com.pulumi.azure.keyvault.KeyVaultArgs Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.keyvault;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultContactArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultNetworkAclsArgs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import com.pulumi.exceptions.MissingRequiredPropertyException;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class KeyVaultArgs extends com.pulumi.resources.ResourceArgs {
public static final KeyVaultArgs Empty = new KeyVaultArgs();
/**
* A list of up to 1024 objects describing access policies, as described below.
*
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*
*/
@Import(name="accessPolicies")
private @Nullable Output> accessPolicies;
/**
* @return A list of up to 1024 objects describing access policies, as described below.
*
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*
*/
public Optional>> accessPolicies() {
return Optional.ofNullable(this.accessPolicies);
}
/**
* One or more `contact` block as defined below.
*
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
*
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*
* @deprecated
* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself.
*
*/
@Deprecated /* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself. */
@Import(name="contacts")
private @Nullable Output> contacts;
/**
* @return One or more `contact` block as defined below.
*
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
*
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*
* @deprecated
* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself.
*
*/
@Deprecated /* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself. */
public Optional>> contacts() {
return Optional.ofNullable(this.contacts);
}
/**
* Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
*
*/
@Import(name="enableRbacAuthorization")
private @Nullable Output enableRbacAuthorization;
/**
* @return Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
*
*/
public Optional> enableRbacAuthorization() {
return Optional.ofNullable(this.enableRbacAuthorization);
}
/**
* Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
*
*/
@Import(name="enabledForDeployment")
private @Nullable Output enabledForDeployment;
/**
* @return Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
*
*/
public Optional> enabledForDeployment() {
return Optional.ofNullable(this.enabledForDeployment);
}
/**
* Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
*
*/
@Import(name="enabledForDiskEncryption")
private @Nullable Output enabledForDiskEncryption;
/**
* @return Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
*
*/
public Optional> enabledForDiskEncryption() {
return Optional.ofNullable(this.enabledForDiskEncryption);
}
/**
* Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
*
*/
@Import(name="enabledForTemplateDeployment")
private @Nullable Output enabledForTemplateDeployment;
/**
* @return Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
*
*/
public Optional> enabledForTemplateDeployment() {
return Optional.ofNullable(this.enabledForTemplateDeployment);
}
/**
* Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
*/
@Import(name="location")
private @Nullable Output location;
/**
* @return Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
*/
public Optional> location() {
return Optional.ofNullable(this.location);
}
/**
* Specifies the name of the Key Vault. Changing this forces a new resource to be created. The name must be globally unique. If the vault is in a recoverable state then the vault will need to be purged before reusing the name.
*
*/
@Import(name="name")
private @Nullable Output name;
/**
* @return Specifies the name of the Key Vault. Changing this forces a new resource to be created. The name must be globally unique. If the vault is in a recoverable state then the vault will need to be purged before reusing the name.
*
*/
public Optional> name() {
return Optional.ofNullable(this.name);
}
/**
* A `network_acls` block as defined below.
*
*/
@Import(name="networkAcls")
private @Nullable Output networkAcls;
/**
* @return A `network_acls` block as defined below.
*
*/
public Optional> networkAcls() {
return Optional.ofNullable(this.networkAcls);
}
/**
* Whether public network access is allowed for this Key Vault. Defaults to `true`.
*
*/
@Import(name="publicNetworkAccessEnabled")
private @Nullable Output publicNetworkAccessEnabled;
/**
* @return Whether public network access is allowed for this Key Vault. Defaults to `true`.
*
*/
public Optional> publicNetworkAccessEnabled() {
return Optional.ofNullable(this.publicNetworkAccessEnabled);
}
/**
* Is Purge Protection enabled for this Key Vault?
*
* !> **Note:** Once Purge Protection has been Enabled it's not possible to Disable it. Support for [disabling purge protection is being tracked in this Azure API issue](https://github.com/Azure/azure-rest-api-specs/issues/8075). Deleting the Key Vault with Purge Protection Enabled will schedule the Key Vault to be deleted (which will happen by Azure in the configured number of days, currently 90 days).
*
*/
@Import(name="purgeProtectionEnabled")
private @Nullable Output purgeProtectionEnabled;
/**
* @return Is Purge Protection enabled for this Key Vault?
*
* !> **Note:** Once Purge Protection has been Enabled it's not possible to Disable it. Support for [disabling purge protection is being tracked in this Azure API issue](https://github.com/Azure/azure-rest-api-specs/issues/8075). Deleting the Key Vault with Purge Protection Enabled will schedule the Key Vault to be deleted (which will happen by Azure in the configured number of days, currently 90 days).
*
*/
public Optional> purgeProtectionEnabled() {
return Optional.ofNullable(this.purgeProtectionEnabled);
}
/**
* The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
*
*/
@Import(name="resourceGroupName", required=true)
private Output resourceGroupName;
/**
* @return The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
*
*/
public Output resourceGroupName() {
return this.resourceGroupName;
}
/**
* The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
*
*/
@Import(name="skuName", required=true)
private Output skuName;
/**
* @return The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
*
*/
public Output skuName() {
return this.skuName;
}
/**
* The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
*
* > **Note:** This field can only be configured one time and cannot be updated.
*
* <!-- TODO: Remove `contact` and Notes in 4.0 -->
*
*/
@Import(name="softDeleteRetentionDays")
private @Nullable Output softDeleteRetentionDays;
/**
* @return The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
*
* > **Note:** This field can only be configured one time and cannot be updated.
*
* <!-- TODO: Remove `contact` and Notes in 4.0 -->
*
*/
public Optional> softDeleteRetentionDays() {
return Optional.ofNullable(this.softDeleteRetentionDays);
}
/**
* A mapping of tags to assign to the resource.
*
*/
@Import(name="tags")
private @Nullable Output> tags;
/**
* @return A mapping of tags to assign to the resource.
*
*/
public Optional>> tags() {
return Optional.ofNullable(this.tags);
}
/**
* The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
*
*/
@Import(name="tenantId", required=true)
private Output tenantId;
/**
* @return The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
*
*/
public Output tenantId() {
return this.tenantId;
}
private KeyVaultArgs() {}
private KeyVaultArgs(KeyVaultArgs $) {
this.accessPolicies = $.accessPolicies;
this.contacts = $.contacts;
this.enableRbacAuthorization = $.enableRbacAuthorization;
this.enabledForDeployment = $.enabledForDeployment;
this.enabledForDiskEncryption = $.enabledForDiskEncryption;
this.enabledForTemplateDeployment = $.enabledForTemplateDeployment;
this.location = $.location;
this.name = $.name;
this.networkAcls = $.networkAcls;
this.publicNetworkAccessEnabled = $.publicNetworkAccessEnabled;
this.purgeProtectionEnabled = $.purgeProtectionEnabled;
this.resourceGroupName = $.resourceGroupName;
this.skuName = $.skuName;
this.softDeleteRetentionDays = $.softDeleteRetentionDays;
this.tags = $.tags;
this.tenantId = $.tenantId;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(KeyVaultArgs defaults) {
return new Builder(defaults);
}
public static final class Builder {
private KeyVaultArgs $;
public Builder() {
$ = new KeyVaultArgs();
}
public Builder(KeyVaultArgs defaults) {
$ = new KeyVaultArgs(Objects.requireNonNull(defaults));
}
/**
* @param accessPolicies A list of up to 1024 objects describing access policies, as described below.
*
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*
* @return builder
*
*/
public Builder accessPolicies(@Nullable Output> accessPolicies) {
$.accessPolicies = accessPolicies;
return this;
}
/**
* @param accessPolicies A list of up to 1024 objects describing access policies, as described below.
*
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*
* @return builder
*
*/
public Builder accessPolicies(List accessPolicies) {
return accessPolicies(Output.of(accessPolicies));
}
/**
* @param accessPolicies A list of up to 1024 objects describing access policies, as described below.
*
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*
* @return builder
*
*/
public Builder accessPolicies(KeyVaultAccessPolicyArgs... accessPolicies) {
return accessPolicies(List.of(accessPolicies));
}
/**
* @param contacts One or more `contact` block as defined below.
*
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
*
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*
* @return builder
*
* @deprecated
* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself.
*
*/
@Deprecated /* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself. */
public Builder contacts(@Nullable Output> contacts) {
$.contacts = contacts;
return this;
}
/**
* @param contacts One or more `contact` block as defined below.
*
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
*
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*
* @return builder
*
* @deprecated
* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself.
*
*/
@Deprecated /* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself. */
public Builder contacts(List contacts) {
return contacts(Output.of(contacts));
}
/**
* @param contacts One or more `contact` block as defined below.
*
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
*
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*
* @return builder
*
* @deprecated
* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself.
*
*/
@Deprecated /* As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, new key vaults with the `contact` field defined in the configuration file will now be required to use the `azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the key vault resource itself. */
public Builder contacts(KeyVaultContactArgs... contacts) {
return contacts(List.of(contacts));
}
/**
* @param enableRbacAuthorization Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
*
* @return builder
*
*/
public Builder enableRbacAuthorization(@Nullable Output enableRbacAuthorization) {
$.enableRbacAuthorization = enableRbacAuthorization;
return this;
}
/**
* @param enableRbacAuthorization Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
*
* @return builder
*
*/
public Builder enableRbacAuthorization(Boolean enableRbacAuthorization) {
return enableRbacAuthorization(Output.of(enableRbacAuthorization));
}
/**
* @param enabledForDeployment Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
*
* @return builder
*
*/
public Builder enabledForDeployment(@Nullable Output enabledForDeployment) {
$.enabledForDeployment = enabledForDeployment;
return this;
}
/**
* @param enabledForDeployment Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
*
* @return builder
*
*/
public Builder enabledForDeployment(Boolean enabledForDeployment) {
return enabledForDeployment(Output.of(enabledForDeployment));
}
/**
* @param enabledForDiskEncryption Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
*
* @return builder
*
*/
public Builder enabledForDiskEncryption(@Nullable Output enabledForDiskEncryption) {
$.enabledForDiskEncryption = enabledForDiskEncryption;
return this;
}
/**
* @param enabledForDiskEncryption Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
*
* @return builder
*
*/
public Builder enabledForDiskEncryption(Boolean enabledForDiskEncryption) {
return enabledForDiskEncryption(Output.of(enabledForDiskEncryption));
}
/**
* @param enabledForTemplateDeployment Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
*
* @return builder
*
*/
public Builder enabledForTemplateDeployment(@Nullable Output enabledForTemplateDeployment) {
$.enabledForTemplateDeployment = enabledForTemplateDeployment;
return this;
}
/**
* @param enabledForTemplateDeployment Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
*
* @return builder
*
*/
public Builder enabledForTemplateDeployment(Boolean enabledForTemplateDeployment) {
return enabledForTemplateDeployment(Output.of(enabledForTemplateDeployment));
}
/**
* @param location Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
* @return builder
*
*/
public Builder location(@Nullable Output location) {
$.location = location;
return this;
}
/**
* @param location Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*
* @return builder
*
*/
public Builder location(String location) {
return location(Output.of(location));
}
/**
* @param name Specifies the name of the Key Vault. Changing this forces a new resource to be created. The name must be globally unique. If the vault is in a recoverable state then the vault will need to be purged before reusing the name.
*
* @return builder
*
*/
public Builder name(@Nullable Output name) {
$.name = name;
return this;
}
/**
* @param name Specifies the name of the Key Vault. Changing this forces a new resource to be created. The name must be globally unique. If the vault is in a recoverable state then the vault will need to be purged before reusing the name.
*
* @return builder
*
*/
public Builder name(String name) {
return name(Output.of(name));
}
/**
* @param networkAcls A `network_acls` block as defined below.
*
* @return builder
*
*/
public Builder networkAcls(@Nullable Output networkAcls) {
$.networkAcls = networkAcls;
return this;
}
/**
* @param networkAcls A `network_acls` block as defined below.
*
* @return builder
*
*/
public Builder networkAcls(KeyVaultNetworkAclsArgs networkAcls) {
return networkAcls(Output.of(networkAcls));
}
/**
* @param publicNetworkAccessEnabled Whether public network access is allowed for this Key Vault. Defaults to `true`.
*
* @return builder
*
*/
public Builder publicNetworkAccessEnabled(@Nullable Output publicNetworkAccessEnabled) {
$.publicNetworkAccessEnabled = publicNetworkAccessEnabled;
return this;
}
/**
* @param publicNetworkAccessEnabled Whether public network access is allowed for this Key Vault. Defaults to `true`.
*
* @return builder
*
*/
public Builder publicNetworkAccessEnabled(Boolean publicNetworkAccessEnabled) {
return publicNetworkAccessEnabled(Output.of(publicNetworkAccessEnabled));
}
/**
* @param purgeProtectionEnabled Is Purge Protection enabled for this Key Vault?
*
* !> **Note:** Once Purge Protection has been Enabled it's not possible to Disable it. Support for [disabling purge protection is being tracked in this Azure API issue](https://github.com/Azure/azure-rest-api-specs/issues/8075). Deleting the Key Vault with Purge Protection Enabled will schedule the Key Vault to be deleted (which will happen by Azure in the configured number of days, currently 90 days).
*
* @return builder
*
*/
public Builder purgeProtectionEnabled(@Nullable Output purgeProtectionEnabled) {
$.purgeProtectionEnabled = purgeProtectionEnabled;
return this;
}
/**
* @param purgeProtectionEnabled Is Purge Protection enabled for this Key Vault?
*
* !> **Note:** Once Purge Protection has been Enabled it's not possible to Disable it. Support for [disabling purge protection is being tracked in this Azure API issue](https://github.com/Azure/azure-rest-api-specs/issues/8075). Deleting the Key Vault with Purge Protection Enabled will schedule the Key Vault to be deleted (which will happen by Azure in the configured number of days, currently 90 days).
*
* @return builder
*
*/
public Builder purgeProtectionEnabled(Boolean purgeProtectionEnabled) {
return purgeProtectionEnabled(Output.of(purgeProtectionEnabled));
}
/**
* @param resourceGroupName The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
*
* @return builder
*
*/
public Builder resourceGroupName(Output resourceGroupName) {
$.resourceGroupName = resourceGroupName;
return this;
}
/**
* @param resourceGroupName The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
*
* @return builder
*
*/
public Builder resourceGroupName(String resourceGroupName) {
return resourceGroupName(Output.of(resourceGroupName));
}
/**
* @param skuName The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
*
* @return builder
*
*/
public Builder skuName(Output skuName) {
$.skuName = skuName;
return this;
}
/**
* @param skuName The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
*
* @return builder
*
*/
public Builder skuName(String skuName) {
return skuName(Output.of(skuName));
}
/**
* @param softDeleteRetentionDays The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
*
* > **Note:** This field can only be configured one time and cannot be updated.
*
* <!-- TODO: Remove `contact` and Notes in 4.0 -->
*
* @return builder
*
*/
public Builder softDeleteRetentionDays(@Nullable Output softDeleteRetentionDays) {
$.softDeleteRetentionDays = softDeleteRetentionDays;
return this;
}
/**
* @param softDeleteRetentionDays The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
*
* > **Note:** This field can only be configured one time and cannot be updated.
*
* <!-- TODO: Remove `contact` and Notes in 4.0 -->
*
* @return builder
*
*/
public Builder softDeleteRetentionDays(Integer softDeleteRetentionDays) {
return softDeleteRetentionDays(Output.of(softDeleteRetentionDays));
}
/**
* @param tags A mapping of tags to assign to the resource.
*
* @return builder
*
*/
public Builder tags(@Nullable Output> tags) {
$.tags = tags;
return this;
}
/**
* @param tags A mapping of tags to assign to the resource.
*
* @return builder
*
*/
public Builder tags(Map tags) {
return tags(Output.of(tags));
}
/**
* @param tenantId The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
*
* @return builder
*
*/
public Builder tenantId(Output tenantId) {
$.tenantId = tenantId;
return this;
}
/**
* @param tenantId The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
*
* @return builder
*
*/
public Builder tenantId(String tenantId) {
return tenantId(Output.of(tenantId));
}
public KeyVaultArgs build() {
if ($.resourceGroupName == null) {
throw new MissingRequiredPropertyException("KeyVaultArgs", "resourceGroupName");
}
if ($.skuName == null) {
throw new MissingRequiredPropertyException("KeyVaultArgs", "skuName");
}
if ($.tenantId == null) {
throw new MissingRequiredPropertyException("KeyVaultArgs", "tenantId");
}
return $;
}
}
}