com.pulumi.azure.elasticsan.kotlin.VolumeGroupArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.elasticsan.kotlin
import com.pulumi.azure.elasticsan.VolumeGroupArgs.builder
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupEncryptionArgs
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupEncryptionArgsBuilder
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupIdentityArgs
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupIdentityArgsBuilder
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupNetworkRuleArgs
import com.pulumi.azure.elasticsan.kotlin.inputs.VolumeGroupNetworkRuleArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages an Elastic SAN Volume Group resource.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-rg",
* location: "West Europe",
* });
* const exampleElasticSan = new azure.elasticsan.ElasticSan("example", {
* name: "examplees-es",
* resourceGroupName: example.name,
* location: example.location,
* baseSizeInTib: 1,
* sku: {
* name: "Premium_LRS",
* },
* });
* const current = azure.core.getClientConfig({});
* const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
* name: "example-uai",
* location: example.location,
* resourceGroupName: example.name,
* });
* const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
* name: "example-vnet",
* addressSpaces: ["10.0.0.0/16"],
* location: example.location,
* resourceGroupName: example.name,
* });
* const exampleSubnet = new azure.network.Subnet("example", {
* name: "example-subnet",
* resourceGroupName: example.name,
* virtualNetworkName: exampleVirtualNetwork.name,
* addressPrefixes: ["10.0.1.0/24"],
* serviceEndpoints: ["Microsoft.Storage.Global"],
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "examplekv",
* location: example.location,
* resourceGroupName: example.name,
* enabledForDiskEncryption: true,
* tenantId: current.then(current => current.tenantId),
* softDeleteRetentionDays: 7,
* purgeProtectionEnabled: true,
* skuName: "standard",
* });
* const userAssignedIdentity = new azure.keyvault.AccessPolicy("userAssignedIdentity", {
* keyVaultId: exampleKeyVault.id,
* tenantId: current.then(current => current.tenantId),
* objectId: exampleUserAssignedIdentity.principalId,
* keyPermissions: [
* "Get",
* "UnwrapKey",
* "WrapKey",
* ],
* secretPermissions: ["Get"],
* });
* const client = new azure.keyvault.AccessPolicy("client", {
* keyVaultId: exampleKeyVault.id,
* tenantId: current.then(current => current.tenantId),
* objectId: current.then(current => current.objectId),
* keyPermissions: [
* "Get",
* "Create",
* "Delete",
* "List",
* "Restore",
* "Recover",
* "UnwrapKey",
* "WrapKey",
* "Purge",
* "Encrypt",
* "Decrypt",
* "Sign",
* "Verify",
* "GetRotationPolicy",
* ],
* secretPermissions: ["Get"],
* });
* const exampleKey = new azure.keyvault.Key("example", {
* name: "example-kvk",
* keyVaultId: exampleKeyVault.id,
* keyType: "RSA",
* keySize: 2048,
* keyOpts: [
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* });
* const exampleVolumeGroup = new azure.elasticsan.VolumeGroup("example", {
* name: "example-esvg",
* elasticSanId: exampleElasticSan.id,
* encryptionType: "EncryptionAtRestWithCustomerManagedKey",
* encryption: {
* keyVaultKeyId: exampleKey.versionlessId,
* userAssignedIdentityId: exampleUserAssignedIdentity.id,
* },
* identity: {
* type: "UserAssigned",
* identityIds: [exampleUserAssignedIdentity.id],
* },
* networkRules: [{
* subnetId: exampleSubnet.id,
* action: "Allow",
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-rg",
* location="West Europe")
* example_elastic_san = azure.elasticsan.ElasticSan("example",
* name="examplees-es",
* resource_group_name=example.name,
* location=example.location,
* base_size_in_tib=1,
* sku=azure.elasticsan.ElasticSanSkuArgs(
* name="Premium_LRS",
* ))
* current = azure.core.get_client_config()
* example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
* name="example-uai",
* location=example.location,
* resource_group_name=example.name)
* example_virtual_network = azure.network.VirtualNetwork("example",
* name="example-vnet",
* address_spaces=["10.0.0.0/16"],
* location=example.location,
* resource_group_name=example.name)
* example_subnet = azure.network.Subnet("example",
* name="example-subnet",
* resource_group_name=example.name,
* virtual_network_name=example_virtual_network.name,
* address_prefixes=["10.0.1.0/24"],
* service_endpoints=["Microsoft.Storage.Global"])
* example_key_vault = azure.keyvault.KeyVault("example",
* name="examplekv",
* location=example.location,
* resource_group_name=example.name,
* enabled_for_disk_encryption=True,
* tenant_id=current.tenant_id,
* soft_delete_retention_days=7,
* purge_protection_enabled=True,
* sku_name="standard")
* user_assigned_identity = azure.keyvault.AccessPolicy("userAssignedIdentity",
* key_vault_id=example_key_vault.id,
* tenant_id=current.tenant_id,
* object_id=example_user_assigned_identity.principal_id,
* key_permissions=[
* "Get",
* "UnwrapKey",
* "WrapKey",
* ],
* secret_permissions=["Get"])
* client = azure.keyvault.AccessPolicy("client",
* key_vault_id=example_key_vault.id,
* tenant_id=current.tenant_id,
* object_id=current.object_id,
* key_permissions=[
* "Get",
* "Create",
* "Delete",
* "List",
* "Restore",
* "Recover",
* "UnwrapKey",
* "WrapKey",
* "Purge",
* "Encrypt",
* "Decrypt",
* "Sign",
* "Verify",
* "GetRotationPolicy",
* ],
* secret_permissions=["Get"])
* example_key = azure.keyvault.Key("example",
* name="example-kvk",
* key_vault_id=example_key_vault.id,
* key_type="RSA",
* key_size=2048,
* key_opts=[
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ])
* example_volume_group = azure.elasticsan.VolumeGroup("example",
* name="example-esvg",
* elastic_san_id=example_elastic_san.id,
* encryption_type="EncryptionAtRestWithCustomerManagedKey",
* encryption=azure.elasticsan.VolumeGroupEncryptionArgs(
* key_vault_key_id=example_key.versionless_id,
* user_assigned_identity_id=example_user_assigned_identity.id,
* ),
* identity=azure.elasticsan.VolumeGroupIdentityArgs(
* type="UserAssigned",
* identity_ids=[example_user_assigned_identity.id],
* ),
* network_rules=[azure.elasticsan.VolumeGroupNetworkRuleArgs(
* subnet_id=example_subnet.id,
* action="Allow",
* )])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-rg",
* Location = "West Europe",
* });
* var exampleElasticSan = new Azure.ElasticSan.ElasticSan("example", new()
* {
* Name = "examplees-es",
* ResourceGroupName = example.Name,
* Location = example.Location,
* BaseSizeInTib = 1,
* Sku = new Azure.ElasticSan.Inputs.ElasticSanSkuArgs
* {
* Name = "Premium_LRS",
* },
* });
* var current = Azure.Core.GetClientConfig.Invoke();
* var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
* {
* Name = "example-uai",
* Location = example.Location,
* ResourceGroupName = example.Name,
* });
* var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
* {
* Name = "example-vnet",
* AddressSpaces = new[]
* {
* "10.0.0.0/16",
* },
* Location = example.Location,
* ResourceGroupName = example.Name,
* });
* var exampleSubnet = new Azure.Network.Subnet("example", new()
* {
* Name = "example-subnet",
* ResourceGroupName = example.Name,
* VirtualNetworkName = exampleVirtualNetwork.Name,
* AddressPrefixes = new[]
* {
* "10.0.1.0/24",
* },
* ServiceEndpoints = new[]
* {
* "Microsoft.Storage.Global",
* },
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "examplekv",
* Location = example.Location,
* ResourceGroupName = example.Name,
* EnabledForDiskEncryption = true,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* SoftDeleteRetentionDays = 7,
* PurgeProtectionEnabled = true,
* SkuName = "standard",
* });
* var userAssignedIdentity = new Azure.KeyVault.AccessPolicy("userAssignedIdentity", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* ObjectId = exampleUserAssignedIdentity.PrincipalId,
* KeyPermissions = new[]
* {
* "Get",
* "UnwrapKey",
* "WrapKey",
* },
* SecretPermissions = new[]
* {
* "Get",
* },
* });
