Docs Home
We recommend using Azure Native.
Azure v6.22.0 published on Tuesday, Apr 1, 2025 by Pulumi
azure.keyvault.getManagedHardwareSecurityModuleRoleDefinition
Explore with Pulumi AI
Use this data source to access information about an existing Key Vault Managed Hardware Security Module Role Definition.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.keyvault.getManagedHardwareSecurityModuleRoleDefinition({
managedHsmId: exampleAzurermKeyVaultManagedHardwareSecurityModule.id,
name: "21dbd100-6940-42c2-9190-5d6cb909625b",
});
export const id = example.then(example => example.resourceManagerId);
import pulumi
import pulumi_azure as azure
example = azure.keyvault.get_managed_hardware_security_module_role_definition(managed_hsm_id=example_azurerm_key_vault_managed_hardware_security_module["id"],
name="21dbd100-6940-42c2-9190-5d6cb909625b")
pulumi.export("id", example.resource_manager_id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := keyvault.LookupManagedHardwareSecurityModuleRoleDefinition(ctx, &keyvault.LookupManagedHardwareSecurityModuleRoleDefinitionArgs{
ManagedHsmId: exampleAzurermKeyVaultManagedHardwareSecurityModule.Id,
Name: "21dbd100-6940-42c2-9190-5d6cb909625b",
}, nil)
if err != nil {
return err
}
ctx.Export("id", example.ResourceManagerId)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.KeyVault.GetManagedHardwareSecurityModuleRoleDefinition.Invoke(new()
{
ManagedHsmId = exampleAzurermKeyVaultManagedHardwareSecurityModule.Id,
Name = "21dbd100-6940-42c2-9190-5d6cb909625b",
});
return new Dictionary<string, object?>
{
["id"] = example.Apply(getManagedHardwareSecurityModuleRoleDefinitionResult => getManagedHardwareSecurityModuleRoleDefinitionResult.ResourceManagerId),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.keyvault.KeyvaultFunctions;
import com.pulumi.azure.keyvault.inputs.GetManagedHardwareSecurityModuleRoleDefinitionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = KeyvaultFunctions.getManagedHardwareSecurityModuleRoleDefinition(GetManagedHardwareSecurityModuleRoleDefinitionArgs.builder()
.managedHsmId(exampleAzurermKeyVaultManagedHardwareSecurityModule.id())
.name("21dbd100-6940-42c2-9190-5d6cb909625b")
.build());
ctx.export("id", example.applyValue(getManagedHardwareSecurityModuleRoleDefinitionResult -> getManagedHardwareSecurityModuleRoleDefinitionResult.resourceManagerId()));
}
}
variables:
example:
fn::invoke:
function: azure:keyvault:getManagedHardwareSecurityModuleRoleDefinition
arguments:
managedHsmId: ${exampleAzurermKeyVaultManagedHardwareSecurityModule.id}
name: 21dbd100-6940-42c2-9190-5d6cb909625b
outputs:
id: ${example.resourceManagerId}
Using getManagedHardwareSecurityModuleRoleDefinition
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getManagedHardwareSecurityModuleRoleDefinition(args: GetManagedHardwareSecurityModuleRoleDefinitionArgs, opts?: InvokeOptions): Promise<GetManagedHardwareSecurityModuleRoleDefinitionResult>
function getManagedHardwareSecurityModuleRoleDefinitionOutput(args: GetManagedHardwareSecurityModuleRoleDefinitionOutputArgs, opts?: InvokeOptions): Output<GetManagedHardwareSecurityModuleRoleDefinitionResult>def get_managed_hardware_security_module_role_definition(managed_hsm_id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetManagedHardwareSecurityModuleRoleDefinitionResult
def get_managed_hardware_security_module_role_definition_output(managed_hsm_id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetManagedHardwareSecurityModuleRoleDefinitionResult]func LookupManagedHardwareSecurityModuleRoleDefinition(ctx *Context, args *LookupManagedHardwareSecurityModuleRoleDefinitionArgs, opts ...InvokeOption) (*LookupManagedHardwareSecurityModuleRoleDefinitionResult, error)
func LookupManagedHardwareSecurityModuleRoleDefinitionOutput(ctx *Context, args *LookupManagedHardwareSecurityModuleRoleDefinitionOutputArgs, opts ...InvokeOption) LookupManagedHardwareSecurityModuleRoleDefinitionResultOutput> Note: This function is named LookupManagedHardwareSecurityModuleRoleDefinition in the Go SDK.
public static class GetManagedHardwareSecurityModuleRoleDefinition
{
public static Task<GetManagedHardwareSecurityModuleRoleDefinitionResult> InvokeAsync(GetManagedHardwareSecurityModuleRoleDefinitionArgs args, InvokeOptions? opts = null)
public static Output<GetManagedHardwareSecurityModuleRoleDefinitionResult> Invoke(GetManagedHardwareSecurityModuleRoleDefinitionInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetManagedHardwareSecurityModuleRoleDefinitionResult> getManagedHardwareSecurityModuleRoleDefinition(GetManagedHardwareSecurityModuleRoleDefinitionArgs args, InvokeOptions options)
public static Output<GetManagedHardwareSecurityModuleRoleDefinitionResult> getManagedHardwareSecurityModuleRoleDefinition(GetManagedHardwareSecurityModuleRoleDefinitionArgs args, InvokeOptions options)
fn::invoke:
function: azure:keyvault/getManagedHardwareSecurityModuleRoleDefinition:getManagedHardwareSecurityModuleRoleDefinition
arguments:
# arguments dictionaryThe following arguments are supported:
- Managed
Hsm stringId - The ID of the Key Vault Managed Hardware Security Module.
