keyvault

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 27, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessPolicy added in v0.15.0 

type AccessPolicy struct {
	// contains filtered or unexported fields
}

Manages a Key Vault Access Policy.

> **NOTE:** It's possible to define Key Vault Access Policies both within the `keyvault.KeyVault` resource via the `accessPolicy` block and by using the `keyvault.AccessPolicy` resource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.

> **NOTE:** Azure permits a maximum of 1024 Access Policies per Key Vault - [more information can be found in this document](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-secure-your-key-vault#data-plane-access-control).

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault_access_policy.html.markdown.

func GetAccessPolicy added in v0.15.0 

func GetAccessPolicy(ctx *pulumi.Context,
	name string, id pulumi.ID, state *AccessPolicyState, opts ...pulumi.ResourceOpt) (*AccessPolicy, error)

GetAccessPolicy gets an existing AccessPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAccessPolicy added in v0.15.0 

func NewAccessPolicy(ctx *pulumi.Context,
	name string, args *AccessPolicyArgs, opts ...pulumi.ResourceOpt) (*AccessPolicy, error)

NewAccessPolicy registers a new resource with the given unique name, arguments, and options.

func (*AccessPolicy) ApplicationId added in v0.15.0 

func (r *AccessPolicy) ApplicationId() pulumi.StringOutput

The object ID of an Application in Azure Active Directory.

func (*AccessPolicy) CertificatePermissions added in v0.15.0 

func (r *AccessPolicy) CertificatePermissions() pulumi.ArrayOutput

List of certificate permissions, must be one or more from the following: `backup`, `create`, `delete`, `deleteissuers`, `get`, `getissuers`, `import`, `list`, `listissuers`, `managecontacts`, `manageissuers`, `purge`, `recover`, `restore`, `setissuers` and `update`.

func (*AccessPolicy) ID added in v0.15.0 

func (r *AccessPolicy) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*AccessPolicy) KeyPermissions added in v0.15.0 

func (r *AccessPolicy) KeyPermissions() pulumi.ArrayOutput

List of key permissions, must be one or more from the following: `backup`, `create`, `decrypt`, `delete`, `encrypt`, `get`, `import`, `list`, `purge`, `recover`, `restore`, `sign`, `unwrapKey`, `update`, `verify` and `wrapKey`.

func (*AccessPolicy) KeyVaultId added in v0.16.8 

func (r *AccessPolicy) KeyVaultId() pulumi.StringOutput

Specifies the id of the Key Vault resource. Changing this forces a new resource to be created.

func (*AccessPolicy) ObjectId added in v0.15.0 

func (r *AccessPolicy) ObjectId() pulumi.StringOutput

The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Changing this forces a new resource to be created.

func (*AccessPolicy) ResourceGroupName added in v0.15.0 

func (r *AccessPolicy) ResourceGroupName() pulumi.StringOutput

The name of the resource group in which to create the namespace. Changing this forces a new resource to be created.

func (*AccessPolicy) SecretPermissions added in v0.15.0 

func (r *AccessPolicy) SecretPermissions() pulumi.ArrayOutput

List of secret permissions, must be one or more from the following: `backup`, `delete`, `get`, `list`, `purge`, `recover`, `restore` and `set`.

func (*AccessPolicy) StoragePermissions added in v0.18.0 

func (r *AccessPolicy) StoragePermissions() pulumi.ArrayOutput

List of storage permissions, must be one or more from the following: `backup`, `delete`, `deletesas`, `get`, `getsas`, `list`, `listsas`, `purge`, `recover`, `regeneratekey`, `restore`, `set`, `setsas` and `update`.

func (*AccessPolicy) TenantId added in v0.15.0 

func (r *AccessPolicy) TenantId() pulumi.StringOutput

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. Changing this forces a new resource to be created.

func (*AccessPolicy) URN added in v0.15.0 

func (r *AccessPolicy) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*AccessPolicy) VaultName added in v0.15.0 

func (r *AccessPolicy) VaultName() pulumi.StringOutput

Specifies the name of the Key Vault resource. Changing this forces a new resource to be created.

type AccessPolicyArgs added in v0.15.0 

type AccessPolicyArgs struct {
	// The object ID of an Application in Azure Active Directory.
	ApplicationId interface{}
	// List of certificate permissions, must be one or more from
	// the following: `backup`, `create`, `delete`, `deleteissuers`, `get`, `getissuers`, `import`, `list`, `listissuers`,
	// `managecontacts`, `manageissuers`, `purge`, `recover`, `restore`, `setissuers` and `update`.
	CertificatePermissions interface{}
	// List of key permissions, must be one or more from
	// the following: `backup`, `create`, `decrypt`, `delete`, `encrypt`, `get`, `import`, `list`, `purge`,
	// `recover`, `restore`, `sign`, `unwrapKey`, `update`, `verify` and `wrapKey`.
	KeyPermissions interface{}
	// Specifies the id of the Key Vault resource. Changing this
	// forces a new resource to be created.
	KeyVaultId interface{}
	// The object ID of a user, service principal or security
	// group in the Azure Active Directory tenant for the vault. The object ID must
	// be unique for the list of access policies. Changing this forces a new resource
	// to be created.
	ObjectId interface{}
	// The name of the resource group in which to
	// create the namespace. Changing this forces a new resource to be created.
	ResourceGroupName interface{}
	// List of secret permissions, must be one or more
	// from the following: `backup`, `delete`, `get`, `list`, `purge`, `recover`, `restore` and `set`.
	SecretPermissions interface{}
	// List of storage permissions, must be one or more from the following: `backup`, `delete`, `deletesas`, `get`, `getsas`, `list`, `listsas`, `purge`, `recover`, `regeneratekey`, `restore`, `set`, `setsas` and `update`.
	StoragePermissions interface{}
	// The Azure Active Directory tenant ID that should be used
	// for authenticating requests to the key vault. Changing this forces a new resource
	// to be created.
	TenantId interface{}
	// Specifies the name of the Key Vault resource. Changing this
	// forces a new resource to be created.
	VaultName interface{}
}

The set of arguments for constructing a AccessPolicy resource.

type AccessPolicyState added in v0.15.0 

type AccessPolicyState struct {
	// The object ID of an Application in Azure Active Directory.
	ApplicationId interface{}
	// List of certificate permissions, must be one or more from
	// the following: `backup`, `create`, `delete`, `deleteissuers`, `get`, `getissuers`, `import`, `list`, `listissuers`,
	// `managecontacts`, `manageissuers`, `purge`, `recover`, `restore`, `setissuers` and `update`.
	CertificatePermissions interface{}
	// List of key permissions, must be one or more from
	// the following: `backup`, `create`, `decrypt`, `delete`, `encrypt`, `get`, `import`, `list`, `purge`,
	// `recover`, `restore`, `sign`, `unwrapKey`, `update`, `verify` and `wrapKey`.
	KeyPermissions interface{}
	// Specifies the id of the Key Vault resource. Changing this
	// forces a new resource to be created.
	KeyVaultId interface{}
	// The object ID of a user, service principal or security
	// group in the Azure Active Directory tenant for the vault. The object ID must
	// be unique for the list of access policies. Changing this forces a new resource
	// to be created.
	ObjectId interface{}
	// The name of the resource group in which to
	// create the namespace. Changing this forces a new resource to be created.
	ResourceGroupName interface{}
	// List of secret permissions, must be one or more
	// from the following: `backup`, `delete`, `get`, `list`, `purge`, `recover`, `restore` and `set`.
	SecretPermissions interface{}
	// List of storage permissions, must be one or more from the following: `backup`, `delete`, `deletesas`, `get`, `getsas`, `list`, `listsas`, `purge`, `recover`, `regeneratekey`, `restore`, `set`, `setsas` and `update`.
	StoragePermissions interface{}
	// The Azure Active Directory tenant ID that should be used
	// for authenticating requests to the key vault. Changing this forces a new resource
	// to be created.
	TenantId interface{}
	// Specifies the name of the Key Vault resource. Changing this
	// forces a new resource to be created.
	VaultName interface{}
}

Input properties used for looking up and filtering AccessPolicy resources.

type Certifiate 

type Certifiate struct {
	// contains filtered or unexported fields
}

Manages a Key Vault Certificate.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault_certificate_legacy.html.markdown.

func GetCertifiate 

func GetCertifiate(ctx *pulumi.Context,
	name string, id pulumi.ID, state *CertifiateState, opts ...pulumi.ResourceOpt) (*Certifiate, error)

GetCertifiate gets an existing Certifiate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertifiate 

func NewCertifiate(ctx *pulumi.Context,
	name string, args *CertifiateArgs, opts ...pulumi.ResourceOpt) (*Certifiate, error)

NewCertifiate registers a new resource with the given unique name, arguments, and options.

func (*Certifiate) Certificate 

func (r *Certifiate) Certificate() pulumi.Output

A `certificate` block as defined below, used to Import an existing certificate.

func (*Certifiate) CertificateData 

func (r *Certifiate) CertificateData() pulumi.StringOutput

The raw Key Vault Certificate data represented as a hexadecimal string.

func (*Certifiate) CertificatePolicy 

func (r *Certifiate) CertificatePolicy() pulumi.Output

A `certificatePolicy` block as defined below.

func (*Certifiate) ID 

func (r *Certifiate) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Certifiate) KeyVaultId added in v0.16.8 

func (r *Certifiate) KeyVaultId() pulumi.StringOutput

The ID of the Key Vault where the Certificate should be created.

func (*Certifiate) Name 

func (r *Certifiate) Name() pulumi.StringOutput

The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

func (*Certifiate) SecretId 

func (r *Certifiate) SecretId() pulumi.StringOutput

The ID of the associated Key Vault Secret.

func (*Certifiate) Tags 

func (r *Certifiate) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (*Certifiate) Thumbprint added in v0.16.0 

func (r *Certifiate) Thumbprint() pulumi.StringOutput

The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.

func (*Certifiate) URN 

func (r *Certifiate) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Certifiate) VaultUri 

func (r *Certifiate) VaultUri() pulumi.StringOutput

func (*Certifiate) Version 

func (r *Certifiate) Version() pulumi.StringOutput

The current version of the Key Vault Certificate.

type CertifiateArgs 

type CertifiateArgs struct {
	// A `certificate` block as defined below, used to Import an existing certificate.
	Certificate interface{}
	// A `certificatePolicy` block as defined below.
	CertificatePolicy interface{}
	// The ID of the Key Vault where the Certificate should be created.
	KeyVaultId interface{}
	// The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.
	Name interface{}
	// A mapping of tags to assign to the resource.
	Tags     interface{}
	VaultUri interface{}
}

The set of arguments for constructing a Certifiate resource.

type CertifiateState 

type CertifiateState struct {
	// A `certificate` block as defined below, used to Import an existing certificate.
	Certificate interface{}
	// The raw Key Vault Certificate data represented as a hexadecimal string.
	CertificateData interface{}
	// A `certificatePolicy` block as defined below.
	CertificatePolicy interface{}
	// The ID of the Key Vault where the Certificate should be created.
	KeyVaultId interface{}
	// The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.
	Name interface{}
	// The ID of the associated Key Vault Secret.
	SecretId interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
	Thumbprint interface{}
	VaultUri   interface{}
	// The current version of the Key Vault Certificate.
	Version interface{}
}

Input properties used for looking up and filtering Certifiate resources.

type Certificate added in v1.0.0 

type Certificate struct {
	// contains filtered or unexported fields
}

Manages a Key Vault Certificate.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault_certificate.html.markdown.

func GetCertificate added in v1.0.0 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.ID, state *CertificateState, opts ...pulumi.ResourceOpt) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate added in v1.0.0 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOpt) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) Certificate added in v1.0.0 

func (r *Certificate) Certificate() pulumi.Output

A `certificate` block as defined below, used to Import an existing certificate.

func (*Certificate) CertificateData added in v1.0.0 

func (r *Certificate) CertificateData() pulumi.StringOutput

The raw Key Vault Certificate data represented as a hexadecimal string.

func (*Certificate) CertificatePolicy added in v1.0.0 

func (r *Certificate) CertificatePolicy() pulumi.Output

A `certificatePolicy` block as defined below.

func (*Certificate) ID added in v1.0.0 

func (r *Certificate) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Certificate) KeyVaultId added in v1.0.0 

func (r *Certificate) KeyVaultId() pulumi.StringOutput

The ID of the Key Vault where the Certificate should be created.

func (*Certificate) Name added in v1.0.0 

func (r *Certificate) Name() pulumi.StringOutput

The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.

func (*Certificate) SecretId added in v1.0.0 

func (r *Certificate) SecretId() pulumi.StringOutput

The ID of the associated Key Vault Secret.

func (*Certificate) Tags added in v1.0.0 

func (r *Certificate) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (*Certificate) Thumbprint added in v1.0.0 

func (r *Certificate) Thumbprint() pulumi.StringOutput

The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.

func (*Certificate) URN added in v1.0.0 

func (r *Certificate) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Certificate) VaultUri added in v1.0.0 

func (r *Certificate) VaultUri() pulumi.StringOutput

func (*Certificate) Version added in v1.0.0 

func (r *Certificate) Version() pulumi.StringOutput

The current version of the Key Vault Certificate.

type CertificateArgs added in v1.0.0 

type CertificateArgs struct {
	// A `certificate` block as defined below, used to Import an existing certificate.
	Certificate interface{}
	// A `certificatePolicy` block as defined below.
	CertificatePolicy interface{}
	// The ID of the Key Vault where the Certificate should be created.
	KeyVaultId interface{}
	// The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.
	Name interface{}
	// A mapping of tags to assign to the resource.
	Tags     interface{}
	VaultUri interface{}
}

The set of arguments for constructing a Certificate resource.

type CertificateState added in v1.0.0 

type CertificateState struct {
	// A `certificate` block as defined below, used to Import an existing certificate.
	Certificate interface{}
	// The raw Key Vault Certificate data represented as a hexadecimal string.
	CertificateData interface{}
	// A `certificatePolicy` block as defined below.
	CertificatePolicy interface{}
	// The ID of the Key Vault where the Certificate should be created.
	KeyVaultId interface{}
	// The name of the Certificate Issuer. Possible values include `Self`, or the name of a certificate issuing authority supported by Azure. Changing this forces a new resource to be created.
	Name interface{}
	// The ID of the associated Key Vault Secret.
	SecretId interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// The X509 Thumbprint of the Key Vault Certificate represented as a hexadecimal string.
	Thumbprint interface{}
	VaultUri   interface{}
	// The current version of the Key Vault Certificate.
	Version interface{}
}

Input properties used for looking up and filtering Certificate resources.

type GetAccessPolicyArgs 

type GetAccessPolicyArgs struct {
	// Specifies the name of the Management Template. Possible values are: `Key Management`,
	// `Secret Management`, `Certificate Management`, `Key & Secret Management`, `Key & Certificate Management`,
	// `Secret & Certificate Management`,  `Key, Secret, & Certificate Management`
	Name interface{}
}

A collection of arguments for invoking getAccessPolicy.

type GetAccessPolicyResult 

type GetAccessPolicyResult struct {
	// the certificate permissions for the access policy
	CertificatePermissions interface{}
	// the key permissions for the access policy
	KeyPermissions interface{}
	Name           interface{}
	// the secret permissions for the access policy
	SecretPermissions interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getAccessPolicy.

func LookupAccessPolicy 

func LookupAccessPolicy(ctx *pulumi.Context, args *GetAccessPolicyArgs) (*GetAccessPolicyResult, error)

Use this data source to access information about the permissions from the Management Key Vault Templates.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault_access_policy.html.markdown.

type GetKeyArgs added in v0.16.5 

type GetKeyArgs struct {
	// Specifies the ID of the Key Vault instance where the Secret resides, available on the `keyvault.KeyVault` Data Source / Resource.
	KeyVaultId interface{}
	// Specifies the name of the Key Vault Key.
	Name     interface{}
	VaultUri interface{}
}

A collection of arguments for invoking getKey.

type GetKeyResult added in v0.16.5 

type GetKeyResult struct {
	// The RSA public exponent of this Key Vault Key.
	E interface{}
	// A list of JSON web key operations assigned to this Key Vault Key
	KeyOpts interface{}
	// Specifies the Size of this Key Vault Key.
	KeySize interface{}
	// Specifies the Key Type of this Key Vault Key
	KeyType    interface{}
	KeyVaultId interface{}
	// The RSA modulus of this Key Vault Key.
	N    interface{}
	Name interface{}
	// A mapping of tags assigned to this Key Vault Key.
	Tags     interface{}
	VaultUri interface{}
	// The current version of the Key Vault Key.
	Version interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getKey.

func LookupKey added in v0.16.5 

func LookupKey(ctx *pulumi.Context, args *GetKeyArgs) (*GetKeyResult, error)

Use this data source to access information about an existing Key Vault Key.

> **Note:** All arguments including the secret value will be stored in the raw state as plain-text. [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault_key.html.markdown.

type GetKeyVaultArgs 

type GetKeyVaultArgs struct {
	// Specifies the name of the Key Vault.
	Name interface{}
	// The name of the Resource Group in which the Key Vault exists.
	ResourceGroupName interface{}
}

A collection of arguments for invoking getKeyVault.

type GetKeyVaultResult 

type GetKeyVaultResult struct {
	// One or more `accessPolicy` blocks as defined below.
	AccessPolicies interface{}
	// Can Azure Virtual Machines retrieve certificates stored as secrets from the Key Vault?
	EnabledForDeployment interface{}
	// Can Azure Disk Encryption retrieve secrets from the Key Vault?
	EnabledForDiskEncryption interface{}
	// Can Azure Resource Manager retrieve secrets from the Key Vault?
	EnabledForTemplateDeployment interface{}
	// The Azure Region in which the Key Vault exists.
	Location interface{}
	// The name of the SKU used for this Key Vault.
	Name              interface{}
	NetworkAcls       interface{}
	ResourceGroupName interface{}
	// A `sku` block as described below.
	Sku     interface{}
	SkuName interface{}
	// A mapping of tags assigned to the Key Vault.
	Tags interface{}
	// The Azure Active Directory Tenant ID used to authenticate requests for this Key Vault.
	TenantId interface{}
	// The URI of the vault for performing operations on keys and secrets.
	VaultUri interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getKeyVault.

func LookupKeyVault 

func LookupKeyVault(ctx *pulumi.Context, args *GetKeyVaultArgs) (*GetKeyVaultResult, error)

Use this data source to access information about an existing Key Vault.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault.html.markdown.

type GetSecretArgs 

type GetSecretArgs struct {
	// Specifies the ID of the Key Vault instance where the Secret resides, available on the `keyvault.KeyVault` Data Source / Resource.
	KeyVaultId interface{}
	// Specifies the name of the Key Vault Secret.
	Name     interface{}
	VaultUri interface{}
}

A collection of arguments for invoking getSecret.

type GetSecretResult 

type GetSecretResult struct {
	// The content type for the Key Vault Secret.
	ContentType interface{}
	KeyVaultId  interface{}
	Name        interface{}
	// Any tags assigned to this resource.
	Tags interface{}
	// The value of the Key Vault Secret.
	Value    interface{}
	VaultUri interface{}
	// The current version of the Key Vault Secret.
	Version interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getSecret.

func LookupSecret 

func LookupSecret(ctx *pulumi.Context, args *GetSecretArgs) (*GetSecretResult, error)

Use this data source to access information about an existing Key Vault Secret.

> **Note:** All arguments including the secret value will be stored in the raw state as plain-text. [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/d/key_vault_secret.html.markdown.

type Key 

type Key struct {
	// contains filtered or unexported fields
}

Manages a Key Vault Key.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault_key.html.markdown.

func GetKey 

func GetKey(ctx *pulumi.Context,
	name string, id pulumi.ID, state *KeyState, opts ...pulumi.ResourceOpt) (*Key, error)

GetKey gets an existing Key resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKey 

func NewKey(ctx *pulumi.Context,
	name string, args *KeyArgs, opts ...pulumi.ResourceOpt) (*Key, error)

NewKey registers a new resource with the given unique name, arguments, and options.

func (*Key) Curve added in v0.19.1 

func (r *Key) Curve() pulumi.StringOutput

Specifies the curve to use when creating an `EC` key. Possible values are `P-256`, `P-384`, `P-521`, and `SECP256K1`. This field will be required in a future release if `keyType` is `EC` or `EC-HSM`. The API will default to `P-256` if nothing is specified. Changing this forces a new resource to be created.

func (*Key) E 

func (r *Key) E() pulumi.StringOutput

The RSA public exponent of this Key Vault Key.

func (*Key) ID 

func (r *Key) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Key) KeyOpts 

func (r *Key) KeyOpts() pulumi.ArrayOutput

A list of JSON web key operations. Possible values include: `decrypt`, `encrypt`, `sign`, `unwrapKey`, `verify` and `wrapKey`. Please note these values are case sensitive.

func (*Key) KeySize 

func (r *Key) KeySize() pulumi.IntOutput

Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. *Note*: This field is required if `keyType` is `RSA` or `RSA-HSM`. Changing this forces a new resource to be created.

func (*Key) KeyType 

func (r *Key) KeyType() pulumi.StringOutput

Specifies the Key Type to use for this Key Vault Key. Possible values are `EC` (Elliptic Curve), `EC-HSM`, `Oct` (Octet), `RSA` and `RSA-HSM`. Changing this forces a new resource to be created.

func (*Key) KeyVaultId added in v0.16.8 

func (r *Key) KeyVaultId() pulumi.StringOutput

The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created.

func (*Key) N 

func (r *Key) N() pulumi.StringOutput

The RSA modulus of this Key Vault Key.

func (*Key) Name 

func (r *Key) Name() pulumi.StringOutput

Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.

func (*Key) Tags 

func (r *Key) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (*Key) URN 

func (r *Key) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Key) VaultUri 

func (r *Key) VaultUri() pulumi.StringOutput

func (*Key) Version 

func (r *Key) Version() pulumi.StringOutput

The current version of the Key Vault Key.

func (*Key) X added in v0.19.1 

func (r *Key) X() pulumi.StringOutput

The EC X component of this Key Vault Key.

func (*Key) Y added in v0.19.1 

func (r *Key) Y() pulumi.StringOutput

The EC Y component of this Key Vault Key.

type KeyArgs 

type KeyArgs struct {
	// Specifies the curve to use when creating an `EC` key. Possible values are `P-256`, `P-384`, `P-521`, and `SECP256K1`. This field will be required in a future release if `keyType` is `EC` or `EC-HSM`. The API will default to `P-256` if nothing is specified. Changing this forces a new resource to be created.
	Curve interface{}
	// A list of JSON web key operations. Possible values include: `decrypt`, `encrypt`, `sign`, `unwrapKey`, `verify` and `wrapKey`. Please note these values are case sensitive.
	KeyOpts interface{}
	// Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. *Note*: This field is required if `keyType` is `RSA` or `RSA-HSM`. Changing this forces a new resource to be created.
	KeySize interface{}
	// Specifies the Key Type to use for this Key Vault Key. Possible values are `EC` (Elliptic Curve), `EC-HSM`, `Oct` (Octet), `RSA` and `RSA-HSM`. Changing this forces a new resource to be created.
	KeyType interface{}
	// The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created.
	KeyVaultId interface{}
	// Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.
	Name interface{}
	// A mapping of tags to assign to the resource.
	Tags     interface{}
	VaultUri interface{}
}

The set of arguments for constructing a Key resource.

type KeyState 

type KeyState struct {
	// Specifies the curve to use when creating an `EC` key. Possible values are `P-256`, `P-384`, `P-521`, and `SECP256K1`. This field will be required in a future release if `keyType` is `EC` or `EC-HSM`. The API will default to `P-256` if nothing is specified. Changing this forces a new resource to be created.
	Curve interface{}
	// The RSA public exponent of this Key Vault Key.
	E interface{}
	// A list of JSON web key operations. Possible values include: `decrypt`, `encrypt`, `sign`, `unwrapKey`, `verify` and `wrapKey`. Please note these values are case sensitive.
	KeyOpts interface{}
	// Specifies the Size of the RSA key to create in bytes. For example, 1024 or 2048. *Note*: This field is required if `keyType` is `RSA` or `RSA-HSM`. Changing this forces a new resource to be created.
	KeySize interface{}
	// Specifies the Key Type to use for this Key Vault Key. Possible values are `EC` (Elliptic Curve), `EC-HSM`, `Oct` (Octet), `RSA` and `RSA-HSM`. Changing this forces a new resource to be created.
	KeyType interface{}
	// The ID of the Key Vault where the Key should be created. Changing this forces a new resource to be created.
	KeyVaultId interface{}
	// The RSA modulus of this Key Vault Key.
	N interface{}
	// Specifies the name of the Key Vault Key. Changing this forces a new resource to be created.
	Name interface{}
	// A mapping of tags to assign to the resource.
	Tags     interface{}
	VaultUri interface{}
	// The current version of the Key Vault Key.
	Version interface{}
	// The EC X component of this Key Vault Key.
	X interface{}
	// The EC Y component of this Key Vault Key.
	Y interface{}
}

Input properties used for looking up and filtering Key resources.

type KeyVault 

type KeyVault struct {
	// contains filtered or unexported fields
}

Manages a Key Vault.

> **NOTE:** It's possible to define Key Vault Access Policies both within the `keyvault.KeyVault` resource via the `accessPolicy` block and by using the `keyvault.AccessPolicy` resource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault.html.markdown.

func GetKeyVault 

func GetKeyVault(ctx *pulumi.Context,
	name string, id pulumi.ID, state *KeyVaultState, opts ...pulumi.ResourceOpt) (*KeyVault, error)

GetKeyVault gets an existing KeyVault resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKeyVault 

func NewKeyVault(ctx *pulumi.Context,
	name string, args *KeyVaultArgs, opts ...pulumi.ResourceOpt) (*KeyVault, error)

NewKeyVault registers a new resource with the given unique name, arguments, and options.

func (*KeyVault) AccessPolicies 

func (r *KeyVault) AccessPolicies() pulumi.ArrayOutput

[A list](https://www.terraform.io/docs/configuration/attr-as-blocks.html) of up to 16 objects describing access policies, as described below.

func (*KeyVault) EnabledForDeployment 

func (r *KeyVault) EnabledForDeployment() pulumi.BoolOutput

Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to `false`.

func (*KeyVault) EnabledForDiskEncryption 

func (r *KeyVault) EnabledForDiskEncryption() pulumi.BoolOutput

Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to `false`.

func (*KeyVault) EnabledForTemplateDeployment 

func (r *KeyVault) EnabledForTemplateDeployment() pulumi.BoolOutput

Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to `false`.

func (*KeyVault) ID 

func (r *KeyVault) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*KeyVault) Location 

func (r *KeyVault) Location() pulumi.StringOutput

Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

func (*KeyVault) Name 

func (r *KeyVault) Name() pulumi.StringOutput

Specifies the name of the Key Vault. Changing this forces a new resource to be created.

func (*KeyVault) NetworkAcls added in v0.16.2 

func (r *KeyVault) NetworkAcls() pulumi.Output

A `networkAcls` block as defined below.

func (*KeyVault) ResourceGroupName 

func (r *KeyVault) ResourceGroupName() pulumi.StringOutput

The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.

func (*KeyVault) Sku 

func (r *KeyVault) Sku() pulumi.Output

) A `sku` block as described below.

func (*KeyVault) SkuName added in v0.19.1 

func (r *KeyVault) SkuName() pulumi.StringOutput

The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.

func (*KeyVault) Tags 

func (r *KeyVault) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (*KeyVault) TenantId 

func (r *KeyVault) TenantId() pulumi.StringOutput

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

func (*KeyVault) URN 

func (r *KeyVault) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*KeyVault) VaultUri 

func (r *KeyVault) VaultUri() pulumi.StringOutput

The URI of the Key Vault, used for performing operations on keys and secrets.

type KeyVaultArgs 

type KeyVaultArgs struct {
	// [A list](https://www.terraform.io/docs/configuration/attr-as-blocks.html) of up to 16 objects describing access policies, as described below.
	AccessPolicies interface{}
	// Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to `false`.
	EnabledForDeployment interface{}
	// Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to `false`.
	EnabledForDiskEncryption interface{}
	// Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to `false`.
	EnabledForTemplateDeployment interface{}
	// Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
	Location interface{}
	// Specifies the name of the Key Vault. Changing this forces a new resource to be created.
	Name interface{}
	// A `networkAcls` block as defined below.
	NetworkAcls interface{}
	// The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
	ResourceGroupName interface{}
	// ) A `sku` block as described below.
	Sku interface{}
	// The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
	SkuName interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
	TenantId interface{}
}

The set of arguments for constructing a KeyVault resource.

type KeyVaultState 

type KeyVaultState struct {
	// [A list](https://www.terraform.io/docs/configuration/attr-as-blocks.html) of up to 16 objects describing access policies, as described below.
	AccessPolicies interface{}
	// Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to `false`.
	EnabledForDeployment interface{}
	// Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to `false`.
	EnabledForDiskEncryption interface{}
	// Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to `false`.
	EnabledForTemplateDeployment interface{}
	// Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
	Location interface{}
	// Specifies the name of the Key Vault. Changing this forces a new resource to be created.
	Name interface{}
	// A `networkAcls` block as defined below.
	NetworkAcls interface{}
	// The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
	ResourceGroupName interface{}
	// ) A `sku` block as described below.
	Sku interface{}
	// The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
	SkuName interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
	TenantId interface{}
	// The URI of the Key Vault, used for performing operations on keys and secrets.
	VaultUri interface{}
}

Input properties used for looking up and filtering KeyVault resources.

type Secret 

type Secret struct {
	// contains filtered or unexported fields
}

Manages a Key Vault Secret.

> **Note:** All arguments including the secret value will be stored in the raw state as plain-text. [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).

> This content is derived from https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/website/docs/r/key_vault_secret.html.markdown.

func GetSecret 

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.ID, state *SecretState, opts ...pulumi.ResourceOpt) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret 

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOpt) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ContentType 

func (r *Secret) ContentType() pulumi.StringOutput

Specifies the content type for the Key Vault Secret.

func (*Secret) ExpirationDate added in v1.5.0 

func (r *Secret) ExpirationDate() pulumi.StringOutput

Expiration UTC datetime (Y-m-d'T'H:M:S'Z').

func (*Secret) ID 

func (r *Secret) ID() pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Secret) KeyVaultId added in v0.16.8 

func (r *Secret) KeyVaultId() pulumi.StringOutput

The ID of the Key Vault where the Secret should be created.

func (*Secret) Name 

func (r *Secret) Name() pulumi.StringOutput

Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.

func (*Secret) NotBeforeDate added in v1.5.0 

func (r *Secret) NotBeforeDate() pulumi.StringOutput

Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').

func (*Secret) Tags 

func (r *Secret) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (*Secret) URN 

func (r *Secret) URN() pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*Secret) Value 

func (r *Secret) Value() pulumi.StringOutput

Specifies the value of the Key Vault Secret.

func (*Secret) VaultUri 

func (r *Secret) VaultUri() pulumi.StringOutput

func (*Secret) Version 

func (r *Secret) Version() pulumi.StringOutput

The current version of the Key Vault Secret.

type SecretArgs 

type SecretArgs struct {
	// Specifies the content type for the Key Vault Secret.
	ContentType interface{}
	// Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
	ExpirationDate interface{}
	// The ID of the Key Vault where the Secret should be created.
	KeyVaultId interface{}
	// Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
	Name interface{}
	// Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
	NotBeforeDate interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// Specifies the value of the Key Vault Secret.
	Value    interface{}
	VaultUri interface{}
}

The set of arguments for constructing a Secret resource.

type SecretState 

type SecretState struct {
	// Specifies the content type for the Key Vault Secret.
	ContentType interface{}
	// Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
	ExpirationDate interface{}
	// The ID of the Key Vault where the Secret should be created.
	KeyVaultId interface{}
	// Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
	Name interface{}
	// Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
	NotBeforeDate interface{}
	// A mapping of tags to assign to the resource.
	Tags interface{}
	// Specifies the value of the Key Vault Secret.
	Value    interface{}
	VaultUri interface{}
	// The current version of the Key Vault Secret.
	Version interface{}
}

Input properties used for looking up and filtering Secret resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.