* var client = new Azure.KeyVault.AccessPolicy("client", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Get",
* "Create",
* "Delete",
* "List",
* "Restore",
* "Recover",
* "UnwrapKey",
* "WrapKey",
* "Purge",
* "Encrypt",
* "Decrypt",
* "Sign",
* "Verify",
* "GetRotationPolicy",
* },
* SecretPermissions = new[]
* {
* "Get",
* },
* });
* var exampleKey = new Azure.KeyVault.Key("example", new()
* {
* Name = "example-kvk",
* KeyVaultId = exampleKeyVault.Id,
* KeyType = "RSA",
* KeySize = 2048,
* KeyOpts = new[]
* {
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* },
* });
* var exampleVolumeGroup = new Azure.ElasticSan.VolumeGroup("example", new()
* {
* Name = "example-esvg",
* ElasticSanId = exampleElasticSan.Id,
* EncryptionType = "EncryptionAtRestWithCustomerManagedKey",
* Encryption = new Azure.ElasticSan.Inputs.VolumeGroupEncryptionArgs
* {
* KeyVaultKeyId = exampleKey.VersionlessId,
* UserAssignedIdentityId = exampleUserAssignedIdentity.Id,
* },
* Identity = new Azure.ElasticSan.Inputs.VolumeGroupIdentityArgs
* {
* Type = "UserAssigned",
* IdentityIds = new[]
* {
* exampleUserAssignedIdentity.Id,
* },
* },
* NetworkRules = new[]
* {
* new Azure.ElasticSan.Inputs.VolumeGroupNetworkRuleArgs
* {
* SubnetId = exampleSubnet.Id,
* Action = "Allow",
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/elasticsan"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-rg"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleElasticSan, err := elasticsan.NewElasticSan(ctx, "example", &elasticsan.ElasticSanArgs{
* Name: pulumi.String("examplees-es"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* BaseSizeInTib: pulumi.Int(1),
* Sku: &elasticsan.ElasticSanSkuArgs{
* Name: pulumi.String("Premium_LRS"),
* },
* })
* if err != nil {
* return err
* }
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
* Name: pulumi.String("example-uai"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* })
* if err != nil {
* return err
* }
* exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
* Name: pulumi.String("example-vnet"),
* AddressSpaces: pulumi.StringArray{
* pulumi.String("10.0.0.0/16"),
* },
* Location: example.Location,
* ResourceGroupName: example.Name,
* })
* if err != nil {
* return err
* }
* exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
* Name: pulumi.String("example-subnet"),
* ResourceGroupName: example.Name,
* VirtualNetworkName: exampleVirtualNetwork.Name,
* AddressPrefixes: pulumi.StringArray{
* pulumi.String("10.0.1.0/24"),
* },
* ServiceEndpoints: pulumi.StringArray{
* pulumi.String("Microsoft.Storage.Global"),
* },
* })
* if err != nil {
* return err
* }
* exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("examplekv"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* EnabledForDiskEncryption: pulumi.Bool(true),
* TenantId: pulumi.String(current.TenantId),
* SoftDeleteRetentionDays: pulumi.Int(7),
* PurgeProtectionEnabled: pulumi.Bool(true),
* SkuName: pulumi.String("standard"),
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "userAssignedIdentity", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: pulumi.String(current.TenantId),
* ObjectId: exampleUserAssignedIdentity.PrincipalId,
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* pulumi.String("UnwrapKey"),
* pulumi.String("WrapKey"),
* },
* SecretPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* },
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewAccessPolicy(ctx, "client", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: pulumi.String(current.TenantId),
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("List"),
* pulumi.String("Restore"),
* pulumi.String("Recover"),
* pulumi.String("UnwrapKey"),
* pulumi.String("WrapKey"),
* pulumi.String("Purge"),
* pulumi.String("Encrypt"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* pulumi.String("Verify"),
* pulumi.String("GetRotationPolicy"),
* },
* SecretPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* },
* })
* if err != nil {
* return err
* }
* exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
* Name: pulumi.String("example-kvk"),
* KeyVaultId: exampleKeyVault.ID(),
* KeyType: pulumi.String("RSA"),
* KeySize: pulumi.Int(2048),
* KeyOpts: pulumi.StringArray{
* pulumi.String("decrypt"),
* pulumi.String("encrypt"),
* pulumi.String("sign"),
* pulumi.String("unwrapKey"),
* pulumi.String("verify"),
* pulumi.String("wrapKey"),
* },
* })
* if err != nil {
* return err
* }
* _, err = elasticsan.NewVolumeGroup(ctx, "example", &elasticsan.VolumeGroupArgs{
* Name: pulumi.String("example-esvg"),
* ElasticSanId: exampleElasticSan.ID(),
* EncryptionType: pulumi.String("EncryptionAtRestWithCustomerManagedKey"),
* Encryption: &elasticsan.VolumeGroupEncryptionArgs{
* KeyVaultKeyId: exampleKey.VersionlessId,
* UserAssignedIdentityId: exampleUserAssignedIdentity.ID(),
* },
* Identity: &elasticsan.VolumeGroupIdentityArgs{
* Type: pulumi.String("UserAssigned"),
* IdentityIds: pulumi.StringArray{
* exampleUserAssignedIdentity.ID(),
* },
* },
* NetworkRules: elasticsan.VolumeGroupNetworkRuleArray{
* &elasticsan.VolumeGroupNetworkRuleArgs{
* SubnetId: exampleSubnet.ID(),
* Action: pulumi.String("Allow"),
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.elasticsan.ElasticSan;
* import com.pulumi.azure.elasticsan.ElasticSanArgs;
* import com.pulumi.azure.elasticsan.inputs.ElasticSanSkuArgs;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.authorization.UserAssignedIdentity;
* import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
* import com.pulumi.azure.network.VirtualNetwork;
* import com.pulumi.azure.network.VirtualNetworkArgs;
* import com.pulumi.azure.network.Subnet;
* import com.pulumi.azure.network.SubnetArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.AccessPolicy;
* import com.pulumi.azure.keyvault.AccessPolicyArgs;
* import com.pulumi.azure.keyvault.Key;
* import com.pulumi.azure.keyvault.KeyArgs;
* import com.pulumi.azure.elasticsan.VolumeGroup;
* import com.pulumi.azure.elasticsan.VolumeGroupArgs;
* import com.pulumi.azure.elasticsan.inputs.VolumeGroupEncryptionArgs;
* import com.pulumi.azure.elasticsan.inputs.VolumeGroupIdentityArgs;
* import com.pulumi.azure.elasticsan.inputs.VolumeGroupNetworkRuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-rg")
* .location("West Europe")
* .build());
* var exampleElasticSan = new ElasticSan("exampleElasticSan", ElasticSanArgs.builder()
* .name("examplees-es")
* .resourceGroupName(example.name())
* .location(example.location())
* .baseSizeInTib(1)
* .sku(ElasticSanSkuArgs.builder()
* .name("Premium_LRS")
* .build())
* .build());
* final var current = CoreFunctions.getClientConfig();
* var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
* .name("example-uai")
* .location(example.location())
* .resourceGroupName(example.name())
* .build());
* var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
* .name("example-vnet")
* .addressSpaces("10.0.0.0/16")
* .location(example.location())
* .resourceGroupName(example.name())
* .build());
* var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
* .name("example-subnet")
* .resourceGroupName(example.name())
* .virtualNetworkName(exampleVirtualNetwork.name())
* .addressPrefixes("10.0.1.0/24")
* .serviceEndpoints("Microsoft.Storage.Global")
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("examplekv")
* .location(example.location())
* .resourceGroupName(example.name())
* .enabledForDiskEncryption(true)
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .softDeleteRetentionDays(7)
* .purgeProtectionEnabled(true)
* .skuName("standard")
* .build());
* var userAssignedIdentity = new AccessPolicy("userAssignedIdentity", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .objectId(exampleUserAssignedIdentity.principalId())
* .keyPermissions(
* "Get",
* "UnwrapKey",
* "WrapKey")
* .secretPermissions("Get")
* .build());
* var client = new AccessPolicy("client", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions(
* "Get",
* "Create",
* "Delete",
* "List",
* "Restore",
* "Recover",
* "UnwrapKey",
* "WrapKey",
* "Purge",
