Class AccessPolicy

Manages a Key Vault Access Policy.

NOTE: It's possible to define Key Vault Access Policies both within the azure.keyvault.KeyVault resource via the access_policy block and by using the azure.keyvault.AccessPolicy resource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.

NOTE: Azure permits a maximum of 1024 Access Policies per Key Vault - more information can be found in this document.

Inheritance

System.Object

Resource

CustomResource

AccessPolicy

Inherited Members

CustomResource.Id

Resource.GetResourceType()

Resource.GetResourceName()

Resource.Urn

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: Pulumi.Azure.KeyVault

Assembly: Pulumi.Azure.dll

Syntax

public class AccessPolicy : CustomResource

Constructors

View Source

AccessPolicy(String, AccessPolicyArgs, CustomResourceOptions)

Create a AccessPolicy resource with the given unique name, arguments, and options.

Declaration

public AccessPolicy(string name, AccessPolicyArgs args, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resource
AccessPolicyArgs	args	The arguments used to populate this resource's properties
CustomResourceOptions	options	A bag of options that control this resource's behavior

Properties

View Source

ApplicationId

The object ID of an Application in Azure Active Directory.

Declaration

public Output<string> ApplicationId { get; }

Property Value

Type	Description
Output<System.String>

View Source

CertificatePermissions

List of certificate permissions, must be one or more from the following: backup, create, delete, deleteissuers, get, getissuers, import, list, listissuers, managecontacts, manageissuers, purge, recover, restore, setissuers and update.

Declaration

public Output<ImmutableArray<string>> CertificatePermissions { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>

View Source

KeyPermissions

List of key permissions, must be one or more from the following: backup, create, decrypt, delete, encrypt, get, import, list, purge, recover, restore, sign, unwrapKey, update, verify and wrapKey.

Declaration

public Output<ImmutableArray<string>> KeyPermissions { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>

View Source

KeyVaultId

Specifies the id of the Key Vault resource. Changing this forces a new resource to be created.

Declaration

public Output<string> KeyVaultId { get; }

Property Value

Type	Description
Output<System.String>

View Source

ObjectId

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

Declaration

public Output<string> ObjectId { get; }

Property Value

Type	Description
Output<System.String>

View Source

SecretPermissions

List of secret permissions, must be one or more from the following: backup, delete, get, list, purge, recover, restore and set.

Declaration

public Output<ImmutableArray<string>> SecretPermissions { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>

View Source

StoragePermissions

List of storage permissions, must be one or more from the following: backup, delete, deletesas, get, getsas, list, listsas, purge, recover, regeneratekey, restore, set, setsas and update.

Declaration

public Output<ImmutableArray<string>> StoragePermissions { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>

View Source

TenantId

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

Declaration

public Output<string> TenantId { get; }

Property Value

Type	Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, AccessPolicyState, CustomResourceOptions)

Get an existing AccessPolicy resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration

public static AccessPolicy Get(string name, Input<string> id, AccessPolicyState state = null, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resulting resource.
Input<System.String>	id	The unique provider ID of the resource to lookup.
AccessPolicyState	state	Any extra arguments used during the lookup.
CustomResourceOptions	options	A bag of options that control this resource's behavior

Returns

Type	Description
AccessPolicy