Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.azure.databricks.kotlin.WorkspaceCustomerManagedKey.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.databricks.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
/**
* Builder for [WorkspaceCustomerManagedKey].
*/
@PulumiTagMarker
public class WorkspaceCustomerManagedKeyResourceBuilder internal constructor() {
public var name: String? = null
public var args: WorkspaceCustomerManagedKeyArgs = WorkspaceCustomerManagedKeyArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend WorkspaceCustomerManagedKeyArgsBuilder.() -> Unit) {
val builder = WorkspaceCustomerManagedKeyArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): WorkspaceCustomerManagedKey {
val builtJavaResource =
com.pulumi.azure.databricks.WorkspaceCustomerManagedKey(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return WorkspaceCustomerManagedKey(builtJavaResource)
}
}
/**
* Manages a Customer Managed Key for a Databricks Workspace root DBFS
* !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `azure.databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleWorkspace = new azure.databricks.Workspace("example", {
* name: "databricks-test",
* resourceGroupName: example.name,
* location: example.location,
* sku: "premium",
* customerManagedKeyEnabled: true,
* tags: {
* Environment: "Production",
* },
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "examplekeyvault",
* location: example.location,
* resourceGroupName: example.name,
* tenantId: current.then(current => current.tenantId),
* skuName: "premium",
* purgeProtectionEnabled: true,
* softDeleteRetentionDays: 7,
* });
* const terraform = new azure.keyvault.AccessPolicy("terraform", {
* keyVaultId: exampleKeyVault.id,
* tenantId: exampleKeyVault.tenantId,
* objectId: current.then(current => current.objectId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ],
* });
* const exampleKey = new azure.keyvault.Key("example", {
* name: "example-certificate",
* keyVaultId: exampleKeyVault.id,
* keyType: "RSA",
* keySize: 2048,
* keyOpts: [
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* }, {
* dependsOn: [terraform],
* });
* const databricks = new azure.keyvault.AccessPolicy("databricks", {
* keyVaultId: exampleKeyVault.id,
* tenantId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].tenantId),
* objectId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].principalId),
* keyPermissions: [
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ],
* }, {
* dependsOn: [exampleWorkspace],
* });
* const exampleWorkspaceRootDbfsCustomerManagedKey = new azure.databricks.WorkspaceRootDbfsCustomerManagedKey("example", {
* workspaceId: exampleWorkspace.id,
* keyVaultKeyId: exampleKey.id,
* }, {
* dependsOn: [databricks],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_workspace = azure.databricks.Workspace("example",
* name="databricks-test",
* resource_group_name=example.name,
* location=example.location,
* sku="premium",
* customer_managed_key_enabled=True,
* tags={
* "Environment": "Production",
* })
* example_key_vault = azure.keyvault.KeyVault("example",
* name="examplekeyvault",
* location=example.location,
* resource_group_name=example.name,
* tenant_id=current.tenant_id,
* sku_name="premium",
* purge_protection_enabled=True,
* soft_delete_retention_days=7)
* terraform = azure.keyvault.AccessPolicy("terraform",
* key_vault_id=example_key_vault.id,
* tenant_id=example_key_vault.tenant_id,
* object_id=current.object_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* ])
* example_key = azure.keyvault.Key("example",
* name="example-certificate",
* key_vault_id=example_key_vault.id,
* key_type="RSA",
* key_size=2048,
* key_opts=[
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* ],
* opts = pulumi.ResourceOptions(depends_on=[terraform]))
* databricks = azure.keyvault.AccessPolicy("databricks",
* key_vault_id=example_key_vault.id,
* tenant_id=example_workspace.storage_account_identities[0].tenant_id,
* object_id=example_workspace.storage_account_identities[0].principal_id,
* key_permissions=[
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* ],
* opts = pulumi.ResourceOptions(depends_on=[example_workspace]))
* example_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey("example",
* workspace_id=example_workspace.id,
* key_vault_key_id=example_key.id,
* opts = pulumi.ResourceOptions(depends_on=[databricks]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleWorkspace = new Azure.DataBricks.Workspace("example", new()
* {
* Name = "databricks-test",
* ResourceGroupName = example.Name,
* Location = example.Location,
* Sku = "premium",
* CustomerManagedKeyEnabled = true,
* Tags =
* {
* { "Environment", "Production" },
* },
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "examplekeyvault",
* Location = example.Location,
* ResourceGroupName = example.Name,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* SkuName = "premium",
* PurgeProtectionEnabled = true,
* SoftDeleteRetentionDays = 7,
* });
* var terraform = new Azure.KeyVault.AccessPolicy("terraform", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = exampleKeyVault.TenantId,
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy",
* },
* });
* var exampleKey = new Azure.KeyVault.Key("example", new()
* {
* Name = "example-certificate",
* KeyVaultId = exampleKeyVault.Id,
* KeyType = "RSA",
* KeySize = 2048,
* KeyOpts = new[]
* {
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey",
* },
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* terraform,
* },
* });
* var databricks = new Azure.KeyVault.AccessPolicy("databricks", new()
* {
* KeyVaultId = exampleKeyVault.Id,
* TenantId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].TenantId),
* ObjectId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].PrincipalId),
* KeyPermissions = new[]
* {
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* },
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* exampleWorkspace,
* },
* });
* var exampleWorkspaceRootDbfsCustomerManagedKey = new Azure.DataBricks.WorkspaceRootDbfsCustomerManagedKey("example", new()
* {
* WorkspaceId = exampleWorkspace.Id,
* KeyVaultKeyId = exampleKey.Id,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* databricks,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/databricks"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleWorkspace, err := databricks.NewWorkspace(ctx, "example", &databricks.WorkspaceArgs{
* Name: pulumi.String("databricks-test"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* Sku: pulumi.String("premium"),
* CustomerManagedKeyEnabled: pulumi.Bool(true),
* Tags: pulumi.StringMap{
* "Environment": pulumi.String("Production"),
* },
* })
* if err != nil {
* return err
* }
* exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("examplekeyvault"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* TenantId: pulumi.String(current.TenantId),
* SkuName: pulumi.String("premium"),
* PurgeProtectionEnabled: pulumi.Bool(true),
* SoftDeleteRetentionDays: pulumi.Int(7),
* })
* if err != nil {
* return err
* }
* terraform, err := keyvault.NewAccessPolicy(ctx, "terraform", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: exampleKeyVault.TenantId,
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* pulumi.String("GetRotationPolicy"),
* },
* })
* if err != nil {
* return err
* }
* exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
* Name: pulumi.String("example-certificate"),
* KeyVaultId: exampleKeyVault.ID(),
* KeyType: pulumi.String("RSA"),
* KeySize: pulumi.Int(2048),
* KeyOpts: pulumi.StringArray{
* pulumi.String("decrypt"),
* pulumi.String("encrypt"),
* pulumi.String("sign"),
* pulumi.String("unwrapKey"),
* pulumi.String("verify"),
* pulumi.String("wrapKey"),
* },
* }, pulumi.DependsOn([]pulumi.Resource{
* terraform,
* }))
* if err != nil {
* return err
* }
* databricks, err := keyvault.NewAccessPolicy(ctx, "databricks", &keyvault.AccessPolicyArgs{
* KeyVaultId: exampleKeyVault.ID(),
* TenantId: pulumi.String(exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {
* return &storageAccountIdentities[0].TenantId, nil
* }).(pulumi.StringPtrOutput)),
* ObjectId: pulumi.String(exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {
* return &storageAccountIdentities[0].PrincipalId, nil
* }).(pulumi.StringPtrOutput)),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Create"),
* pulumi.String("Delete"),
* pulumi.String("Get"),
* pulumi.String("Purge"),
* pulumi.String("Recover"),
* pulumi.String("Update"),
* pulumi.String("List"),
* pulumi.String("Decrypt"),
* pulumi.String("Sign"),
* },
* }, pulumi.DependsOn([]pulumi.Resource{
* exampleWorkspace,
* }))
* if err != nil {
* return err
* }
* _, err = databricks.NewWorkspaceRootDbfsCustomerManagedKey(ctx, "example", &databricks.WorkspaceRootDbfsCustomerManagedKeyArgs{
* WorkspaceId: exampleWorkspace.ID(),
* KeyVaultKeyId: exampleKey.ID(),
* }, pulumi.DependsOn([]pulumi.Resource{
* databricks,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.databricks.Workspace;
* import com.pulumi.azure.databricks.WorkspaceArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.AccessPolicy;
* import com.pulumi.azure.keyvault.AccessPolicyArgs;
* import com.pulumi.azure.keyvault.Key;
* import com.pulumi.azure.keyvault.KeyArgs;
* import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKey;
* import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKeyArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
* .name("databricks-test")
* .resourceGroupName(example.name())
* .location(example.location())
* .sku("premium")
* .customerManagedKeyEnabled(true)
* .tags(Map.of("Environment", "Production"))
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("examplekeyvault")
* .location(example.location())
* .resourceGroupName(example.name())
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .skuName("premium")
* .purgeProtectionEnabled(true)
* .softDeleteRetentionDays(7)
* .build());
* var terraform = new AccessPolicy("terraform", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(exampleKeyVault.tenantId())
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign",
* "GetRotationPolicy")
* .build());
* var exampleKey = new Key("exampleKey", KeyArgs.builder()
* .name("example-certificate")
* .keyVaultId(exampleKeyVault.id())
* .keyType("RSA")
* .keySize(2048)
* .keyOpts(
* "decrypt",
* "encrypt",
* "sign",
* "unwrapKey",
* "verify",
* "wrapKey")
* .build(), CustomResourceOptions.builder()
* .dependsOn(terraform)
* .build());
* var databricks = new AccessPolicy("databricks", AccessPolicyArgs.builder()
* .keyVaultId(exampleKeyVault.id())
* .tenantId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].tenantId()))
* .objectId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].principalId()))
* .keyPermissions(
* "Create",
* "Delete",
* "Get",
* "Purge",
* "Recover",
* "Update",
* "List",
* "Decrypt",
* "Sign")
* .build(), CustomResourceOptions.builder()
* .dependsOn(exampleWorkspace)
* .build());
* var exampleWorkspaceRootDbfsCustomerManagedKey = new WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", WorkspaceRootDbfsCustomerManagedKeyArgs.builder()
* .workspaceId(exampleWorkspace.id())
* .keyVaultKeyId(exampleKey.id())
* .build(), CustomResourceOptions.builder()
* .dependsOn(databricks)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleWorkspace:
* type: azure:databricks:Workspace
* name: example
* properties:
* name: databricks-test
* resourceGroupName: ${example.name}
* location: ${example.location}
* sku: premium
* customerManagedKeyEnabled: true
* tags:
* Environment: Production
* exampleWorkspaceRootDbfsCustomerManagedKey:
* type: azure:databricks:WorkspaceRootDbfsCustomerManagedKey
* name: example
* properties:
* workspaceId: ${exampleWorkspace.id}
* keyVaultKeyId: ${exampleKey.id}
* options:
* dependson:
* - ${databricks}
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: examplekeyvault
* location: ${example.location}
* resourceGroupName: ${example.name}
* tenantId: ${current.tenantId}
* skuName: premium
* purgeProtectionEnabled: true
* softDeleteRetentionDays: 7
* exampleKey:
* type: azure:keyvault:Key
* name: example
* properties:
* name: example-certificate
* keyVaultId: ${exampleKeyVault.id}
* keyType: RSA
* keySize: 2048
* keyOpts:
* - decrypt
* - encrypt
* - sign
* - unwrapKey
* - verify
* - wrapKey
* options:
* dependson:
* - ${terraform}
* terraform:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${exampleKeyVault.tenantId}
* objectId: ${current.objectId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* - GetRotationPolicy
* databricks:
* type: azure:keyvault:AccessPolicy
* properties:
* keyVaultId: ${exampleKeyVault.id}
* tenantId: ${exampleWorkspace.storageAccountIdentities[0].tenantId}
* objectId: ${exampleWorkspace.storageAccountIdentities[0].principalId}
* keyPermissions:
* - Create
* - Delete
* - Get
* - Purge
* - Recover
* - Update
* - List
* - Decrypt
* - Sign
* options:
* dependson:
* - ${exampleWorkspace}
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Example HCL Configurations
* * Databricks Workspace with Root Databricks File System Customer Managed Keys
* * Databricks Workspace with Customer Managed Keys for Managed Services
* * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys
* ## Import
* Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:databricks/workspaceCustomerManagedKey:WorkspaceCustomerManagedKey workspace1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Databricks/workspaces/workspace1
* ```
*/
public class WorkspaceCustomerManagedKey internal constructor(
override val javaResource: com.pulumi.azure.databricks.WorkspaceCustomerManagedKey,
) : KotlinCustomResource(javaResource, WorkspaceCustomerManagedKeyMapper) {
/**
* The ID of the Key Vault.
*/
public val keyVaultKeyId: Output
get() = javaResource.keyVaultKeyId().applyValue({ args0 -> args0 })
/**
* The ID of the Databricks Workspace..
*/
public val workspaceId: Output
get() = javaResource.workspaceId().applyValue({ args0 -> args0 })
}
public object WorkspaceCustomerManagedKeyMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.databricks.WorkspaceCustomerManagedKey::class == javaResource::class
override fun map(javaResource: Resource): WorkspaceCustomerManagedKey =
WorkspaceCustomerManagedKey(
javaResource as
com.pulumi.azure.databricks.WorkspaceCustomerManagedKey,
)
}
/**
* @see [WorkspaceCustomerManagedKey].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [WorkspaceCustomerManagedKey].
*/
public suspend fun workspaceCustomerManagedKey(
name: String,
block: suspend WorkspaceCustomerManagedKeyResourceBuilder.() -> Unit,
): WorkspaceCustomerManagedKey {
val builder = WorkspaceCustomerManagedKeyResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [WorkspaceCustomerManagedKey].
* @param name The _unique_ name of the resulting resource.
*/
public fun workspaceCustomerManagedKey(name: String): WorkspaceCustomerManagedKey {
val builder = WorkspaceCustomerManagedKeyResourceBuilder()
builder.name(name)
return builder.build()
}
