissions string[] A list of storage permissions applicable to this Access Policy.
- tenant
Id string The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- application_
id str The Object ID of a Azure Active Directory Application.
- certificate_
permissions Sequence[str] A list of certificate permissions applicable to this Access Policy.
- key_
permissions Sequence[str] A list of key permissions applicable to this Access Policy.
- object_
id str An Object ID of a User, Service Principal or Security Group.
- secret_
permissions Sequence[str] A list of secret permissions applicable to this Access Policy.
- storage_
permissions Sequence[str] A list of storage permissions applicable to this Access Policy.
- tenant_
id str The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
- application
Id String The Object ID of a Azure Active Directory Application.
- certificate
Permissions List<String> A list of certificate permissions applicable to this Access Policy.
- key
Permissions List<String> A list of key permissions applicable to this Access Policy.
- object
Id String An Object ID of a User, Service Principal or Security Group.
- secret
Permissions List<String> A list of secret permissions applicable to this Access Policy.
- storage
Permissions List<String> A list of storage permissions applicable to this Access Policy.
- tenant
Id String The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
GetKeyVaultNetworkAcl
- Bypass string
- Default
Action string - Ip
Rules List<string> - Virtual
Network List<string>Subnet Ids
- Bypass string
- Default
Action string - Ip
Rules []string - Virtual
Network []stringSubnet Ids
- bypass String
- default
Action String - ip
Rules List<String> - virtual
Network List<String>Subnet Ids
- bypass string
- default
Action string - ip
Rules string[] - virtual
Network string[]Subnet Ids
- bypass str
- default_
action str - ip_
rules Sequence[str] - virtual_
network_ Sequence[str]subnet_ ids
- bypass String
- default
Action String - ip
Rules List<String> - virtual
Network List<String>Subnet Ids
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurermTerraform Provider.