Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.keyvault.kotlin
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultAccessPolicy
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultContact
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultNetworkAcls
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Deprecated
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.collections.Map
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultAccessPolicy.Companion.toKotlin as keyVaultAccessPolicyToKotlin
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultContact.Companion.toKotlin as keyVaultContactToKotlin
import com.pulumi.azure.keyvault.kotlin.outputs.KeyVaultNetworkAcls.Companion.toKotlin as keyVaultNetworkAclsToKotlin
/**
* Builder for [KeyVault].
*/
@PulumiTagMarker
public class KeyVaultResourceBuilder internal constructor() {
public var name: String? = null
public var args: KeyVaultArgs = KeyVaultArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend KeyVaultArgsBuilder.() -> Unit) {
val builder = KeyVaultArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): KeyVault {
val builtJavaResource = com.pulumi.azure.keyvault.KeyVault(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return KeyVault(builtJavaResource)
}
}
/**
* Manages a Key Vault.
* ## Disclaimers
* > **Note:** It's possible to define Key Vault Access Policies both within the `azure.keyvault.KeyVault` resource via the `access_policy` block and by using the `azure.keyvault.AccessPolicy` resource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.
* > **Note:** It's possible to define Key Vault Certificate Contacts both within the `azure.keyvault.KeyVault` resource via the `contact` block and by using the `azure.keyvault.CertificateContacts` resource. However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const current = azure.core.getClientConfig({});
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleKeyVault = new azure.keyvault.KeyVault("example", {
* name: "examplekeyvault",
* location: example.location,
* resourceGroupName: example.name,
* enabledForDiskEncryption: true,
* tenantId: current.then(current => current.tenantId),
* softDeleteRetentionDays: 7,
* purgeProtectionEnabled: false,
* skuName: "standard",
* accessPolicies: [{
* tenantId: current.then(current => current.tenantId),
* objectId: current.then(current => current.objectId),
* keyPermissions: ["Get"],
* secretPermissions: ["Get"],
* storagePermissions: ["Get"],
* }],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* current = azure.core.get_client_config()
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_key_vault = azure.keyvault.KeyVault("example",
* name="examplekeyvault",
* location=example.location,
* resource_group_name=example.name,
* enabled_for_disk_encryption=True,
* tenant_id=current.tenant_id,
* soft_delete_retention_days=7,
* purge_protection_enabled=False,
* sku_name="standard",
* access_policies=[{
* "tenant_id": current.tenant_id,
* "object_id": current.object_id,
* "key_permissions": ["Get"],
* "secret_permissions": ["Get"],
* "storage_permissions": ["Get"],
* }])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var current = Azure.Core.GetClientConfig.Invoke();
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
* {
* Name = "examplekeyvault",
* Location = example.Location,
* ResourceGroupName = example.Name,
* EnabledForDiskEncryption = true,
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* SoftDeleteRetentionDays = 7,
* PurgeProtectionEnabled = false,
* SkuName = "standard",
* AccessPolicies = new[]
* {
* new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
* {
* TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
* ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
* KeyPermissions = new[]
* {
* "Get",
* },
* SecretPermissions = new[]
* {
* "Get",
* },
* StoragePermissions = new[]
* {
* "Get",
* },
* },
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* _, err = keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
* Name: pulumi.String("examplekeyvault"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* EnabledForDiskEncryption: pulumi.Bool(true),
* TenantId: pulumi.String(current.TenantId),
* SoftDeleteRetentionDays: pulumi.Int(7),
* PurgeProtectionEnabled: pulumi.Bool(false),
* SkuName: pulumi.String("standard"),
* AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
* &keyvault.KeyVaultAccessPolicyArgs{
* TenantId: pulumi.String(current.TenantId),
* ObjectId: pulumi.String(current.ObjectId),
* KeyPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* },
* SecretPermissions: pulumi.StringArray{
* pulumi.String("Get"),
* },
* StoragePermissions: pulumi.StringArray{
* pulumi.String("Get"),
* },
* },
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.keyvault.KeyVault;
* import com.pulumi.azure.keyvault.KeyVaultArgs;
* import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = CoreFunctions.getClientConfig();
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
* .name("examplekeyvault")
* .location(example.location())
* .resourceGroupName(example.name())
* .enabledForDiskEncryption(true)
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .softDeleteRetentionDays(7)
* .purgeProtectionEnabled(false)
* .skuName("standard")
* .accessPolicies(KeyVaultAccessPolicyArgs.builder()
* .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
* .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
* .keyPermissions("Get")
* .secretPermissions("Get")
* .storagePermissions("Get")
* .build())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleKeyVault:
* type: azure:keyvault:KeyVault
* name: example
* properties:
* name: examplekeyvault
* location: ${example.location}
* resourceGroupName: ${example.name}
* enabledForDiskEncryption: true
* tenantId: ${current.tenantId}
* softDeleteRetentionDays: 7
* purgeProtectionEnabled: false
* skuName: standard
* accessPolicies:
* - tenantId: ${current.tenantId}
* objectId: ${current.objectId}
* keyPermissions:
* - Get
* secretPermissions:
* - Get
* storagePermissions:
* - Get
* variables:
* current:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* Key Vault's can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:keyvault/keyVault:KeyVault example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.KeyVault/vaults/vault1
* ```
*/
public class KeyVault internal constructor(
override val javaResource: com.pulumi.azure.keyvault.KeyVault,
) : KotlinCustomResource(javaResource, KeyVaultMapper) {
/**
* A list of up to 1024 objects describing access policies, as described below.
* > **NOTE** Since `access_policy` can be configured both inline and via the separate `azure.keyvault.AccessPolicy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
*/
public val accessPolicies: Output>
get() = javaResource.accessPolicies().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> keyVaultAccessPolicyToKotlin(args0) })
})
})
/**
* One or more `contact` block as defined below.
* > **Note:** This field can only be set once user has `managecontacts` certificate permission.
* > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
*/
@Deprecated(
message = """
As the `contact` property requires reaching out to the dataplane, to better support private
endpoints and keyvaults with public network access disabled, new key vaults with the `contact`
field defined in the configuration file will now be required to use the
`azure.keyvault.CertificateContacts` resource instead of the exposed `contact` field in the
key vault resource itself.
""",
)
public val contacts: Output>
get() = javaResource.contacts().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
keyVaultContactToKotlin(args0)
})
})
})
/**
* Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
*/
public val enableRbacAuthorization: Output?
get() = javaResource.enableRbacAuthorization().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
*/
public val enabledForDeployment: Output?
get() = javaResource.enabledForDeployment().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
*/
public val enabledForDiskEncryption: Output?
get() = javaResource.enabledForDiskEncryption().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
*/
public val enabledForTemplateDeployment: Output?
get() = javaResource.enabledForTemplateDeployment().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
*/
public val location: Output
get() = javaResource.location().applyValue({ args0 -> args0 })
/**
* Specifies the name of the Key Vault. Changing this forces a new resource to be created. The name must be globally unique. If the vault is in a recoverable state then the vault will need to be purged before reusing the name.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* A `network_acls` block as defined below.
*/
public val networkAcls: Output
get() = javaResource.networkAcls().applyValue({ args0 ->
args0.let({ args0 ->
keyVaultNetworkAclsToKotlin(args0)
})
})
/**
* Whether public network access is allowed for this Key Vault. Defaults to `true`.
*/
public val publicNetworkAccessEnabled: Output?
get() = javaResource.publicNetworkAccessEnabled().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Is Purge Protection enabled for this Key Vault?
* !> **Note:** Once Purge Protection has been Enabled it's not possible to Disable it. Support for [disabling purge protection is being tracked in this Azure API issue](https://github.com/Azure/azure-rest-api-specs/issues/8075). Deleting the Key Vault with Purge Protection Enabled will schedule the Key Vault to be deleted (which will happen by Azure in the configured number of days, currently 90 days).
*/
public val purgeProtectionEnabled: Output?
get() = javaResource.purgeProtectionEnabled().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The name of the resource group in which to create the Key Vault. Changing this forces a new resource to be created.
*/
public val resourceGroupName: Output
get() = javaResource.resourceGroupName().applyValue({ args0 -> args0 })
/**
* The Name of the SKU used for this Key Vault. Possible values are `standard` and `premium`.
*/
public val skuName: Output
get() = javaResource.skuName().applyValue({ args0 -> args0 })
/**
* The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
* > **Note:** This field can only be configured one time and cannot be updated.
*
*/
public val softDeleteRetentionDays: Output?
get() = javaResource.softDeleteRetentionDays().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* A mapping of tags to assign to the resource.
*/
public val tags: Output>?
get() = javaResource.tags().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}).orElse(null)
})
/**
* The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
*/
public val tenantId: Output
get() = javaResource.tenantId().applyValue({ args0 -> args0 })
/**
* The URI of the Key Vault, used for performing operations on keys and secrets.
*/
public val vaultUri: Output
get() = javaResource.vaultUri().applyValue({ args0 -> args0 })
}
public object KeyVaultMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.keyvault.KeyVault::class == javaResource::class
override fun map(javaResource: Resource): KeyVault = KeyVault(
javaResource as
com.pulumi.azure.keyvault.KeyVault,
)
}
/**
* @see [KeyVault].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [KeyVault].
*/
public suspend fun keyVault(name: String, block: suspend KeyVaultResourceBuilder.() -> Unit): KeyVault {
val builder = KeyVaultResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [KeyVault].
* @param name The _unique_ name of the resulting resource.
*/
public fun keyVault(name: String): KeyVault {
val builder = KeyVaultResourceBuilder()
builder.name(name)
return builder.build()
}
