1. Packages
  2. Azure Classic
  3. API Docs
  4. keyvault
  5. getKeyVault

We recommend using Azure Native.

Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi

azure.keyvault.getKeyVault

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi

    Use this data source to access information about an existing Key Vault.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const example = azure.keyvault.getKeyVault({
        name: "mykeyvault",
        resourceGroupName: "some-resource-group",
    });
    export const vaultUri = example.then(example => example.vaultUri);
    
    import pulumi
    import pulumi_azure as azure
    
    example = azure.keyvault.get_key_vault(name="mykeyvault",
        resource_group_name="some-resource-group")
    pulumi.export("vaultUri", example.vault_uri)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{
    			Name:              "mykeyvault",
    			ResourceGroupName: "some-resource-group",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("vaultUri", example.VaultUri)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Azure.KeyVault.GetKeyVault.Invoke(new()
        {
            Name = "mykeyvault",
            ResourceGroupName = "some-resource-group",
        });
    
        return new Dictionary<string, object?>
        {
            ["vaultUri"] = example.Apply(getKeyVaultResult => getKeyVaultResult.VaultUri),
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.keyvault.KeyvaultFunctions;
    import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()
                .name("mykeyvault")
                .resourceGroupName("some-resource-group")
                .build());
    
            ctx.export("vaultUri", example.applyValue(getKeyVaultResult -> getKeyVaultResult.vaultUri()));
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: azure:keyvault:getKeyVault
          Arguments:
            name: mykeyvault
            resourceGroupName: some-resource-group
    outputs:
      vaultUri: ${example.vaultUri}
    

    Using getKeyVault

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getKeyVault(args: GetKeyVaultArgs, opts?: InvokeOptions): Promise<GetKeyVaultResult>
    function getKeyVaultOutput(args: GetKeyVaultOutputArgs, opts?: InvokeOptions): Output<GetKeyVaultResult>
    def get_key_vault(name: Optional[str] = None,
                      resource_group_name: Optional[str] = None,
                      opts: Optional[InvokeOptions] = None) -> GetKeyVaultResult
    def get_key_vault_output(name: Optional[pulumi.Input[str]] = None,
                      resource_group_name: Optional[pulumi.Input[str]] = None,
                      opts: Optional[InvokeOptions] = None) -> Output[GetKeyVaultResult]
    func LookupKeyVault(ctx *Context, args *LookupKeyVaultArgs, opts ...InvokeOption) (*LookupKeyVaultResult, error)
    func LookupKeyVaultOutput(ctx *Context, args *LookupKeyVaultOutputArgs, opts ...InvokeOption) LookupKeyVaultResultOutput

    > Note: This function is named LookupKeyVault in the Go SDK.

    public static class GetKeyVault 
    {
        public static Task<GetKeyVaultResult> InvokeAsync(GetKeyVaultArgs args, InvokeOptions? opts = null)
        public static Output<GetKeyVaultResult> Invoke(GetKeyVaultInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetKeyVaultResult> getKeyVault(GetKeyVaultArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: azure:keyvault/getKeyVault:getKeyVault
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Name string
    Specifies the name of the Key Vault.
    ResourceGroupName string
    The name of the Resource Group in which the Key Vault exists.
    Name string
    Specifies the name of the Key Vault.
    ResourceGroupName string
    The name of the Resource Group in which the Key Vault exists.
    name String
    Specifies the name of the Key Vault.
    resourceGroupName String
    The name of the Resource Group in which the Key Vault exists.
    name string
    Specifies the name of the Key Vault.
    resourceGroupName string
    The name of the Resource Group in which the Key Vault exists.
    name str
    Specifies the name of the Key Vault.
    resource_group_name str
    The name of the Resource Group in which the Key Vault exists.
    name String
    Specifies the name of the Key Vault.
    resourceGroupName String
    The name of the Resource Group in which the Key Vault exists.

    getKeyVault Result

    The following output properties are available:

