Configuration
Manages an Azure App Configuration Key.
Note: App Configuration Keys are provisioned using a Data Plane API which requires the role
App Configuration Data Owneron either the App Configuration or a parent scope (such as the Resource Group/Subscription). More information can be found in the Azure Documentation for App Configuration.
Example Usage
Kv Type
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.appconfiguration.ConfigurationKey;
import com.pulumi.azure.appconfiguration.ConfigurationKeyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var appconf = new ConfigurationStore("appconf", ConfigurationStoreArgs.builder()
.resourceGroupName(example.name())
.location(example.location())
.build());
final var current = CoreFunctions.getClientConfig();
var appconfDataowner = new Assignment("appconfDataowner", AssignmentArgs.builder()
.scope(appconf.id())
.roleDefinitionName("App Configuration Data Owner")
.principalId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.build());
var test = new ConfigurationKey("test", ConfigurationKeyArgs.builder()
.configurationStoreId(appconf.id())
.key("appConfKey1")
.label("somelabel")
.value("a test")
.build(), CustomResourceOptions.builder()
.dependsOn(appconfDataowner)
.build());
}
}Content copied to clipboard
Vault Type
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Secret;
import com.pulumi.azure.keyvault.SecretArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.appconfiguration.ConfigurationKey;
import com.pulumi.azure.appconfiguration.ConfigurationKeyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var appconf = new ConfigurationStore("appconf", ConfigurationStoreArgs.builder()
.resourceGroupName(example.name())
.location(example.location())
.build());
final var current = CoreFunctions.getClientConfig();
var kv = new KeyVault("kv", KeyVaultArgs.builder()
.location(azurerm_resource_group.test().location())
.resourceGroupName(azurerm_resource_group.test().name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("premium")
.softDeleteRetentionDays(7)
.accessPolicies(KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Create",
"Get")
.secretPermissions(
"Set",
"Get",
"Delete",
"Purge",
"Recover")
.build())
.build());
var kvs = new Secret("kvs", SecretArgs.builder()
.value("szechuan")
.keyVaultId(kv.id())
.build());
var appconfDataowner = new Assignment("appconfDataowner", AssignmentArgs.builder()
.scope(appconf.id())
.roleDefinitionName("App Configuration Data Owner")
.principalId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.build());
var test = new ConfigurationKey("test", ConfigurationKeyArgs.builder()
.configurationStoreId(azurerm_app_configuration.test().id())
.key("key1")
.type("vault")
.label("label1")
.vaultKeyReference(kvs.versionlessId())
.build(), CustomResourceOptions.builder()
.dependsOn(appconfDataowner)
.build());
}
}Content copied to clipboard
Import
App Configuration Keys can be imported using the resource id, e.g.
$ pulumi import azure:appconfiguration/configurationKey:ConfigurationKey test https://appconfname1.azconfig.io/kv/keyName?label=labelNameContent copied to clipboard
If you wish to import a key with an empty label then simply leave label's name blank
$ pulumi import azure:appconfiguration/configurationKey:ConfigurationKey test https://appconfname1.azconfig.io/kv/keyName?label=Content copied to clipboard
Properties
Link copied to clipboard
The type of the App Configuration Key. It can either be kv (simple key/value) or vault (where the value is a reference to a Key Vault Secret.