* "Encrypt",
* "Decrypt",
* "Sign",
* "Verify",
* "GetRotationPolicy")
* .secretPermissions("Get")
* .build());
* var exampleKey = new Key("exampleKey", KeyArgs.builder()
* .name("example-kvk")
* .keyVaultId(exampleKeyVault.id())
* .keyType("RSA")
* .keySize(2048)
* .keyOpts(
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey")
* .build());
* var exampleVolumeGroup = new VolumeGroup("exampleVolumeGroup", VolumeGroupArgs.builder()
* .name("example-esvg")
* .elasticSanId(exampleElasticSan.id())
* .encryptionType("EncryptionAtRestWithCustomerManagedKey")
* .encryption(VolumeGroupEncryptionArgs.builder()
* .keyVaultKeyId(exampleKey.versionlessId())
* .userAssignedIdentityId(exampleUserAssignedIdentity.id())
* .build())
* .identity(VolumeGroupIdentityArgs.builder()
* .type("UserAssigned")
* .identityIds(exampleUserAssignedIdentity.id())
* .build())
* .networkRules(VolumeGroupNetworkRuleArgs.builder()
* .subnetId(exampleSubnet.id())
* .action("Allow")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-rg
* location: West Europe
* exampleElasticSan:
* type: azure:elasticsan:ElasticSan
* name: example
* properties:
* name: examplees-es
* resourceGroupName: ${example.name}
* location: ${example.location}
* baseSizeInTib: 1
* sku:
* name: Premium_LRS
* exampleUserAssignedIdentity:
* type: azure:authorization:UserAssignedIdentity
* name: example
* properties:
* name: example-uai
* location: ${example.location}
* resourceGroupName: ${example.name}
* exampleVirtualNetwork:
* type: azure:network:VirtualNetwork
* name: example
* properties:
* name: example-vnet
* addressSpaces:
* - 10.0.0.0/16
* location: ${example.location}
* resourceGroupName: ${example.name}
* exampleSubnet:
* type: azure:network:Subnet
* name: example
* properties:
* name: example-subnet
* resourceGroupName: ${example.name}
* virtualNetworkName: ${exampleVirtualNetwork.name}
* addressPrefixes:
* - 10.0.1.0/24
* serviceEndpoints:
* - Microsoft.Storage.Global
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: examplekv
* location: ${example.location}
* resourceGroupName: ${example.name}
* enabledForDiskEncryption: true
* tenantId: ${current.tenantId}
* softDeleteRetentionDays: 7
* purgeProtectionEnabled: true
* skuName: standard
* userAssignedIdentity:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${current.tenantId}
* objectId: ${exampleUserAssignedIdentity.principalId}
* keyPermissions:
* - Get
* - UnwrapKey
* - WrapKey
* secretPermissions:
* - Get
* client:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${current.tenantId}
* objectId: ${current.objectId}
* keyPermissions:
* - Get
* - Create
* - Delete
* - List
* - Restore
* - Recover
* - UnwrapKey
* - WrapKey
* - Purge
* - Encrypt
* - Decrypt
* - Sign
* - Verify
* - GetRotationPolicy
* secretPermissions:
* - Get
* exampleKey:
* type: azure:keyvault:Key
* name: example
* properties:
* name: example-kvk
* keyVaultId: ${exampleKeyVault.id}
* keyType: RSA
* keySize: 2048
* keyOpts:
* - decrypt
* - encrypt
* - sign
* - unwrapKey
* - verify
* - wrapKey
* exampleVolumeGroup:
* type: azure:elasticsan:VolumeGroup
* name: example
* properties:
* name: example-esvg
* elasticSanId: ${exampleElasticSan.id}
* encryptionType: EncryptionAtRestWithCustomerManagedKey
* encryption:
* keyVaultKeyId: ${exampleKey.versionlessId}
* userAssignedIdentityId: ${exampleUserAssignedIdentity.id}
* identity:
* type: UserAssigned
* identityIds:
* - ${exampleUserAssignedIdentity.id}
* networkRules:
* - subnetId: ${exampleSubnet.id}
* action: Allow
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* An existing Elastic SAN Volume Group can be imported into Terraform using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:elasticsan/volumeGroup:VolumeGroup example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ElasticSan/elasticSans/esan1/volumeGroups/vg1
* ```
* @property elasticSanId Specifies the Elastic SAN ID within which this Elastic SAN Volume Group should exist. Changing this forces a new resource to be created.