    AccessPolicies List<GetKeyVaultAccessPolicy>
    One or more access_policy blocks as defined below.
    EnableRbacAuthorization bool
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    EnabledForDeployment bool
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    EnabledForDiskEncryption bool
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    EnabledForTemplateDeployment bool
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    Id string
    The provider-assigned unique ID for this managed resource.
    Location string
    The Azure Region in which the Key Vault exists.
    Name string
    NetworkAcls List<GetKeyVaultNetworkAcl>
    PublicNetworkAccessEnabled bool
    Is public network access enabled on this Key Vault?
    PurgeProtectionEnabled bool
    Is purge protection enabled on this Key Vault?
    ResourceGroupName string
    SkuName string
    The Name of the SKU used for this Key Vault.
    Tags Dictionary<string, string>
    A mapping of tags assigned to the Key Vault.
    TenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    VaultUri string
    The URI of the vault for performing operations on keys and secrets.
    AccessPolicies []GetKeyVaultAccessPolicy
    One or more access_policy blocks as defined below.
    EnableRbacAuthorization bool
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    EnabledForDeployment bool
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    EnabledForDiskEncryption bool
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    EnabledForTemplateDeployment bool
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    Id string
    The provider-assigned unique ID for this managed resource.
    Location string
    The Azure Region in which the Key Vault exists.
    Name string
    NetworkAcls []GetKeyVaultNetworkAcl
    PublicNetworkAccessEnabled bool
    Is public network access enabled on this Key Vault?
    PurgeProtectionEnabled bool
    Is purge protection enabled on this Key Vault?
    ResourceGroupName string
    SkuName string
    The Name of the SKU used for this Key Vault.
    Tags map[string]string
    A mapping of tags assigned to the Key Vault.
    TenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    VaultUri string
    The URI of the vault for performing operations on keys and secrets.
    accessPolicies List<GetKeyVaultAccessPolicy>
    One or more access_policy blocks as defined below.
    enableRbacAuthorization Boolean
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    enabledForDeployment Boolean
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    enabledForDiskEncryption Boolean
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    enabledForTemplateDeployment Boolean
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    id String
    The provider-assigned unique ID for this managed resource.
    location String
    The Azure Region in which the Key Vault exists.
    name String
    networkAcls List<GetKeyVaultNetworkAcl>
    publicNetworkAccessEnabled Boolean
    Is public network access enabled on this Key Vault?
    purgeProtectionEnabled Boolean
    Is purge protection enabled on this Key Vault?
    resourceGroupName String
    skuName String
    The Name of the SKU used for this Key Vault.
    tags Map<String,String>
    A mapping of tags assigned to the Key Vault.
    tenantId String
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    vaultUri String
    The URI of the vault for performing operations on keys and secrets.
    accessPolicies GetKeyVaultAccessPolicy[]
    One or more access_policy blocks as defined below.
    enableRbacAuthorization boolean
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    enabledForDeployment boolean
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    enabledForDiskEncryption boolean
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    enabledForTemplateDeployment boolean
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    id string
    The provider-assigned unique ID for this managed resource.
    location string
    The Azure Region in which the Key Vault exists.
    name string
    networkAcls GetKeyVaultNetworkAcl[]
    publicNetworkAccessEnabled boolean
    Is public network access enabled on this Key Vault?
    purgeProtectionEnabled boolean
    Is purge protection enabled on this Key Vault?
    resourceGroupName string
    skuName string
    The Name of the SKU used for this Key Vault.
    tags {[key: string]: string}
    A mapping of tags assigned to the Key Vault.
    tenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    vaultUri string
    The URI of the vault for performing operations on keys and secrets.
    access_policies Sequence[GetKeyVaultAccessPolicy]
    One or more access_policy blocks as defined below.
    enable_rbac_authorization bool
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    enabled_for_deployment bool
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    enabled_for_disk_encryption bool
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    enabled_for_template_deployment bool
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    id str
    The provider-assigned unique ID for this managed resource.
    location str
    The Azure Region in which the Key Vault exists.
    name str
    network_acls Sequence[GetKeyVaultNetworkAcl]
    public_network_access_enabled bool
    Is public network access enabled on this Key Vault?
    purge_protection_enabled bool
    Is purge protection enabled on this Key Vault?
    resource_group_name str
    sku_name str
    The Name of the SKU used for this Key Vault.
    tags Mapping[str, str]
    A mapping of tags assigned to the Key Vault.
    tenant_id str
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    vault_uri str
    The URI of the vault for performing operations on keys and secrets.
    accessPolicies List<Property Map>
    One or more access_policy blocks as defined below.
    enableRbacAuthorization Boolean
    Is Role Based Access Control (RBAC) for authorization of data actions enabled on this Key Vault?
    enabledForDeployment Boolean
    Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
    enabledForDiskEncryption Boolean
    Can Azure Disk Encryption retrieve secrets from the Key Vault?
    enabledForTemplateDeployment Boolean
    Can Azure Resource Manager retrieve secrets from the Key Vault?
    id String
    The provider-assigned unique ID for this managed resource.
    location String
    The Azure Region in which the Key Vault exists.
    name String
    networkAcls List<Property Map>
    publicNetworkAccessEnabled Boolean
    Is public network access enabled on this Key Vault?
    purgeProtectionEnabled Boolean
    Is purge protection enabled on this Key Vault?
    resourceGroupName String
    skuName String
    The Name of the SKU used for this Key Vault.
    tags Map<String>
    A mapping of tags assigned to the Key Vault.
    tenantId String
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    vaultUri String
    The URI of the vault for performing operations on keys and secrets.

    Supporting Types

    GetKeyVaultAccessPolicy

    ApplicationId string
    The Object ID of a Azure Active Directory Application.
    CertificatePermissions List<string>
    A list of certificate permissions applicable to this Access Policy.
    KeyPermissions List<string>
    A list of key permissions applicable to this Access Policy.
    ObjectId string
    An Object ID of a User, Service Principal or Security Group.
    SecretPermissions List<string>
    A list of secret permissions applicable to this Access Policy.
    StoragePermissions List<string>
    A list of storage permissions applicable to this Access Policy.
    TenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    ApplicationId string
    The Object ID of a Azure Active Directory Application.
    CertificatePermissions []string
    A list of certificate permissions applicable to this Access Policy.
    KeyPermissions []string
    A list of key permissions applicable to this Access Policy.
    ObjectId string
    An Object ID of a User, Service Principal or Security Group.
    SecretPermissions []string
    A list of secret permissions applicable to this Access Policy.
    StoragePermissions []string
    A list of storage permissions applicable to this Access Policy.
    TenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    applicationId String
    The Object ID of a Azure Active Directory Application.
    certificatePermissions List<String>
    A list of certificate permissions applicable to this Access Policy.
    keyPermissions List<String>
    A list of key permissions applicable to this Access Policy.
    objectId String
    An Object ID of a User, Service Principal or Security Group.
    secretPermissions List<String>
    A list of secret permissions applicable to this Access Policy.
    storagePermissions List<String>
    A list of storage permissions applicable to this Access Policy.
    tenantId String
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    applicationId string
    The Object ID of a Azure Active Directory Application.
    certificatePermissions string[]
    A list of certificate permissions applicable to this Access Policy.
    keyPermissions string[]
    A list of key permissions applicable to this Access Policy.
    objectId string
    An Object ID of a User, Service Principal or Security Group.
    secretPermissions string[]
    A list of secret permissions applicable to this Access Policy.
    storagePermissions string[]
    A list of storage permissions applicable to this Access Policy.
    tenantId string
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    application_id str
    The Object ID of a Azure Active Directory Application.
    certificate_permissions Sequence[str]
    A list of certificate permissions applicable to this Access Policy.
    key_permissions Sequence[str]
    A list of key permissions applicable to this Access Policy.
    object_id str
    An Object ID of a User, Service Principal or Security Group.
    secret_permissions Sequence[str]
    A list of secret permissions applicable to this Access Policy.
    storage_permissions Sequence[str]
    A list of storage permissions applicable to this Access Policy.
    tenant_id str
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
    applicationId String
    The Object ID of a Azure Active Directory Application.
    certificatePermissions List<String>
    A list of certificate permissions applicable to this Access Policy.
    keyPermissions List<String>
    A list of key permissions applicable to this Access Policy.
    objectId String
    An Object ID of a User, Service Principal or Security Group.
    secretPermissions List<String>
    A list of secret permissions applicable to this Access Policy.
    storagePermissions List<String>
    A list of storage permissions applicable to this Access Policy.
    tenantId String
    The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.

    GetKeyVaultNetworkAcl

    Bypass string
    DefaultAction string
    IpRules List<string>
    VirtualNetworkSubnetIds List<string>
    bypass String
    defaultAction String
    ipRules List<String>
    virtualNetworkSubnetIds List<String>
    bypass str
    default_action str
    ip_rules Sequence[str]
    virtual_network_subnet_ids Sequence[str]
    bypass String
    defaultAction String
    ipRules List<String>
    virtualNetworkSubnetIds List<String>

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi