Volume
Manages an Elastic SAN Volume Group resource.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.elasticsan.ElasticSan;
import com.pulumi.azure.elasticsan.ElasticSanArgs;
import com.pulumi.azure.elasticsan.inputs.ElasticSanSkuArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.elasticsan.VolumeGroup;
import com.pulumi.azure.elasticsan.VolumeGroupArgs;
import com.pulumi.azure.elasticsan.inputs.VolumeGroupEncryptionArgs;
import com.pulumi.azure.elasticsan.inputs.VolumeGroupIdentityArgs;
import com.pulumi.azure.elasticsan.inputs.VolumeGroupNetworkRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-rg")
.location("West Europe")
.build());
var exampleElasticSan = new ElasticSan("exampleElasticSan", ElasticSanArgs.builder()
.name("examplees-es")
.resourceGroupName(example.name())
.location(example.location())
.baseSizeInTib(1)
.sku(ElasticSanSkuArgs.builder()
.name("Premium_LRS")
.build())
.build());
final var current = CoreFunctions.getClientConfig();
var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
.name("example-uai")
.location(example.location())
.resourceGroupName(example.name())
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.name("example-vnet")
.addressSpaces("10.0.0.0/16")
.location(example.location())
.resourceGroupName(example.name())
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.name("example-subnet")
.resourceGroupName(example.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.0.1.0/24")
.serviceEndpoints("Microsoft.Storage.Global")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("examplekv")
.location(example.location())
.resourceGroupName(example.name())
.enabledForDiskEncryption(true)
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.softDeleteRetentionDays(7)
.purgeProtectionEnabled(true)
.skuName("standard")
.build());
var userAssignedIdentity = new AccessPolicy("userAssignedIdentity", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(exampleUserAssignedIdentity.principalId())
.keyPermissions(
"Get",
"UnwrapKey",
"WrapKey")
.secretPermissions("Get")
.build());
var client = new AccessPolicy("client", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Get",
"Create",
"Delete",
"List",
"Restore",
"Recover",
"UnwrapKey",
"WrapKey",
"Purge",
"Encrypt",
"Decrypt",
"Sign",
"Verify",
"GetRotationPolicy")
.secretPermissions("Get")
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.name("example-kvk")
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey")
.build());
var exampleVolumeGroup = new VolumeGroup("exampleVolumeGroup", VolumeGroupArgs.builder()
.name("example-esvg")
.elasticSanId(exampleElasticSan.id())
.encryptionType("EncryptionAtRestWithCustomerManagedKey")
.encryption(VolumeGroupEncryptionArgs.builder()
.keyVaultKeyId(exampleKey.versionlessId())
.userAssignedIdentityId(exampleUserAssignedIdentity.id())
.build())
.identity(VolumeGroupIdentityArgs.builder()
.type("UserAssigned")
.identityIds(exampleUserAssignedIdentity.id())
.build())
.networkRules(VolumeGroupNetworkRuleArgs.builder()
.subnetId(exampleSubnet.id())
.action("Allow")
.build())
.build());
}
}Content copied to clipboard
Import
An existing Elastic SAN Volume Group can be imported into Terraform using the resource id, e.g.
$ pulumi import azure:elasticsan/volumeGroup:VolumeGroup example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ElasticSan/elasticSans/esan1/volumeGroups/vg1Content copied to clipboard