pulumi-azure-native-kotlin/com.pulumi.azurenative.compute.kotlin/DiskEncryptionSet

DiskEncryptionSet

class DiskEncryptionSet : KotlinCustomResource

disk encryption set resource. Azure REST API version: 2022-07-02. Prior API version in Azure Native 1.x: 2020-12-01. Other available API versions: 2020-06-30, 2023-01-02, 2023-04-02.

Example Usage

Create a disk encryption set with key vault from a different subscription.

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
    {
        ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
        {
            KeyUrl = "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}",
        },
        DiskEncryptionSetName = "myDiskEncryptionSet",
        EncryptionType = "EncryptionAtRestWithCustomerKey",
        Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
        {
            Type = "SystemAssigned",
        },
        Location = "West US",
        ResourceGroupName = "myResourceGroup",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
			ActiveKey: &compute.KeyForDiskEncryptionSetArgs{
				KeyUrl: pulumi.String("https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"),
			},
			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
			EncryptionType:        pulumi.String("EncryptionAtRestWithCustomerKey"),
			Identity: &compute.EncryptionSetIdentityArgs{
				Type: pulumi.String("SystemAssigned"),
			},
			Location:          pulumi.String("West US"),
			ResourceGroupName: pulumi.String("myResourceGroup"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.compute.DiskEncryptionSet;
import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
            .activeKey(Map.of("keyUrl", "https://myvaultdifferentsub.vault-int.azure-int.net/keys/{key}"))
            .diskEncryptionSetName("myDiskEncryptionSet")
            .encryptionType("EncryptionAtRestWithCustomerKey")
            .identity(Map.of("type", "SystemAssigned"))
            .location("West US")
            .resourceGroupName("myResourceGroup")
            .build());
    }
}
Content copied to clipboard

Create a disk encryption set.

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var diskEncryptionSet = new AzureNative.Compute.DiskEncryptionSet("diskEncryptionSet", new()
    {
        ActiveKey = new AzureNative.Compute.Inputs.KeyForDiskEncryptionSetArgs
        {
            KeyUrl = "https://myvmvault.vault-int.azure-int.net/keys/{key}",
            SourceVault = new AzureNative.Compute.Inputs.SourceVaultArgs
            {
                Id = "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault",
            },
        },
        DiskEncryptionSetName = "myDiskEncryptionSet",
        EncryptionType = "EncryptionAtRestWithCustomerKey",
        Identity = new AzureNative.Compute.Inputs.EncryptionSetIdentityArgs
        {
            Type = "SystemAssigned",
        },
        Location = "West US",
        ResourceGroupName = "myResourceGroup",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-azure-native-sdk/compute/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := compute.NewDiskEncryptionSet(ctx, "diskEncryptionSet", &compute.DiskEncryptionSetArgs{
			ActiveKey: compute.KeyForDiskEncryptionSetResponse{
				KeyUrl: pulumi.String("https://myvmvault.vault-int.azure-int.net/keys/{key}"),
				SourceVault: &compute.SourceVaultArgs{
					Id: pulumi.String("/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"),
				},
			},
			DiskEncryptionSetName: pulumi.String("myDiskEncryptionSet"),
			EncryptionType:        pulumi.String("EncryptionAtRestWithCustomerKey"),
			Identity: &compute.EncryptionSetIdentityArgs{
				Type: pulumi.String("SystemAssigned"),
			},
			Location:          pulumi.String("West US"),
			ResourceGroupName: pulumi.String("myResourceGroup"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.compute.DiskEncryptionSet;
import com.pulumi.azurenative.compute.DiskEncryptionSetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var diskEncryptionSet = new DiskEncryptionSet("diskEncryptionSet", DiskEncryptionSetArgs.builder()
            .activeKey(Map.ofEntries(
                Map.entry("keyUrl", "https://myvmvault.vault-int.azure-int.net/keys/{key}"),
                Map.entry("sourceVault", Map.of("id", "/subscriptions/{subscriptionId}/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/myVMVault"))
            ))
            .diskEncryptionSetName("myDiskEncryptionSet")
            .encryptionType("EncryptionAtRestWithCustomerKey")
            .identity(Map.of("type", "SystemAssigned"))
            .location("West US")
            .resourceGroupName("myResourceGroup")
            .build());
    }
}
Content copied to clipboard

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:compute:DiskEncryptionSet myDiskEncryptionSet /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSetName}
Content copied to clipboard

Properties

Link copied to clipboard
val activeKey: Output<KeyForDiskEncryptionSetResponse>?

The key vault key which is currently used by this disk encryption set.

Link copied to clipboard
val autoKeyRotationError: Output<ApiErrorResponse>

The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.

Link copied to clipboard
val encryptionType: Output<String>?

The type of key used to encrypt the data of the disk.

Link copied to clipboard
val federatedClientId: Output<String>?

Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val identity: Output<EncryptionSetIdentityResponse>?

The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.

Link copied to clipboard
val lastKeyRotationTimestamp: Output<String>

The time when the active key of this disk encryption set was updated.

Link copied to clipboard
val location: Output<String>

Resource location

Link copied to clipboard
val name: Output<String>

Resource name

Link copied to clipboard
val previousKeys: Output<List<KeyForDiskEncryptionSetResponse>>

A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.

Link copied to clipboard
val provisioningState: Output<String>

The disk encryption set provisioning state.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val rotationToLatestKeyVersionEnabled: Output<Boolean>?

Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.

Link copied to clipboard
val tags: Output<Map<String, String>>?

Resource tags

Link copied to clipboard
val type: Output<String>

Resource type

Link copied to clipboard
val urn: Output<String>