com.pulumi.azure.netapp.kotlin.AccountEncryptionArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.netapp.kotlin
import com.pulumi.azure.netapp.AccountEncryptionArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* Manages a NetApp Account Encryption Resource.
* For more information about Azure NetApp Files Customer-Managed Keys feature, please refer to [Configure customer-managed keys for Azure NetApp Files volume encryption](https://learn.microsoft.com/en-us/azure/azure-netapp-files/configure-customer-managed-keys)
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const current = azure.core.getClientConfig({});
* const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
* name: "anf-user-assigned-identity",
* location: example.location,
* resourceGroupName: example.name,
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "anfcmkakv",
* location: example.location,
* resourceGroupName: example.name,
* enabledForDiskEncryption: true,
* enabledForDeployment: true,
* enabledForTemplateDeployment: true,
* purgeProtectionEnabled: true,
* tenantId: "00000000-0000-0000-0000-000000000000",
* skuName: "standard",
* accessPolicies: [
* {
* tenantId: "00000000-0000-0000-0000-000000000000",
* objectId: current.then(current => current.objectId),
* keyPermissions: [
* "Get",
* "Create",
* "Delete",
* "WrapKey",
* "UnwrapKey",
* "GetRotationPolicy",
* "SetRotationPolicy",
* ],
* },
* {
* tenantId: "00000000-0000-0000-0000-000000000000",
* objectId: exampleUserAssignedIdentity.principalId,
* keyPermissions: [
* "Get",
* "Encrypt",
* "Decrypt",
* ],
* },
* ],
* });
* const exampleKey = new azure.keyvault.Key("example", {
* name: "anfencryptionkey",
* keyVaultId: exampleKeyVault.id,
* keyType: "RSA",
* keySize: 2048,
* keyOpts: [
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* });
* const exampleAccount = new azure.netapp.Account("example", {
* name: "netappaccount",
* location: example.location,
* resourceGroupName: example.name,
* identity: {
* type: "UserAssigned",
* identityIds: [exampleUserAssignedIdentity.id],
* },
* });
* const exampleAccountEncryption = new azure.netapp.AccountEncryption("example", {
* netappAccountId: exampleAccount.id,
* userAssignedIdentityId: exampleUserAssignedIdentity.id,
* encryptionKey: exampleKey.versionlessId,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* current = azure.core.get_client_config()
* example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
* name="anf-user-assigned-identity",
* location=example.location,
* resource_group_name=example.name)
* example_key_vault = azure.keyvault.KeyVault("example",
* name="anfcmkakv",
* location=example.location,
* resource_group_name=example.name,
* enabled_for_disk_encryption=True,
* enabled_for_deployment=True,
* enabled_for_template_deployment=True,
* purge_protection_enabled=True,
* tenant_id="00000000-0000-0000-0000-000000000000",
* sku_name="standard",
* access_policies=[
* azure.keyvault.KeyVaultAccessPolicyArgs(
* tenant_id="00000000-0000-0000-0000-000000000000",
* object_id=current.object_id,
* key_permissions=[
* "Get",
* "Create",
* "Delete",
* "WrapKey",
* "UnwrapKey",
* "GetRotationPolicy",
* "SetRotationPolicy",
* ],
* ),
* azure.keyvault.KeyVaultAccessPolicyArgs(
* tenant_id="00000000-0000-0000-0000-000000000000",
* object_id=example_user_assigned_identity.principal_id,
* key_permissions=[
* "Get",
* "Encrypt",
* "Decrypt",
* ],
* ),
* ])
* example_key = azure.keyvault.Key("example",
* name="anfencryptionkey",
* key_vault_id=example_key_vault.id,
* key_type="RSA",
* key_size=2048,
* key_opts=[
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ])
* example_account = azure.netapp.Account("example",
* name="netappaccount",
* location=example.location,
* resource_group_name=example.name,
* identity=azure.netapp.AccountIdentityArgs(
* type="UserAssigned",
* identity_ids=[example_user_assigned_identity.id],
* ))
* example_account_encryption = azure.netapp.AccountEncryption("example",
* netapp_account_id=example_account.id,
* user_assigned_identity_id=example_user_assigned_identity.id,
* encryption_key=example_key.versionless_id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var current = Azure.Core.GetClientConfig.Invoke();
* var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
* {
* Name = "anf-user-assigned-identity",
* Location = example.Location,
* ResourceGroupName = example.Name,
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "anfcmkakv",
* Location = example.Location,
* ResourceGroupName = example.Name,
* EnabledForDiskEncryption = true,
* EnabledForDeployment = true,
* EnabledForTemplateDeployment = true,
* PurgeProtectionEnabled = true,
* TenantId = "00000000-0000-0000-0000-000000000000",
* SkuName = "standard",
* AccessPolicies = new[]
* {
* new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
* {
* TenantId = "00000000-0000-0000-0000-000000000000",
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Get",
* "Create",
* "Delete",
* "WrapKey",
* "UnwrapKey",
* "GetRotationPolicy",
* "SetRotationPolicy",
* },
* },
* new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
* {
* TenantId = "00000000-0000-0000-0000-000000000000",
* ObjectId = exampleUserAssignedIdentity.PrincipalId,
* KeyPermissions = new[]
* {
* "Get",
* "Encrypt",
* "Decrypt",
* },
* },
* },
* });
* var exampleKey = new Azure.KeyVault.Key("example", new()
* {
* Name = "anfencryptionkey",
* KeyVaultId = exampleKeyVault.Id,
* KeyType = "RSA",
* KeySize = 2048,
* KeyOpts = new[]
* {
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* },
* });
* var exampleAccount = new Azure.NetApp.Account("example", new()
* {
* Name = "netappaccount",
* Location = example.Location,
* ResourceGroupName = example.Name,
* Identity = new Azure.NetApp.Inputs.AccountIdentityArgs
* {
* Type = "UserAssigned",
* IdentityIds = new[]
* {
* exampleUserAssignedIdentity.Id,
* },
* },
* });
* var exampleAccountEncryption = new Azure.NetApp.AccountEncryption("example", new()
* {
* NetappAccountId = exampleAccount.Id,
* UserAssignedIdentityId = exampleUserAssignedIdentity.Id,
* EncryptionKey = exampleKey.VersionlessId,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/netapp"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
* Name: pulumi.String("anf-user-assigned-identity"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* })
* if err != nil {
* return err
* }
* exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("anfcmkakv"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* EnabledForDiskEncryption: pulumi.Bool(true),
* EnabledForDeployment: pulumi.Bool(true),
* EnabledForTemplateDeployment: pulumi.Bool(true),
* PurgeProtectionEnabled: pulumi.Bool(true),
* TenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
* SkuName: pulumi.String("standard"),
* AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
* &keyvault.KeyVaultAccessPolicyArgs{
* TenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("WrapKey"),
* pulumi.String("UnwrapKey"),
* pulumi.String("GetRotationPolicy"),
* pulumi.String("SetRotationPolicy"),
* },
* },
* &keyvault.KeyVaultAccessPolicyArgs{
* TenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
* ObjectId: exampleUserAssignedIdentity.PrincipalId,
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* pulumi.String("Encrypt"),
* pulumi.String("Decrypt"),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
* Name: pulumi.String("anfencryptionkey"),
* KeyVaultId: exampleKeyVault.ID(),
* KeyType: pulumi.String("RSA"),
* KeySize: pulumi.Int(2048),
* KeyOpts: pulumi.StringArray{
* pulumi.String("decrypt"),
* pulumi.String("encrypt"),
* pulumi.String("sign"),
* pulumi.String("unwrapKey"),
* pulumi.String("verify"),
* pulumi.String("wrapKey"),
* },
* })
* if err != nil {
* return err
* }
* exampleAccount, err := netapp.NewAccount(ctx, "example", &netapp.AccountArgs{
* Name: pulumi.String("netappaccount"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* Identity: &netapp.AccountIdentityArgs{
* Type: pulumi.String("UserAssigned"),
* IdentityIds: pulumi.StringArray{
* exampleUserAssignedIdentity.ID(),
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = netapp.NewAccountEncryption(ctx, "example", &netapp.AccountEncryptionArgs{
* NetappAccountId: exampleAccount.ID(),
* UserAssignedIdentityId: exampleUserAssignedIdentity.ID(),
* EncryptionKey: exampleKey.VersionlessId,
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.authorization.UserAssignedIdentity;
* import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
* import com.pulumi.azure.keyvault.Key;
* import com.pulumi.azure.keyvault.KeyArgs;
* import com.pulumi.azure.netapp.Account;
* import com.pulumi.azure.netapp.AccountArgs;
* import com.pulumi.azure.netapp.inputs.AccountIdentityArgs;
* import com.pulumi.azure.netapp.AccountEncryption;
* import com.pulumi.azure.netapp.AccountEncryptionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* final var current = CoreFunctions.getClientConfig();
* var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
* .name("anf-user-assigned-identity")
* .location(example.location())
* .resourceGroupName(example.name())
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("anfcmkakv")
* .location(example.location())
* .resourceGroupName(example.name())
* .enabledForDiskEncryption(true)
* .enabledForDeployment(true)
* .enabledForTemplateDeployment(true)
* .purgeProtectionEnabled(true)
* .tenantId("00000000-0000-0000-0000-000000000000")
* .skuName("standard")
* .accessPolicies(
* KeyVaultAccessPolicyArgs.builder()
* .tenantId("00000000-0000-0000-0000-000000000000")
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions(
* "Get",
* "Create",
* "Delete",
* "WrapKey",
* "UnwrapKey",
* "GetRotationPolicy",
* "SetRotationPolicy")
* .build(),
* KeyVaultAccessPolicyArgs.builder()
* .tenantId("00000000-0000-0000-0000-000000000000")
* .objectId(exampleUserAssignedIdentity.principalId())
* .keyPermissions(
* "Get",
* "Encrypt",
* "Decrypt")
* .build())
* .build());
* var exampleKey = new Key("exampleKey", KeyArgs.builder()
* .name("anfencryptionkey")
* .keyVaultId(exampleKeyVault.id())
* .keyType("RSA")
* .keySize(2048)
* .keyOpts(
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("netappaccount")
* .location(example.location())
* .resourceGroupName(example.name())
* .identity(AccountIdentityArgs.builder()
* .type("UserAssigned")
* .identityIds(exampleUserAssignedIdentity.id())
* .build())
* .build());
* var exampleAccountEncryption = new AccountEncryption("exampleAccountEncryption", AccountEncryptionArgs.builder()
* .netappAccountId(exampleAccount.id())
* .userAssignedIdentityId(exampleUserAssignedIdentity.id())
* .encryptionKey(exampleKey.versionlessId())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleUserAssignedIdentity:
* type: azure:authorization:UserAssignedIdentity
* name: example
* properties:
* name: anf-user-assigned-identity
* location: ${example.location}
* resourceGroupName: ${example.name}
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: anfcmkakv
* location: ${example.location}
* resourceGroupName: ${example.name}
* enabledForDiskEncryption: true
* enabledForDeployment: true
* enabledForTemplateDeployment: true
* purgeProtectionEnabled: true
* tenantId: 00000000-0000-0000-0000-000000000000
* skuName: standard
* accessPolicies:
* - tenantId: 00000000-0000-0000-0000-000000000000
* objectId: ${current.objectId}
* keyPermissions:
* - Get
* - Create
* - Delete
* - WrapKey
* - UnwrapKey
* - GetRotationPolicy
* - SetRotationPolicy
* - tenantId: 00000000-0000-0000-0000-000000000000
* objectId: ${exampleUserAssignedIdentity.principalId}
* keyPermissions:
* - Get
* - Encrypt
* - Decrypt
* exampleKey:
* type: azure:keyvault:Key
* name: example
* properties:
* name: anfencryptionkey
* keyVaultId: ${exampleKeyVault.id}
* keyType: RSA
* keySize: 2048
* keyOpts:
* - decrypt
* - encrypt
* - sign
* - unwrapKey
* - verify
* - wrapKey
* exampleAccount:
* type: azure:netapp:Account
* name: example
* properties:
* name: netappaccount
* location: ${example.location}
* resourceGroupName: ${example.name}
* identity:
* type: UserAssigned
* identityIds:
* - ${exampleUserAssignedIdentity.id}
* exampleAccountEncryption:
* type: azure:netapp:AccountEncryption
* name: example
* properties:
* netappAccountId: ${exampleAccount.id}
* userAssignedIdentityId: ${exampleUserAssignedIdentity.id}
* encryptionKey: ${exampleKey.versionlessId}
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Account Encryption Resources can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:netapp/accountEncryption:AccountEncryption example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.NetApp/netAppAccounts/account1
* ```
* @property encryptionKey Specify the versionless ID of the encryption key.
* @property netappAccountId The ID of the NetApp account where volume under it will have customer managed keys-based encryption enabled.
* @property systemAssignedIdentityPrincipalId The ID of the System Assigned Manged Identity. Conflicts with `user_assigned_identity_id`.
* @property userAssignedIdentityId The ID of the User Assigned Managed Identity. Conflicts with `system_assigned_identity_principal_id`.
*/
public data class AccountEncryptionArgs(
public val encryptionKey: Output? = null,
public val netappAccountId: Output? = null,
public val systemAssignedIdentityPrincipalId: Output? = null,
public val userAssignedIdentityId: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.netapp.AccountEncryptionArgs =
com.pulumi.azure.netapp.AccountEncryptionArgs.builder()
.encryptionKey(encryptionKey?.applyValue({ args0 -> args0 }))
.netappAccountId(netappAccountId?.applyValue({ args0 -> args0 }))
.systemAssignedIdentityPrincipalId(
systemAssignedIdentityPrincipalId?.applyValue({ args0 ->
args0
}),
)
.userAssignedIdentityId(userAssignedIdentityId?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AccountEncryptionArgs].
*/
@PulumiTagMarker
public class AccountEncryptionArgsBuilder internal constructor() {
private var encryptionKey: Output? = null
private var netappAccountId: Output? = null
private var systemAssignedIdentityPrincipalId: Output? = null
private var userAssignedIdentityId: Output? = null
/**
* @param value Specify the versionless ID of the encryption key.
*/
@JvmName("cnqsbwiuximvqsnl")
public suspend fun encryptionKey(`value`: Output) {
this.encryptionKey = value
}
/**
* @param value The ID of the NetApp account where volume under it will have customer managed keys-based encryption enabled.
*/
@JvmName("okvfojjvhogoypno")
public suspend fun netappAccountId(`value`: Output) {
this.netappAccountId = value
}
/**
* @param value The ID of the System Assigned Manged Identity. Conflicts with `user_assigned_identity_id`.
*/
@JvmName("uiqpvptgrxvsikkx")
public suspend fun systemAssignedIdentityPrincipalId(`value`: Output) {
this.systemAssignedIdentityPrincipalId = value
}
/**
* @param value The ID of the User Assigned Managed Identity. Conflicts with `system_assigned_identity_principal_id`.
*/
@JvmName("fsucymssdhuefrux")
public suspend fun userAssignedIdentityId(`value`: Output) {
this.userAssignedIdentityId = value
}
/**
* @param value Specify the versionless ID of the encryption key.
*/
@JvmName("feiunwdadoxyhjcs")
public suspend fun encryptionKey(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.encryptionKey = mapped
}
/**
* @param value The ID of the NetApp account where volume under it will have customer managed keys-based encryption enabled.
*/
@JvmName("jtkmjiqwoccuibti")
public suspend fun netappAccountId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.netappAccountId = mapped
}
/**
* @param value The ID of the System Assigned Manged Identity. Conflicts with `user_assigned_identity_id`.
*/
@JvmName("rorfxpvodvhntbdf")
public suspend fun systemAssignedIdentityPrincipalId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.systemAssignedIdentityPrincipalId = mapped
}
/**
* @param value The ID of the User Assigned Managed Identity. Conflicts with `system_assigned_identity_principal_id`.
*/
@JvmName("mxgofefcoctqamej")
public suspend fun userAssignedIdentityId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.userAssignedIdentityId = mapped
}
internal fun build(): AccountEncryptionArgs = AccountEncryptionArgs(
encryptionKey = encryptionKey,
netappAccountId = netappAccountId,
systemAssignedIdentityPrincipalId = systemAssignedIdentityPrincipalId,
userAssignedIdentityId = userAssignedIdentityId,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy