com.pulumi.azure.compute.kotlin.DiskEncryptionSetArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.compute.kotlin
import com.pulumi.azure.compute.DiskEncryptionSetArgs.builder
import com.pulumi.azure.compute.kotlin.inputs.DiskEncryptionSetIdentityArgs
import com.pulumi.azure.compute.kotlin.inputs.DiskEncryptionSetIdentityArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Manages a Disk Encryption Set.
* > **NOTE:** At this time the Key Vault used to store the Active Key for this Disk Encryption Set must have both Soft Delete & Purge Protection enabled - which are not yet supported by this provider.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "des-example-keyvault",
* location: example.location,
* resourceGroupName: example.name,
* tenantId: current.then(current => current.tenantId),
* skuName: "premium",
* enabledForDiskEncryption: true,
* purgeProtectionEnabled: true,
* });
* const exampleKey = new azure.keyvault.Key("example", {
* name: "des-example-key",
* keyVaultId: exampleKeyVault.id,
* keyType: "RSA",
* keySize: 2048,
* keyOpts: [
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* });
* const exampleDiskEncryptionSet = new azure.compute.DiskEncryptionSet("example", {
* name: "des",
* resourceGroupName: example.name,
* location: example.location,
* keyVaultKeyId: exampleKey.id,
* identity: {
* type: "SystemAssigned",
* },
* });
* const example_disk = new azure.keyvault.AccessPolicy("example-disk", {
* keyVaultId: exampleKeyVault.id,
* tenantId: exampleDiskEncryptionSet.identity.apply(identity => identity.tenantId),
* objectId: exampleDiskEncryptionSet.identity.apply(identity => identity.principalId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ],
* });
* const example_user = new azure.keyvault.AccessPolicy("example-user", {
* keyVaultId: exampleKeyVault.id,
* tenantId: current.then(current => current.tenantId),
* objectId: current.then(current => current.objectId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ],
* });
* const example_diskAssignment = new azure.authorization.Assignment("example-disk", {
* scope: exampleKeyVault.id,
* roleDefinitionName: "Key Vault Crypto Service Encryption User",
* principalId: exampleDiskEncryptionSet.identity.apply(identity => identity.principalId),
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_key_vault = azure.keyvault.KeyVault("example",
* name="des-example-keyvault",
* location=example.location,
* resource_group_name=example.name,
* tenant_id=current.tenant_id,
* sku_name="premium",
* enabled_for_disk_encryption=True,
* purge_protection_enabled=True)
* example_key = azure.keyvault.Key("example",
* name="des-example-key",
* key_vault_id=example_key_vault.id,
* key_type="RSA",
* key_size=2048,
* key_opts=[
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ])
* example_disk_encryption_set = azure.compute.DiskEncryptionSet("example",
* name="des",
* resource_group_name=example.name,
* location=example.location,
* key_vault_key_id=example_key.id,
* identity=azure.compute.DiskEncryptionSetIdentityArgs(
* type="SystemAssigned",
* ))
* example_disk = azure.keyvault.AccessPolicy("example-disk",
* key_vault_id=example_key_vault.id,
* tenant_id=example_disk_encryption_set.identity.tenant_id,
* object_id=example_disk_encryption_set.identity.principal_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ])
* example_user = azure.keyvault.AccessPolicy("example-user",
* key_vault_id=example_key_vault.id,
* tenant_id=current.tenant_id,
* object_id=current.object_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ])
* example_disk_assignment = azure.authorization.Assignment("example-disk",
* scope=example_key_vault.id,
* role_definition_name="Key Vault Crypto Service Encryption User",
* principal_id=example_disk_encryption_set.identity.principal_id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "des-example-keyvault",
* Location = example.Location,
* ResourceGroupName = example.Name,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* SkuName = "premium",
* EnabledForDiskEncryption = true,
* PurgeProtectionEnabled = true,
* });
* var exampleKey = new Azure.KeyVault.Key("example", new()
* {
* Name = "des-example-key",
* KeyVaultId = exampleKeyVault.Id,
* KeyType = "RSA",
* KeySize = 2048,
* KeyOpts = new[]
* {
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* },
* });
* var exampleDiskEncryptionSet = new Azure.Compute.DiskEncryptionSet("example", new()
* {
* Name = "des",
* ResourceGroupName = example.Name,
* Location = example.Location,
* KeyVaultKeyId = exampleKey.Id,
* Identity = new Azure.Compute.Inputs.DiskEncryptionSetIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var example_disk = new Azure.KeyVault.AccessPolicy("example-disk", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.TenantId),
* ObjectId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.PrincipalId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* },
* });
* var example_user = new Azure.KeyVault.AccessPolicy("example-user", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* },
* });
* var example_diskAssignment = new Azure.Authorization.Assignment("example-disk", new()
* {
* Scope = exampleKeyVault.Id,
* RoleDefinitionName = "Key Vault Crypto Service Encryption User",
* PrincipalId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.PrincipalId),
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/compute"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("des-example-keyvault"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* TenantId: pulumi.String(current.TenantId),
* SkuName: pulumi.String("premium"),
* EnabledForDiskEncryption: pulumi.Bool(true),
* PurgeProtectionEnabled: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
* Name: pulumi.String("des-example-key"),
* KeyVaultId: exampleKeyVault.ID(),
* KeyType: pulumi.String("RSA"),
* KeySize: pulumi.Int(2048),
* KeyOpts: pulumi.StringArray{
* pulumi.String("decrypt"),
* pulumi.String("encrypt"),
* pulumi.String("sign"),
* pulumi.String("unwrapKey"),
* pulumi.String("verify"),
* pulumi.String("wrapKey"),
* },
* })
* if err != nil {
* return err
* }
* exampleDiskEncryptionSet, err := compute.NewDiskEncryptionSet(ctx, "example", &compute.DiskEncryptionSetArgs{
* Name: pulumi.String("des"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* KeyVaultKeyId: exampleKey.ID(),
* Identity: &compute.DiskEncryptionSetIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "example-disk", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.TenantId, nil
* }).(pulumi.StringPtrOutput),
* ObjectId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* },
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "example-user", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: pulumi.String(current.TenantId),
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* pulumi.String("GetRotationPolicy"),
* },
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "example-disk", &authorization.AssignmentArgs{
* Scope: exampleKeyVault.ID(),
* RoleDefinitionName: pulumi.String("Key Vault Crypto Service Encryption User"),
* PrincipalId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.Key;
* import com.pulumi.azure.keyvault.KeyArgs;
* import com.pulumi.azure.compute.DiskEncryptionSet;
* import com.pulumi.azure.compute.DiskEncryptionSetArgs;
* import com.pulumi.azure.compute.inputs.DiskEncryptionSetIdentityArgs;
* import com.pulumi.azure.keyvault.AccessPolicy;
* import com.pulumi.azure.keyvault.AccessPolicyArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("des-example-keyvault")
* .location(example.location())
* .resourceGroupName(example.name())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .skuName("premium")
* .enabledForDiskEncryption(true)
* .purgeProtectionEnabled(true)
* .build());
* var exampleKey = new Key("exampleKey", KeyArgs.builder()
* .name("des-example-key")
* .keyVaultId(exampleKeyVault.id())
* .keyType("RSA")
* .keySize(2048)
* .keyOpts(
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey")
* .build());
* var exampleDiskEncryptionSet = new DiskEncryptionSet("exampleDiskEncryptionSet", DiskEncryptionSetArgs.builder()
* .name("des")
* .resourceGroupName(example.name())
* .location(example.location())
* .keyVaultKeyId(exampleKey.id())
* .identity(DiskEncryptionSetIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var example_disk = new AccessPolicy("example-disk", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.tenantId()))
* .objectId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.principalId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign")
* .build());
* var example_user = new AccessPolicy("example-user", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy")
* .build());
* var example_diskAssignment = new Assignment("example-diskAssignment", AssignmentArgs.builder()
* .scope(exampleKeyVault.id())
* .roleDefinitionName("Key Vault Crypto Service Encryption User")
* .principalId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.principalId()))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: des-example-keyvault
* location: ${example.location}
* resourceGroupName: ${example.name}
* tenantId: ${current.tenantId}
* skuName: premium
* enabledForDiskEncryption: true
* purgeProtectionEnabled: true
* exampleKey:
* type: azure:keyvault:Key
* name: example
* properties:
* name: des-example-key
* keyVaultId: ${exampleKeyVault.id}
* keyType: RSA
* keySize: 2048
* keyOpts:
* - decrypt
* - encrypt
* - sign
* - unwrapKey
* - verify
* - wrapKey
* exampleDiskEncryptionSet:
* type: azure:compute:DiskEncryptionSet
* name: example
* properties:
* name: des
* resourceGroupName: ${example.name}
* location: ${example.location}
* keyVaultKeyId: ${exampleKey.id}
* identity:
* type: SystemAssigned
* example-disk:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${exampleDiskEncryptionSet.identity.tenantId}
* objectId: ${exampleDiskEncryptionSet.identity.principalId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* example-user:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${current.tenantId}
* objectId: ${current.objectId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* - GetRotationPolicy
* example-diskAssignment:
* type: azure:authorization:Assignment
* name: example-disk
* properties:
* scope: ${exampleKeyVault.id}
* roleDefinitionName: Key Vault Crypto Service Encryption User
* principalId: ${exampleDiskEncryptionSet.identity.principalId}
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ### With Automatic Key Rotation Enabled
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "des-example-keyvault",
* location: example.location,
* resourceGroupName: example.name,
* tenantId: current.then(current => current.tenantId),
* skuName: "premium",
* enabledForDiskEncryption: true,
* purgeProtectionEnabled: true,
* });
* const exampleKey = new azure.keyvault.Key("example", {
* name: "des-example-key",
* keyVaultId: exampleKeyVault.id,
* keyType: "RSA",
* keySize: 2048,
* keyOpts: [
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* });
* const exampleDiskEncryptionSet = new azure.compute.DiskEncryptionSet("example", {
* name: "des",
* resourceGroupName: example.name,
* location: example.location,
* keyVaultKeyId: exampleKey.versionlessId,
* autoKeyRotationEnabled: true,
* identity: {
* type: "SystemAssigned",
* },
* });
* const example_disk = new azure.keyvault.AccessPolicy("example-disk", {
* keyVaultId: exampleKeyVault.id,
* tenantId: exampleDiskEncryptionSet.identity.apply(identity => identity.tenantId),
* objectId: exampleDiskEncryptionSet.identity.apply(identity => identity.principalId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ],
* });
* const example_user = new azure.keyvault.AccessPolicy("example-user", {
* keyVaultId: exampleKeyVault.id,
* tenantId: current.then(current => current.tenantId),
* objectId: current.then(current => current.objectId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ],
* });
* const example_diskAssignment = new azure.authorization.Assignment("example-disk", {
* scope: exampleKeyVault.id,
* roleDefinitionName: "Key Vault Crypto Service Encryption User",
* principalId: exampleDiskEncryptionSet.identity.apply(identity => identity.principalId),
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_key_vault = azure.keyvault.KeyVault("example",
* name="des-example-keyvault",
* location=example.location,
* resource_group_name=example.name,
* tenant_id=current.tenant_id,
* sku_name="premium",
* enabled_for_disk_encryption=True,
* purge_protection_enabled=True)
* example_key = azure.keyvault.Key("example",
* name="des-example-key",
* key_vault_id=example_key_vault.id,
* key_type="RSA",
* key_size=2048,
* key_opts=[
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ])
* example_disk_encryption_set = azure.compute.DiskEncryptionSet("example",
* name="des",
* resource_group_name=example.name,
* location=example.location,
* key_vault_key_id=example_key.versionless_id,
* auto_key_rotation_enabled=True,
* identity=azure.compute.DiskEncryptionSetIdentityArgs(
* type="SystemAssigned",
* ))
* example_disk = azure.keyvault.AccessPolicy("example-disk",
* key_vault_id=example_key_vault.id,
* tenant_id=example_disk_encryption_set.identity.tenant_id,
* object_id=example_disk_encryption_set.identity.principal_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ])
* example_user = azure.keyvault.AccessPolicy("example-user",
* key_vault_id=example_key_vault.id,
* tenant_id=current.tenant_id,
* object_id=current.object_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ])