* @property encryption An `encryption` block as defined below.
* > **NOTE:** The `encryption` block can only be set when `encryption_type` is set to `EncryptionAtRestWithCustomerManagedKey`.
* @property encryptionType Specifies the type of the key used to encrypt the data of the disk. Possible values are `EncryptionAtRestWithCustomerManagedKey` and `EncryptionAtRestWithPlatformKey`. Defaults to `EncryptionAtRestWithPlatformKey`.
* @property identity An `identity` block as defined below. Specifies the Managed Identity which should be assigned to this Elastic SAN Volume Group.
* @property name Specifies the name of this Elastic SAN Volume Group. Changing this forces a new resource to be created.
* @property networkRules One or more `network_rule` blocks as defined below.
* @property protocolType Specifies the type of the storage target. The only possible value is `Iscsi`. Defaults to `Iscsi`.
*/
public data class VolumeGroupArgs(
public val elasticSanId: Output? = null,
public val encryption: Output? = null,
public val encryptionType: Output? = null,
public val identity: Output? = null,
public val name: Output? = null,
public val networkRules: Output>? = null,
public val protocolType: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.elasticsan.VolumeGroupArgs =
com.pulumi.azure.elasticsan.VolumeGroupArgs.builder()
.elasticSanId(elasticSanId?.applyValue({ args0 -> args0 }))
.encryption(encryption?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.encryptionType(encryptionType?.applyValue({ args0 -> args0 }))
.identity(identity?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.name(name?.applyValue({ args0 -> args0 }))
.networkRules(
networkRules?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.protocolType(protocolType?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [VolumeGroupArgs].
*/
@PulumiTagMarker
public class VolumeGroupArgsBuilder internal constructor() {
private var elasticSanId: Output? = null
private var encryption: Output? = null
private var encryptionType: Output? = null
private var identity: Output? = null
private var name: Output? = null
private var networkRules: Output>? = null
private var protocolType: Output? = null
/**
* @param value Specifies the Elastic SAN ID within which this Elastic SAN Volume Group should exist. Changing this forces a new resource to be created.
*/
@JvmName("xhxkijypkvlfkgfb")
public suspend fun elasticSanId(`value`: Output) {
this.elasticSanId = value
}
/**
* @param value An `encryption` block as defined below.
* > **NOTE:** The `encryption` block can only be set when `encryption_type` is set to `EncryptionAtRestWithCustomerManagedKey`.
*/
@JvmName("qsqjsdniaorwkbep")
public suspend fun encryption(`value`: Output) {
this.encryption = value
}
/**
* @param value Specifies the type of the key used to encrypt the data of the disk. Possible values are `EncryptionAtRestWithCustomerManagedKey` and `EncryptionAtRestWithPlatformKey`. Defaults to `EncryptionAtRestWithPlatformKey`.
*/
@JvmName("mmcbefmouyhosnnr")
public suspend fun encryptionType(`value`: Output) {
this.encryptionType = value
}
/**
* @param value An `identity` block as defined below. Specifies the Managed Identity which should be assigned to this Elastic SAN Volume Group.
*/
@JvmName("irtpulnkqpkvfmhf")
public suspend fun identity(`value`: Output) {
this.identity = value
}
/**
* @param value Specifies the name of this Elastic SAN Volume Group. Changing this forces a new resource to be created.
*/
@JvmName("jrdklxujguitjknd")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value One or more `network_rule` blocks as defined below.
*/
@JvmName("daitxyriqprvqvcu")
public suspend fun networkRules(`value`: Output>) {
this.networkRules = value
}
@JvmName("oqyqjhpixajwbuhw")
public suspend fun networkRules(vararg values: Output) {
this.networkRules = Output.all(values.asList())
}
/**
* @param values One or more `network_rule` blocks as defined below.
*/
@JvmName("lqtjnkoxuwdnpbgv")
public suspend fun networkRules(values: List
© 2015 - 2025 Weber Informatics LLC | Privacy Policy