1. Packages
  2. Azure Classic
  3. API Docs
  4. keyvault
  5. ManagedHardwareSecurityModule

We recommend using Azure Native.

Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi

azure.keyvault.ManagedHardwareSecurityModule

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi

    Manages a Key Vault Managed Hardware Security Module.

    Note: the Azure Provider includes a Feature Toggle which will purge a Key Vault Managed Hardware Security Module resource on destroy, rather than the default soft-delete. See purge_soft_deleted_hardware_security_modules_on_destroy for more information.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var current = Azure.Core.GetClientConfig.Invoke();
    
        var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
        {
            Location = "West Europe",
        });
    
        var exampleManagedHardwareSecurityModule = new Azure.KeyVault.ManagedHardwareSecurityModule("exampleManagedHardwareSecurityModule", new()
        {
            ResourceGroupName = exampleResourceGroup.Name,
            Location = exampleResourceGroup.Location,
            SkuName = "Standard_B1",
            PurgeProtectionEnabled = false,
            SoftDeleteRetentionDays = 90,
            TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
            AdminObjectIds = new[]
            {
                current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
            },
            Tags = 
            {
                { "Env", "Test" },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		current, err := core.GetClientConfig(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = keyvault.NewManagedHardwareSecurityModule(ctx, "exampleManagedHardwareSecurityModule", &keyvault.ManagedHardwareSecurityModuleArgs{
    			ResourceGroupName:       exampleResourceGroup.Name,
    			Location:                exampleResourceGroup.Location,
    			SkuName:                 pulumi.String("Standard_B1"),
    			PurgeProtectionEnabled:  pulumi.Bool(false),
    			SoftDeleteRetentionDays: pulumi.Int(90),
    			TenantId:                *pulumi.String(current.TenantId),
    			AdminObjectIds: pulumi.StringArray{
    				*pulumi.String(current.ObjectId),
    			},
    			Tags: pulumi.StringMap{
    				"Env": pulumi.String("Test"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.CoreFunctions;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.keyvault.ManagedHardwareSecurityModule;
    import com.pulumi.azure.keyvault.ManagedHardwareSecurityModuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var current = CoreFunctions.getClientConfig();
    
            var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
                .location("West Europe")
                .build());
    
            var exampleManagedHardwareSecurityModule = new ManagedHardwareSecurityModule("exampleManagedHardwareSecurityModule", ManagedHardwareSecurityModuleArgs.builder()        
                .resourceGroupName(exampleResourceGroup.name())
                .location(exampleResourceGroup.location())
                .skuName("Standard_B1")
                .purgeProtectionEnabled(false)
                .softDeleteRetentionDays(90)
                .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                .adminObjectIds(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
                .tags(Map.of("Env", "Test"))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure as azure
    
    current = azure.core.get_client_config()
    example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
    example_managed_hardware_security_module = azure.keyvault.ManagedHardwareSecurityModule("exampleManagedHardwareSecurityModule",
        resource_group_name=example_resource_group.name,
        location=example_resource_group.location,
        sku_name="Standard_B1",
        purge_protection_enabled=False,
        soft_delete_retention_days=90,
        tenant_id=current.tenant_id,
        admin_object_ids=[current.object_id],
        tags={
            "Env": "Test",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const current = azure.core.getClientConfig({});
    const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
    const exampleManagedHardwareSecurityModule = new azure.keyvault.ManagedHardwareSecurityModule("exampleManagedHardwareSecurityModule", {
        resourceGroupName: exampleResourceGroup.name,
        location: exampleResourceGroup.location,
        skuName: "Standard_B1",
        purgeProtectionEnabled: false,
        softDeleteRetentionDays: 90,
        tenantId: current.then(current => current.tenantId),
        adminObjectIds: [current.then(current => current.objectId)],
        tags: {
            Env: "Test",
        },
    });
    
    resources:
      exampleResourceGroup:
        type: azure:core:ResourceGroup
        properties:
          location: West Europe
      exampleManagedHardwareSecurityModule:
        type: azure:keyvault:ManagedHardwareSecurityModule
        properties:
          resourceGroupName: ${exampleResourceGroup.name}
          location: ${exampleResourceGroup.location}
          skuName: Standard_B1
          purgeProtectionEnabled: false
          softDeleteRetentionDays: 90
          tenantId: ${current.tenantId}
          adminObjectIds:
            - ${current.objectId}
          tags:
            Env: Test
    variables:
      current:
        fn::invoke:
          Function: azure:core:getClientConfig
          Arguments: {}
    

    Create ManagedHardwareSecurityModule Resource

    new ManagedHardwareSecurityModule(name: string, args: ManagedHardwareSecurityModuleArgs, opts?: CustomResourceOptions);
    @overload
    def ManagedHardwareSecurityModule(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      admin_object_ids: Optional[Sequence[str]] = None,
                                      location: Optional[str] = None,
                                      name: Optional[str] = None,
                                      network_acls: Optional[ManagedHardwareSecurityModuleNetworkAclsArgs] = None,
                                      public_network_access_enabled: Optional[bool] = None,
                                      purge_protection_enabled: Optional[bool] = None,
                                      resource_group_name: Optional[str] = None,
                                      security_domain_key_vault_certificate_ids: Optional[Sequence[str]] = None,
                                      security_domain_quorum: Optional[int] = None,
                                      sku_name: Optional[str] = None,
                                      soft_delete_retention_days: Optional[int] = None,
                                      tags: Optional[Mapping[str, str]] = None,
                                      tenant_id: Optional[str] = None)
    @overload
    def ManagedHardwareSecurityModule(resource_name: str,
                                      args: ManagedHardwareSecurityModuleArgs,
                                      opts: Optional[ResourceOptions] = None)
    func NewManagedHardwareSecurityModule(ctx *Context, name string, args ManagedHardwareSecurityModuleArgs, opts ...ResourceOption) (*ManagedHardwareSecurityModule, error)
    public ManagedHardwareSecurityModule(string name, ManagedHardwareSecurityModuleArgs args, CustomResourceOptions? opts = null)
    public ManagedHardwareSecurityModule(String name, ManagedHardwareSecurityModuleArgs args)
    public ManagedHardwareSecurityModule(String name, ManagedHardwareSecurityModuleArgs args, CustomResourceOptions options)
    
    type: azure:keyvault:ManagedHardwareSecurityModule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args ManagedHardwareSecurityModuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ManagedHardwareSecurityModuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ManagedHardwareSecurityModuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ManagedHardwareSecurityModuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ManagedHardwareSecurityModuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    ManagedHardwareSecurityModule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ManagedHardwareSecurityModule resource accepts the following input properties:

    AdminObjectIds List<string>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    ResourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    SkuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    TenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    Location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    Name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    NetworkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    PublicNetworkAccessEnabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    PurgeProtectionEnabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    SecurityDomainKeyVaultCertificateIds List<string>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    SecurityDomainQuorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    SoftDeleteRetentionDays int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    AdminObjectIds []string

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    ResourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    SkuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    TenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    Location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    Name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    NetworkAcls ManagedHardwareSecurityModuleNetworkAclsArgs

    A network_acls block as defined below.

    PublicNetworkAccessEnabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    PurgeProtectionEnabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    SecurityDomainKeyVaultCertificateIds []string

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    SecurityDomainQuorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    SoftDeleteRetentionDays int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    Tags map[string]string

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    adminObjectIds List<String>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    resourceGroupName String

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    skuName String

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    tenantId String

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    location String

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name String

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    publicNetworkAccessEnabled Boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled Boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    securityDomainKeyVaultCertificateIds List<String>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum Integer

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    softDeleteRetentionDays Integer

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Map<String,String>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    adminObjectIds string[]

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    resourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    skuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    tenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    publicNetworkAccessEnabled boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    securityDomainKeyVaultCertificateIds string[]

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum number

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    softDeleteRetentionDays number

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    admin_object_ids Sequence[str]

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    resource_group_name str

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    sku_name str

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    tenant_id str

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    location str

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name str

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    network_acls ManagedHardwareSecurityModuleNetworkAclsArgs

    A network_acls block as defined below.

    public_network_access_enabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purge_protection_enabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    security_domain_key_vault_certificate_ids Sequence[str]

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    security_domain_quorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    soft_delete_retention_days int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    adminObjectIds List<String>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    resourceGroupName String

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    skuName String

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    tenantId String

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    location String

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name String

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls Property Map

    A network_acls block as defined below.

    publicNetworkAccessEnabled Boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled Boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    securityDomainKeyVaultCertificateIds List<String>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum Number

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    softDeleteRetentionDays Number

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Map<String>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ManagedHardwareSecurityModule resource produces the following output properties:

    HsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    Id string

    The provider-assigned unique ID for this managed resource.

    SecurityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    HsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    Id string

    The provider-assigned unique ID for this managed resource.

    SecurityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    hsmUri String

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    id String

    The provider-assigned unique ID for this managed resource.

    securityDomainEncryptedData String

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    hsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    id string

    The provider-assigned unique ID for this managed resource.

    securityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    hsm_uri str

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    id str

    The provider-assigned unique ID for this managed resource.

    security_domain_encrypted_data str

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    hsmUri String

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    id String

    The provider-assigned unique ID for this managed resource.

    securityDomainEncryptedData String

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    Look up Existing ManagedHardwareSecurityModule Resource

    Get an existing ManagedHardwareSecurityModule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ManagedHardwareSecurityModuleState, opts?: CustomResourceOptions): ManagedHardwareSecurityModule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            admin_object_ids: Optional[Sequence[str]] = None,
            hsm_uri: Optional[str] = None,
            location: Optional[str] = None,
            name: Optional[str] = None,
            network_acls: Optional[ManagedHardwareSecurityModuleNetworkAclsArgs] = None,
            public_network_access_enabled: Optional[bool] = None,
            purge_protection_enabled: Optional[bool] = None,
            resource_group_name: Optional[str] = None,
            security_domain_encrypted_data: Optional[str] = None,
            security_domain_key_vault_certificate_ids: Optional[Sequence[str]] = None,
            security_domain_quorum: Optional[int] = None,
            sku_name: Optional[str] = None,
            soft_delete_retention_days: Optional[int] = None,
            tags: Optional[Mapping[str, str]] = None,
            tenant_id: Optional[str] = None) -> ManagedHardwareSecurityModule
    func GetManagedHardwareSecurityModule(ctx *Context, name string, id IDInput, state *ManagedHardwareSecurityModuleState, opts ...ResourceOption) (*ManagedHardwareSecurityModule, error)
    public static ManagedHardwareSecurityModule Get(string name, Input<string> id, ManagedHardwareSecurityModuleState? state, CustomResourceOptions? opts = null)
    public static ManagedHardwareSecurityModule get(String name, Output<String> id, ManagedHardwareSecurityModuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AdminObjectIds List<string>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    HsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    Location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    Name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    NetworkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    PublicNetworkAccessEnabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    PurgeProtectionEnabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    ResourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    SecurityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    SecurityDomainKeyVaultCertificateIds List<string>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    SecurityDomainQuorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    SkuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    SoftDeleteRetentionDays int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    Tags Dictionary<string, string>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    TenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    AdminObjectIds []string

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    HsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    Location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    Name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    NetworkAcls ManagedHardwareSecurityModuleNetworkAclsArgs

    A network_acls block as defined below.

    PublicNetworkAccessEnabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    PurgeProtectionEnabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    ResourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    SecurityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    SecurityDomainKeyVaultCertificateIds []string

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    SecurityDomainQuorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    SkuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    SoftDeleteRetentionDays int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    Tags map[string]string

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    TenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    adminObjectIds List<String>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    hsmUri String

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    location String

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name String

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    publicNetworkAccessEnabled Boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled Boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    resourceGroupName String

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    securityDomainEncryptedData String

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    securityDomainKeyVaultCertificateIds List<String>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum Integer

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    skuName String

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    softDeleteRetentionDays Integer

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Map<String,String>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    tenantId String

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    adminObjectIds string[]

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    hsmUri string

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    location string

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name string

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls ManagedHardwareSecurityModuleNetworkAcls

    A network_acls block as defined below.

    publicNetworkAccessEnabled boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    resourceGroupName string

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    securityDomainEncryptedData string

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    securityDomainKeyVaultCertificateIds string[]

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum number

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    skuName string

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    softDeleteRetentionDays number

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags {[key: string]: string}

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    tenantId string

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    admin_object_ids Sequence[str]

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    hsm_uri str

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    location str

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name str

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    network_acls ManagedHardwareSecurityModuleNetworkAclsArgs

    A network_acls block as defined below.

    public_network_access_enabled bool

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purge_protection_enabled bool

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    resource_group_name str

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    security_domain_encrypted_data str

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    security_domain_key_vault_certificate_ids Sequence[str]

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    security_domain_quorum int

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    sku_name str

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    soft_delete_retention_days int

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Mapping[str, str]

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    tenant_id str

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    adminObjectIds List<String>

    Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    hsmUri String

    The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.

    location String

    Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

    name String

    Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    networkAcls Property Map

    A network_acls block as defined below.

    publicNetworkAccessEnabled Boolean

    Whether traffic from public networks is permitted. Defaults to true. Changing this forces a new resource to be created.

    purgeProtectionEnabled Boolean

    Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.

    resourceGroupName String

    The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    securityDomainEncryptedData String

    This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.

    securityDomainKeyVaultCertificateIds List<String>

    A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see activate-your-managed-hsm

    securityDomainQuorum Number

    Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when security_domain_key_vault_certificate_ids is specified. Valid values are between 2 and 10.

    skuName String

    The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is Standard_B1. Changing this forces a new resource to be created.

    softDeleteRetentionDays Number

    The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 days. Defaults to 90. Changing this forces a new resource to be created.

    tags Map<String>

    A mapping of tags to assign to the resource. Changing this forces a new resource to be created.

    tenantId String

    The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.

    Supporting Types

    ManagedHardwareSecurityModuleNetworkAcls, ManagedHardwareSecurityModuleNetworkAclsArgs

    Bypass string

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    DefaultAction string

    The Default Action to use. Possible values are Allow and Deny.

    Bypass string

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    DefaultAction string

    The Default Action to use. Possible values are Allow and Deny.

    bypass String

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    defaultAction String

    The Default Action to use. Possible values are Allow and Deny.

    bypass string

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    defaultAction string

    The Default Action to use. Possible values are Allow and Deny.

    bypass str

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    default_action str

    The Default Action to use. Possible values are Allow and Deny.

    bypass String

    Specifies which traffic can bypass the network rules. Possible values are AzureServices and None.

    defaultAction String

    The Default Action to use. Possible values are Allow and Deny.

    Import

    Key Vault Managed Hardware Security Module can be imported using the resource id, e.g.

     $ pulumi import azure:keyvault/managedHardwareSecurityModule:ManagedHardwareSecurityModule example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.KeyVault/managedHSMs/hsm1
    

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the azurerm Terraform Provider.

    azure logo

    We recommend using Azure Native.

    Azure Classic v5.49.0 published on Tuesday, Aug 29, 2023 by Pulumi