pulumi-azure-native-kotlin/com.pulumi.azurenative.keyvault.kotlin.inputs/VaultPropertiesArgs

VaultPropertiesArgs

data class VaultPropertiesArgs(val accessPolicies: Output<List<AccessPolicyEntryArgs>>? = null, val createMode: Output<CreateMode>? = null, val enablePurgeProtection: Output<Boolean>? = null, val enableRbacAuthorization: Output<Boolean>? = null, val enableSoftDelete: Output<Boolean>? = null, val enabledForDeployment: Output<Boolean>? = null, val enabledForDiskEncryption: Output<Boolean>? = null, val enabledForTemplateDeployment: Output<Boolean>? = null, val networkAcls: Output<NetworkRuleSetArgs>? = null, val provisioningState: Output<Either<String, VaultProvisioningState>>? = null, val publicNetworkAccess: Output<String>? = null, val sku: Output<SkuArgs>, val softDeleteRetentionInDays: Output<Int>? = null, val tenantId: Output<String>, val vaultUri: Output<String>? = null) : ConvertibleToJava<VaultPropertiesArgs>

Properties of the vault

Constructors

Link copied to clipboard
fun VaultPropertiesArgs(accessPolicies: Output<List<AccessPolicyEntryArgs>>? = null, createMode: Output<CreateMode>? = null, enablePurgeProtection: Output<Boolean>? = null, enableRbacAuthorization: Output<Boolean>? = null, enableSoftDelete: Output<Boolean>? = null, enabledForDeployment: Output<Boolean>? = null, enabledForDiskEncryption: Output<Boolean>? = null, enabledForTemplateDeployment: Output<Boolean>? = null, networkAcls: Output<NetworkRuleSetArgs>? = null, provisioningState: Output<Either<String, VaultProvisioningState>>? = null, publicNetworkAccess: Output<String>? = null, sku: Output<SkuArgs>, softDeleteRetentionInDays: Output<Int>? = null, tenantId: Output<String>, vaultUri: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): VaultPropertiesArgs

Properties

Link copied to clipboard
val accessPolicies: Output<List<AccessPolicyEntryArgs>>? = null

An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.

Link copied to clipboard
val createMode: Output<CreateMode>? = null

The vault's create mode to indicate whether the vault need to be recovered or not.

Link copied to clipboard
val enabledForDeployment: Output<Boolean>? = null

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

Link copied to clipboard
val enabledForDiskEncryption: Output<Boolean>? = null

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

Link copied to clipboard
val enabledForTemplateDeployment: Output<Boolean>? = null

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

Link copied to clipboard
val enablePurgeProtection: Output<Boolean>? = null

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

Link copied to clipboard
val enableRbacAuthorization: Output<Boolean>? = null

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

Link copied to clipboard
val enableSoftDelete: Output<Boolean>? = null

Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

Link copied to clipboard
val networkAcls: Output<NetworkRuleSetArgs>? = null

Rules governing the accessibility of the key vault from specific network locations.

Link copied to clipboard
val provisioningState: Output<Either<String, VaultProvisioningState>>? = null

Provisioning state of the vault.

Link copied to clipboard
val publicNetworkAccess: Output<String>? = null

Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.

Link copied to clipboard
val sku: Output<SkuArgs>

SKU details

Link copied to clipboard
val softDeleteRetentionInDays: Output<Int>? = null

softDelete data retention days. It accepts >=7 and <=90.

Link copied to clipboard
val tenantId: Output<String>

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

Link copied to clipboard
val vaultUri: Output<String>? = null

The URI of the vault for performing operations on keys and secrets.