Class KeyVault
Manages a Key Vault.
Disclaimers
Note: It's possible to define Key Vault Access Policies both within the
azure.keyvault.KeyVaultresource via theaccess_policyblock and by using theazure.keyvault.AccessPolicyresource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.
Note: This provi will automatically recover a soft-deleted Key Vault during Creation if one is found - you can opt out of this using the
featuresconfiguration within the Provider configuration block.
Inherited Members
Namespace: Pulumi.Azure.KeyVault
Assembly: Pulumi.Azure.dll
Syntax
public class KeyVault : CustomResourceConstructors
View SourceKeyVault(String, KeyVaultArgs, CustomResourceOptions)
Create a KeyVault resource with the given unique name, arguments, and options.
Declaration
public KeyVault(string name, KeyVaultArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| KeyVaultArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceAccessPolicies
A list of up to 16 objects describing access policies, as described below.
Declaration
public Output<ImmutableArray<KeyVaultAccessPolicy>> AccessPolicies { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<KeyVaultAccessPolicy>> |
EnabledForDeployment
Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false.
Declaration
public Output<bool?> EnabledForDeployment { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
EnabledForDiskEncryption
Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false.
Declaration
public Output<bool?> EnabledForDiskEncryption { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
EnabledForTemplateDeployment
Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false.
Declaration
public Output<bool?> EnabledForTemplateDeployment { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
Location
Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
Declaration
public Output<string> Location { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Name
Specifies the name of the Key Vault. Changing this forces a new resource to be created.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
NetworkAcls
A network_acls block as defined below.
Declaration
public Output<KeyVaultNetworkAcls> NetworkAcls { get; }Property Value
| Type | Description |
|---|---|
| Output<KeyVaultNetworkAcls> |
PurgeProtectionEnabled
Is Purge Protection enabled for this Key Vault? Defaults to false.
Declaration
public Output<bool?> PurgeProtectionEnabled { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
ResourceGroupName
The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
Declaration
public Output<string> ResourceGroupName { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
SkuName
The Name of the SKU used for this Key Vault. Possible values are standard and premium.
Declaration
public Output<string> SkuName { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
SoftDeleteEnabled
Should Soft Delete be enabled for this Key Vault? Defaults to false.
Declaration
public Output<bool?> SoftDeleteEnabled { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
Tags
A mapping of tags to assign to the resource.
Declaration
public Output<ImmutableDictionary<string, string>> Tags { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.String>> |
TenantId
The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
Declaration
public Output<string> TenantId { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
VaultUri
The URI of the Key Vault, used for performing operations on keys and secrets.
Declaration
public Output<string> VaultUri { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, KeyVaultState, CustomResourceOptions)
Get an existing KeyVault resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static KeyVault Get(string name, Input<string> id, KeyVaultState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| KeyVaultState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| KeyVault |