- Name string
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
- Managed
Hsm stringId - The ID of the Key Vault Managed Hardware Security Module.
- Name string
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
- managed
Hsm StringId - The ID of the Key Vault Managed Hardware Security Module.
- name String
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
- managed
Hsm stringId - The ID of the Key Vault Managed Hardware Security Module.
- name string
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
- managed_
hsm_ strid - The ID of the Key Vault Managed Hardware Security Module.
- name str
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
- managed
Hsm StringId - The ID of the Key Vault Managed Hardware Security Module.
- name String
- The name in UUID notation of this Key Vault Managed Hardware Security Module Role Definition.
getManagedHardwareSecurityModuleRoleDefinition Result
The following output properties are available:
- Assignable
Scopes List<string> - A list of assignable role scopes. Possible values are
/and/keys. - Description string
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- Id string
- The provider-assigned unique ID for this managed resource.
- Managed
Hsm stringId - Name string
- Permissions
List<Get
Managed Hardware Security Module Role Definition Permission> - A
permissionblock as defined below. - Resource
Manager stringId - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- Role
Name string - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- Role
Type string - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
- Assignable
Scopes []string - A list of assignable role scopes. Possible values are
/and/keys. - Description string
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- Id string
- The provider-assigned unique ID for this managed resource.
- Managed
Hsm stringId - Name string
- Permissions
[]Get
Managed Hardware Security Module Role Definition Permission - A
permissionblock as defined below. - Resource
Manager stringId - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- Role
Name string - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- Role
Type string - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
- assignable
Scopes List<String> - A list of assignable role scopes. Possible values are
/and/keys. - description String
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- id String
- The provider-assigned unique ID for this managed resource.
- managed
Hsm StringId - name String
- permissions
List<Get
Managed Hardware Security Module Role Definition Permission> - A
permissionblock as defined below. - resource
Manager StringId - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- role
Name String - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- role
Type String - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
- assignable
Scopes string[] - A list of assignable role scopes. Possible values are
/and/keys. - description string
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- id string
- The provider-assigned unique ID for this managed resource.
- managed
Hsm stringId - name string
- permissions
Get
Managed Hardware Security Module Role Definition Permission[] - A
permissionblock as defined below. - resource
Manager stringId - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- role
Name string - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- role
Type string - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
- assignable_
scopes Sequence[str] - A list of assignable role scopes. Possible values are
/and/keys. - description str
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- id str
- The provider-assigned unique ID for this managed resource.
- managed_
hsm_ strid - name str
- permissions
Sequence[Get
Managed Hardware Security Module Role Definition Permission] - A
permissionblock as defined below. - resource_
manager_ strid - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- role_
name str - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- role_
type str - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
- assignable
Scopes List<String> - A list of assignable role scopes. Possible values are
/and/keys. - description String
- A text description of the Key Vault Managed Hardware Security Module Role Definition.
- id String
- The provider-assigned unique ID for this managed resource.
- managed
Hsm StringId - name String
- permissions List<Property Map>
- A
permissionblock as defined below. - resource
Manager StringId - The ID of the Key Vault Managed Hardware Security Module Role Definition resource without base url.
- role
Name String - The display name of the Key Vault Managed Hardware Security Module Role Definition.
- role
Type String - The type of the Key Vault Managed Hardware Security Module Role Definition. Possible values are
AKVBuiltInRoleandCustomRole.
Supporting Types
GetManagedHardwareSecurityModuleRoleDefinitionPermission
- Actions List<string>
- A list of action permission granted.
- Data
Actions List<string> - A list of data action permission granted.
- Not
Actions List<string> - A list of action permission excluded (but not denied).
- Not
Data List<string>Actions - A list of data action permission granted.
- Actions []string
- A list of action permission granted.
- Data
Actions []string - A list of data action permission granted.
- Not
Actions []string - A list of action permission excluded (but not denied).
- Not
Data []stringActions - A list of data action permission granted.
- actions List<String>
- A list of action permission granted.
- data
Actions List<String> - A list of data action permission granted.
- not
Actions List<String> - A list of action permission excluded (but not denied).
- not
Data List<String>Actions - A list of data action permission granted.
- actions string[]
- A list of action permission granted.
- data
Actions string[] - A list of data action permission granted.
- not
Actions string[] - A list of action permission excluded (but not denied).
- not
Data string[]Actions - A list of data action permission granted.
- actions Sequence[str]
- A list of action permission granted.
- data_
actions Sequence[str] - A list of data action permission granted.
- not_
actions Sequence[str] - A list of action permission excluded (but not denied).
- not_
data_ Sequence[str]actions - A list of data action permission granted.
- actions List<String>
- A list of action permission granted.
- data
Actions List<String> - A list of data action permission granted.
- not
Actions List<String> - A list of action permission excluded (but not denied).
- not
Data List<String>Actions - A list of data action permission granted.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.