* example_disk_assignment = azure.authorization.Assignment("example-disk",
* scope=example_key_vault.id,
* role_definition_name="Key Vault Crypto Service Encryption User",
* principal_id=example_disk_encryption_set.identity.principal_id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "des-example-keyvault",
* Location = example.Location,
* ResourceGroupName = example.Name,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* SkuName = "premium",
* EnabledForDiskEncryption = true,
* PurgeProtectionEnabled = true,
* });
* var exampleKey = new Azure.KeyVault.Key("example", new()
* {
* Name = "des-example-key",
* KeyVaultId = exampleKeyVault.Id,
* KeyType = "RSA",
* KeySize = 2048,
* KeyOpts = new[]
* {
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* },
* });
* var exampleDiskEncryptionSet = new Azure.Compute.DiskEncryptionSet("example", new()
* {
* Name = "des",
* ResourceGroupName = example.Name,
* Location = example.Location,
* KeyVaultKeyId = exampleKey.VersionlessId,
* AutoKeyRotationEnabled = true,
* Identity = new Azure.Compute.Inputs.DiskEncryptionSetIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var example_disk = new Azure.KeyVault.AccessPolicy("example-disk", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.TenantId),
* ObjectId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.PrincipalId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* },
* });
* var example_user = new Azure.KeyVault.AccessPolicy("example-user", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* },
* });
* var example_diskAssignment = new Azure.Authorization.Assignment("example-disk", new()
* {
* Scope = exampleKeyVault.Id,
* RoleDefinitionName = "Key Vault Crypto Service Encryption User",
* PrincipalId = exampleDiskEncryptionSet.Identity.Apply(identity => identity.PrincipalId),
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/compute"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("des-example-keyvault"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* TenantId: pulumi.String(current.TenantId),
* SkuName: pulumi.String("premium"),
* EnabledForDiskEncryption: pulumi.Bool(true),
* PurgeProtectionEnabled: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
* Name: pulumi.String("des-example-key"),
* KeyVaultId: exampleKeyVault.ID(),
* KeyType: pulumi.String("RSA"),
* KeySize: pulumi.Int(2048),
* KeyOpts: pulumi.StringArray{
* pulumi.String("decrypt"),
* pulumi.String("encrypt"),
* pulumi.String("sign"),
* pulumi.String("unwrapKey"),
* pulumi.String("verify"),
* pulumi.String("wrapKey"),
* },
* })
* if err != nil {
* return err
* }
* exampleDiskEncryptionSet, err := compute.NewDiskEncryptionSet(ctx, "example", &compute.DiskEncryptionSetArgs{
* Name: pulumi.String("des"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* KeyVaultKeyId: exampleKey.VersionlessId,
* AutoKeyRotationEnabled: pulumi.Bool(true),
* Identity: &compute.DiskEncryptionSetIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "example-disk", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.TenantId, nil
* }).(pulumi.StringPtrOutput),
* ObjectId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* },
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "example-user", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: pulumi.String(current.TenantId),
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* pulumi.String("GetRotationPolicy"),
* },
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "example-disk", &authorization.AssignmentArgs{
* Scope: exampleKeyVault.ID(),
* RoleDefinitionName: pulumi.String("Key Vault Crypto Service Encryption User"),
* PrincipalId: exampleDiskEncryptionSet.Identity.ApplyT(func(identity compute.DiskEncryptionSetIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.Key;
* import com.pulumi.azure.keyvault.KeyArgs;
* import com.pulumi.azure.compute.DiskEncryptionSet;
* import com.pulumi.azure.compute.DiskEncryptionSetArgs;
* import com.pulumi.azure.compute.inputs.DiskEncryptionSetIdentityArgs;
* import com.pulumi.azure.keyvault.AccessPolicy;
* import com.pulumi.azure.keyvault.AccessPolicyArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("des-example-keyvault")
* .location(example.location())
* .resourceGroupName(example.name())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .skuName("premium")
* .enabledForDiskEncryption(true)
* .purgeProtectionEnabled(true)
* .build());
* var exampleKey = new Key("exampleKey", KeyArgs.builder()
* .name("des-example-key")
* .keyVaultId(exampleKeyVault.id())
* .keyType("RSA")
* .keySize(2048)
* .keyOpts(
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey")
* .build());
* var exampleDiskEncryptionSet = new DiskEncryptionSet("exampleDiskEncryptionSet", DiskEncryptionSetArgs.builder()
* .name("des")
* .resourceGroupName(example.name())
* .location(example.location())
* .keyVaultKeyId(exampleKey.versionlessId())
* .autoKeyRotationEnabled(true)
* .identity(DiskEncryptionSetIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var example_disk = new AccessPolicy("example-disk", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.tenantId()))
* .objectId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.principalId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign")
* .build());
* var example_user = new AccessPolicy("example-user", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy")
* .build());
* var example_diskAssignment = new Assignment("example-diskAssignment", AssignmentArgs.builder()
* .scope(exampleKeyVault.id())
* .roleDefinitionName("Key Vault Crypto Service Encryption User")
* .principalId(exampleDiskEncryptionSet.identity().applyValue(identity -> identity.principalId()))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: des-example-keyvault
* location: ${example.location}
* resourceGroupName: ${example.name}
* tenantId: ${current.tenantId}
* skuName: premium
* enabledForDiskEncryption: true
* purgeProtectionEnabled: true
* exampleKey:
* type: azure:keyvault:Key
* name: example
* properties:
* name: des-example-key
* keyVaultId: ${exampleKeyVault.id}
* keyType: RSA
* keySize: 2048
* keyOpts:
* - decrypt
* - encrypt
* - sign
* - unwrapKey
* - verify
* - wrapKey
* exampleDiskEncryptionSet:
* type: azure:compute:DiskEncryptionSet
* name: example
* properties:
* name: des
* resourceGroupName: ${example.name}
* location: ${example.location}
* keyVaultKeyId: ${exampleKey.versionlessId}
* autoKeyRotationEnabled: true
* identity:
* type: SystemAssigned
* example-disk:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${exampleDiskEncryptionSet.identity.tenantId}
* objectId: ${exampleDiskEncryptionSet.identity.principalId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* example-user:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${current.tenantId}
* objectId: ${current.objectId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* - GetRotationPolicy
* example-diskAssignment:
* type: azure:authorization:Assignment
* name: example-disk
* properties:
* scope: ${exampleKeyVault.id}
* roleDefinitionName: Key Vault Crypto Service Encryption User
* principalId: ${exampleDiskEncryptionSet.identity.principalId}
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Disk Encryption Sets can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:compute/diskEncryptionSet:DiskEncryptionSet example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Compute/diskEncryptionSets/encryptionSet1
* ```
* @property autoKeyRotationEnabled
* @property encryptionType The type of key used to encrypt the data of the disk. Possible values are `EncryptionAtRestWithCustomerKey`, `EncryptionAtRestWithPlatformAndCustomerKeys` and `ConfidentialVmEncryptedWithCustomerKey`. Defaults to `EncryptionAtRestWithCustomerKey`. Changing this forces a new resource to be created.
* @property federatedClientId Multi-tenant application client id to access key vault in a different tenant.
* @property identity An `identity` block as defined below.
* @property keyVaultKeyId Specifies the URL to a Key Vault Key (either from a Key Vault Key, or the Key URL for the Key Vault Secret).
* > **NOTE** Access to the KeyVault must be granted for this Disk Encryption Set, if you want to further use this Disk Encryption Set in a Managed Disk or Virtual Machine, or Virtual Machine Scale Set. For instructions, please refer to the doc of [Server side encryption of Azure managed disks](https://docs.microsoft.com/azure/virtual-machines/linux/disk-encryption).
* > **NOTE** A KeyVault using enable_rbac_authorization requires to use `azure.authorization.Assignment` to assigne the role `Key Vault Crypto Service Encryption User` to this Disk Encryption Set.
* In this case, `azure.keyvault.AccessPolicy` is not needed.
* @property location Specifies the Azure Region where the Disk Encryption Set exists. Changing this forces a new resource to be created.
* @property name The name of the Disk Encryption Set. Changing this forces a new resource to be created.
* @property resourceGroupName Specifies the name of the Resource Group where the Disk Encryption Set should exist. Changing this forces a new resource to be created.
* @property tags A mapping of tags to assign to the Disk Encryption Set.
*/
public data class DiskEncryptionSetArgs(
public val autoKeyRotationEnabled: Output? = null,
public val encryptionType: Output? = null,
public val federatedClientId: Output? = null,
public val identity: Output? = null,
public val keyVaultKeyId: Output? = null,
public val location: Output? = null,
public val name: Output? = null,
public val resourceGroupName: Output? = null,
public val tags: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.compute.DiskEncryptionSetArgs =
com.pulumi.azure.compute.DiskEncryptionSetArgs.builder()
.autoKeyRotationEnabled(autoKeyRotationEnabled?.applyValue({ args0 -> args0 }))
.encryptionType(encryptionType?.applyValue({ args0 -> args0 }))
.federatedClientId(federatedClientId?.applyValue({ args0 -> args0 }))
.identity(identity?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.keyVaultKeyId(keyVaultKeyId?.applyValue({ args0 -> args0 }))
.location(location?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.resourceGroupName(resourceGroupName?.applyValue({ args0 -> args0 }))
.tags(
tags?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
).build()
}
/**
* Builder for [DiskEncryptionSetArgs].
*/
@PulumiTagMarker
public class DiskEncryptionSetArgsBuilder internal constructor() {
private var autoKeyRotationEnabled: Output? = null
private var encryptionType: Output? = null
private var federatedClientId: Output? = null
private var identity: Output? = null
private var keyVaultKeyId: Output? = null
private var location: Output? = null
private var name: Output? = null
private var resourceGroupName: Output? = null
private var tags: Output>? = null
/**
* @param value
*/
@JvmName("yxgplamtnmsxoqgs")
public suspend fun autoKeyRotationEnabled(`value`: Output) {
this.autoKeyRotationEnabled = value
}
/**
* @param value The type of key used to encrypt the data of the disk. Possible values are `EncryptionAtRestWithCustomerKey`, `EncryptionAtRestWithPlatformAndCustomerKeys` and `ConfidentialVmEncryptedWithCustomerKey`. Defaults to `EncryptionAtRestWithCustomerKey`. Changing this forces a new resource to be created.
*/
@JvmName("qxiaivdvdbhygvhg")
public suspend fun encryptionType(`value`: Output) {
this.encryptionType = value
}
/**
* @param value Multi-tenant application client id to access key vault in a different tenant.
*/
@JvmName("xhwbolqqgjvvvmrx")
public suspend fun federatedClientId(`value`: Output) {
this.federatedClientId = value
}
/**
* @param value An `identity` block as defined below.
*/
@JvmName("jlwygrxjwbayxjlg")
public suspend fun identity(`value`: Output) {
this.identity = value
}
/**
* @param value Specifies the URL to a Key Vault Key (either from a Key Vault Key, or the Key URL for the Key Vault Secret).
* > **NOTE** Access to the KeyVault must be granted for this Disk Encryption Set, if you want to further use this Disk Encryption Set in a Managed Disk or Virtual Machine, or Virtual Machine Scale Set. For instructions, please refer to the doc of [Server side encryption of Azure managed disks](https://docs.microsoft.com/azure/virtual-machines/linux/disk-encryption).
* > **NOTE** A KeyVault using enable_rbac_authorization requires to use `azure.authorization.Assignment` to assigne the role `Key Vault Crypto Service Encryption User` to this Disk Encryption Set.
* In this case, `azure.keyvault.AccessPolicy` is not needed.
*/
@JvmName("ksrfplppemwncrig")
public suspend fun keyVaultKeyId(`value`: Output) {
this.keyVaultKeyId = value
}
/**
* @param value Specifies the Azure Region where the Disk Encryption Set exists. Changing this forces a new resource to be created.
*/
@JvmName("omiakhvtvkcflyaq")
public suspend fun location(`value`: Output) {
this.location = value
}
/**
* @param value The name of the Disk Encryption Set. Changing this forces a new resource to be created.
*/
@JvmName("fpynnyledotbvayd")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value Specifies the name of the Resource Group where the Disk Encryption Set should exist. Changing this forces a new resource to be created.
*/
@JvmName("uqtetxcqsrgrrpps")
public suspend fun resourceGroupName(`value`: Output) {
this.resourceGroupName = value
}
/**
* @param value A mapping of tags to assign to the Disk Encryption Set.
*/
@JvmName("bkjsymtqilebxhwp")
public suspend fun tags(`value`: Output>) {
this.tags = value
}
/**
* @param value
*/
@JvmName("cnoupbfqivjumaan")
public suspend fun autoKeyRotationEnabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.autoKeyRotationEnabled = mapped
}
/**
* @param value The type of key used to encrypt the data of the disk. Possible values are `EncryptionAtRestWithCustomerKey`, `EncryptionAtRestWithPlatformAndCustomerKeys` and `ConfidentialVmEncryptedWithCustomerKey`. Defaults to `EncryptionAtRestWithCustomerKey`. Changing this forces a new resource to be created.
*/
@JvmName("nwuhfsrtommamrxr")
public suspend fun encryptionType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.encryptionType = mapped
}
/**
* @param value Multi-tenant application client id to access key vault in a different tenant.
*/
@JvmName("cfxkasbmhqqhjkhx")
public suspend fun federatedClientId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.federatedClientId = mapped
}
/**
* @param value An `identity` block as defined below.
*/
@JvmName("crdapaolcbomoocc")
public suspend fun identity(`value`: DiskEncryptionSetIdentityArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.identity = mapped
}
/**
* @param argument An `identity` block as defined below.
*/
@JvmName("wkbgapkctutkugce")
public suspend fun identity(argument: suspend DiskEncryptionSetIdentityArgsBuilder.() -> Unit) {
val toBeMapped = DiskEncryptionSetIdentityArgsBuilder().applySuspend { argument() }.build()
val mapped = of(toBeMapped)
this.identity = mapped
}
/**
* @param value Specifies the URL to a Key Vault Key (either from a Key Vault Key, or the Key URL for the Key Vault Secret).
* > **NOTE** Access to the KeyVault must be granted for this Disk Encryption Set, if you want to further use this Disk Encryption Set in a Managed Disk or Virtual Machine, or Virtual Machine Scale Set. For instructions, please refer to the doc of [Server side encryption of Azure managed disks](https://docs.microsoft.com/azure/virtual-machines/linux/disk-encryption).
* > **NOTE** A KeyVault using enable_rbac_authorization requires to use `azure.authorization.Assignment` to assigne the role `Key Vault Crypto Service Encryption User` to this Disk Encryption Set.
* In this case, `azure.keyvault.AccessPolicy` is not needed.
*/
@JvmName("jgbwcpmqkxkfslhx")
public suspend fun keyVaultKeyId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.keyVaultKeyId = mapped
}
/**
* @param value Specifies the Azure Region where the Disk Encryption Set exists. Changing this forces a new resource to be created.
*/
@JvmName("gdsmlgxxscrikhoi")
public suspend fun location(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.location = mapped
}
/**
* @param value The name of the Disk Encryption Set. Changing this forces a new resource to be created.
*/
@JvmName("ckddsqvllldayieq")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value Specifies the name of the Resource Group where the Disk Encryption Set should exist. Changing this forces a new resource to be created.
*/
@JvmName("ukiedecgvkahiahc")
public suspend fun resourceGroupName(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resourceGroupName = mapped
}
/**
* @param value A mapping of tags to assign to the Disk Encryption Set.
*/
@JvmName("rpcunciqvliwyyvc")
public suspend fun tags(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tags = mapped
}
/**
* @param values A mapping of tags to assign to the Disk Encryption Set.
*/
@JvmName("qmutqlyjmfblgptm")
public fun tags(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tags = mapped
}
internal fun build(): DiskEncryptionSetArgs = DiskEncryptionSetArgs(
autoKeyRotationEnabled = autoKeyRotationEnabled,
encryptionType = encryptionType,
federatedClientId = federatedClientId,
identity = identity,
keyVaultKeyId = keyVaultKeyId,
location = location,
name = name,
resourceGroupName = resourceGroupName,
tags = tags,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy