pulumi-azure-kotlin/com.pulumi.azure.netapp.kotlin/AccountEncryption

AccountEncryption

class AccountEncryption : KotlinCustomResource

Manages a NetApp Account Encryption Resource. For more information about Azure NetApp Files Customer-Managed Keys feature, please refer to Configure customer-managed keys for Azure NetApp Files volume encryption

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.netapp.Account;
import com.pulumi.azure.netapp.AccountArgs;
import com.pulumi.azure.netapp.inputs.AccountIdentityArgs;
import com.pulumi.azure.netapp.AccountEncryption;
import com.pulumi.azure.netapp.AccountEncryptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("example-resources")
            .location("West Europe")
            .build());
        final var current = CoreFunctions.getClientConfig();
        var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
            .name("anf-user-assigned-identity")
            .location(example.location())
            .resourceGroupName(example.name())
            .build());
        var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
            .name("anfcmkakv")
            .location(example.location())
            .resourceGroupName(example.name())
            .enabledForDiskEncryption(true)
            .enabledForDeployment(true)
            .enabledForTemplateDeployment(true)
            .purgeProtectionEnabled(true)
            .tenantId("00000000-0000-0000-0000-000000000000")
            .skuName("standard")
            .accessPolicies(
                KeyVaultAccessPolicyArgs.builder()
                    .tenantId("00000000-0000-0000-0000-000000000000")
                    .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
                    .keyPermissions(
                        "Get",
                        "Create",
                        "Delete",
                        "WrapKey",
                        "UnwrapKey",
                        "GetRotationPolicy",
                        "SetRotationPolicy")
                    .build(),
                KeyVaultAccessPolicyArgs.builder()
                    .tenantId("00000000-0000-0000-0000-000000000000")
                    .objectId(exampleUserAssignedIdentity.principalId())
                    .keyPermissions(
                        "Get",
                        "Encrypt",
                        "Decrypt")
                    .build())
            .build());
        var exampleKey = new Key("exampleKey", KeyArgs.builder()
            .name("anfencryptionkey")
            .keyVaultId(exampleKeyVault.id())
            .keyType("RSA")
            .keySize(2048)
            .keyOpts(
                "decrypt",
                "encrypt",
                "sign",
                "unwrapKey",
                "verify",
                "wrapKey")
            .build());
        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .name("netappaccount")
            .location(example.location())
            .resourceGroupName(example.name())
            .identity(AccountIdentityArgs.builder()
                .type("UserAssigned")
                .identityIds(exampleUserAssignedIdentity.id())
                .build())
            .build());
        var exampleAccountEncryption = new AccountEncryption("exampleAccountEncryption", AccountEncryptionArgs.builder()
            .netappAccountId(exampleAccount.id())
            .userAssignedIdentityId(exampleUserAssignedIdentity.id())
            .encryption(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
            .build());
    }
}
Content copied to clipboard

Import

Account Encryption Resources can be imported using the resource id, e.g.

$ pulumi import azure:netapp/accountEncryption:AccountEncryption example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.NetApp/netAppAccounts/account1
Content copied to clipboard

Properties

Link copied to clipboard
val encryptionKey: Output<String>

The versionless encryption key url.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val netappAccountId: Output<String>

The ID of the NetApp account where volume under it will have customer managed keys-based encryption enabled.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val systemAssignedIdentityPrincipalId: Output<String>?

The ID of the System Assigned Manged Identity. Conflicts with user_assigned_identity_id.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val userAssignedIdentityId: Output<String>?

The ID of the User Assigned Managed Identity. Conflicts with system_assigned_identity_principal_id.