com.pulumi.azure.keyvault.kotlin.ManagedHardwareSecurityModule.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.keyvault.kotlin
import com.pulumi.azure.keyvault.kotlin.outputs.ManagedHardwareSecurityModuleNetworkAcls
import com.pulumi.azure.keyvault.kotlin.outputs.ManagedHardwareSecurityModuleNetworkAcls.Companion.toKotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
/**
* Builder for [ManagedHardwareSecurityModule].
*/
@PulumiTagMarker
public class ManagedHardwareSecurityModuleResourceBuilder internal constructor() {
public var name: String? = null
public var args: ManagedHardwareSecurityModuleArgs = ManagedHardwareSecurityModuleArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend ManagedHardwareSecurityModuleArgsBuilder.() -> Unit) {
val builder = ManagedHardwareSecurityModuleArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): ManagedHardwareSecurityModule {
val builtJavaResource =
com.pulumi.azure.keyvault.ManagedHardwareSecurityModule(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return ManagedHardwareSecurityModule(builtJavaResource)
}
}
/**
* Manages a Key Vault Managed Hardware Security Module.
* > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Managed Hardware Security Module resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_hardware_security_modules_on_destroy` for more information.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleManagedHardwareSecurityModule = new azure.keyvault.ManagedHardwareSecurityModule("example", {
* name: "exampleKVHsm",
* resourceGroupName: example.name,
* location: example.location,
* skuName: "Standard_B1",
* purgeProtectionEnabled: false,
* softDeleteRetentionDays: 90,
* tenantId: current.then(current => current.tenantId),
* adminObjectIds: [current.then(current => current.objectId)],
* tags: {
* Env: "Test",
* },
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_managed_hardware_security_module = azure.keyvault.ManagedHardwareSecurityModule("example",
* name="exampleKVHsm",
* resource_group_name=example.name,
* location=example.location,
* sku_name="Standard_B1",
* purge_protection_enabled=False,
* soft_delete_retention_days=90,
* tenant_id=current.tenant_id,
* admin_object_ids=[current.object_id],
* tags={
* "Env": "Test",
* })
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleManagedHardwareSecurityModule = new Azure.KeyVault.ManagedHardwareSecurityModule("example", new()
* {
* Name = "exampleKVHsm",
* ResourceGroupName = example.Name,
* Location = example.Location,
* SkuName = "Standard_B1",
* PurgeProtectionEnabled = false,
* SoftDeleteRetentionDays = 90,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* AdminObjectIds = new[]
* {
* current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* },
* Tags =
* {
* { "Env", "Test" },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewManagedHardwareSecurityModule(ctx, "example", &keyvault.ManagedHardwareSecurityModuleArgs{
* Name: pulumi.String("exampleKVHsm"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* SkuName: pulumi.String("Standard_B1"),
* PurgeProtectionEnabled: pulumi.Bool(false),
* SoftDeleteRetentionDays: pulumi.Int(90),
* TenantId: pulumi.String(current.TenantId),
* AdminObjectIds: pulumi.StringArray{
* pulumi.String(current.ObjectId),
* },
* Tags: pulumi.StringMap{
* "Env": pulumi.String("Test"),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.keyvault.ManagedHardwareSecurityModule;
* import com.pulumi.azure.keyvault.ManagedHardwareSecurityModuleArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleManagedHardwareSecurityModule = new ManagedHardwareSecurityModule("exampleManagedHardwareSecurityModule", ManagedHardwareSecurityModuleArgs.builder()
* .name("exampleKVHsm")
* .resourceGroupName(example.name())
* .location(example.location())
* .skuName("Standard_B1")
* .purgeProtectionEnabled(false)
* .softDeleteRetentionDays(90)
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .adminObjectIds(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .tags(Map.of("Env", "Test"))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleManagedHardwareSecurityModule:
* type: azure:keyvault:ManagedHardwareSecurityModule
* name: example
* properties:
* name: exampleKVHsm
* resourceGroupName: ${example.name}
* location: ${example.location}
* skuName: Standard_B1
* purgeProtectionEnabled: false
* softDeleteRetentionDays: 90
* tenantId: ${current.tenantId}
* adminObjectIds:
* - ${current.objectId}
* tags:
* Env: Test
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Key Vault Managed Hardware Security Module can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:keyvault/managedHardwareSecurityModule:ManagedHardwareSecurityModule example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.KeyVault/managedHSMs/hsm1
* ```
*/
public class ManagedHardwareSecurityModule internal constructor(
override val javaResource: com.pulumi.azure.keyvault.ManagedHardwareSecurityModule,
) : KotlinCustomResource(javaResource, ManagedHardwareSecurityModuleMapper) {
/**
* Specifies a list of administrators object IDs for the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.
*/
public val adminObjectIds: Output>
get() = javaResource.adminObjectIds().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* The URI of the Key Vault Managed Hardware Security Module, used for performing operations on keys.
*/
public val hsmUri: Output
get() = javaResource.hsmUri().applyValue({ args0 -> args0 })
/**
* Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*/
public val location: Output
get() = javaResource.location().applyValue({ args0 -> args0 })
/**
* Specifies the name of the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* A `network_acls` block as defined below.
*/
public val networkAcls: Output
get() = javaResource.networkAcls().applyValue({ args0 -> args0.let({ args0 -> toKotlin(args0) }) })
/**
* Whether traffic from public networks is permitted. Defaults to `true`. Changing this forces a new resource to be created.
*/
public val publicNetworkAccessEnabled: Output?
get() = javaResource.publicNetworkAccessEnabled().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Is Purge Protection enabled for this Key Vault Managed Hardware Security Module? Changing this forces a new resource to be created.
*/
public val purgeProtectionEnabled: Output?
get() = javaResource.purgeProtectionEnabled().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The name of the resource group in which to create the Key Vault Managed Hardware Security Module. Changing this forces a new resource to be created.
*/
public val resourceGroupName: Output
get() = javaResource.resourceGroupName().applyValue({ args0 -> args0 })
/**
* This attribute can be used for disaster recovery or when creating another Managed HSM that shares the same security domain.
*/
public val securityDomainEncryptedData: Output
get() = javaResource.securityDomainEncryptedData().applyValue({ args0 -> args0 })
/**
* A list of KeyVault certificates resource IDs (minimum of three and up to a maximum of 10) to activate this Managed HSM. More information see [activate-your-managed-hsm](https://learn.microsoft.com/azure/key-vault/managed-hsm/quick-create-cli#activate-your-managed-hsm)
*/
public val securityDomainKeyVaultCertificateIds: Output>?
get() = javaResource.securityDomainKeyVaultCertificateIds().applyValue({ args0 ->
args0.map({ args0 -> args0.map({ args0 -> args0 }) }).orElse(null)
})
/**
* Specifies the minimum number of shares required to decrypt the security domain for recovery. This is required when `security_domain_key_vault_certificate_ids` is specified. Valid values are between 2 and 10.
*/
public val securityDomainQuorum: Output?
get() = javaResource.securityDomainQuorum().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The Name of the SKU used for this Key Vault Managed Hardware Security Module. Possible value is `Standard_B1`. Changing this forces a new resource to be created.
*/
public val skuName: Output
get() = javaResource.skuName().applyValue({ args0 -> args0 })
/**
* The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` days. Defaults to `90`. Changing this forces a new resource to be created.
*/
public val softDeleteRetentionDays: Output?
get() = javaResource.softDeleteRetentionDays().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A mapping of tags to assign to the resource.
*/
public val tags: Output>?
get() = javaResource.tags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
/**
* The Azure Active Directory Tenant ID that should be used for authenticating requests to the key vault Managed Hardware Security Module. Changing this forces a new resource to be created.
*/
public val tenantId: Output
get() = javaResource.tenantId().applyValue({ args0 -> args0 })
}
public object ManagedHardwareSecurityModuleMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.keyvault.ManagedHardwareSecurityModule::class == javaResource::class
override fun map(javaResource: Resource): ManagedHardwareSecurityModule =
ManagedHardwareSecurityModule(
javaResource as
com.pulumi.azure.keyvault.ManagedHardwareSecurityModule,
)
}
/**
* @see [ManagedHardwareSecurityModule].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [ManagedHardwareSecurityModule].
*/
public suspend fun managedHardwareSecurityModule(
name: String,
block: suspend ManagedHardwareSecurityModuleResourceBuilder.() -> Unit,
):
ManagedHardwareSecurityModule {
val builder = ManagedHardwareSecurityModuleResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [ManagedHardwareSecurityModule].
* @param name The _unique_ name of the resulting resource.
*/
public fun managedHardwareSecurityModule(name: String): ManagedHardwareSecurityModule {
val builder = ManagedHardwareSecurityModuleResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy