pulumi-azure-kotlin/com.pulumi.azure.keyvault.kotlin/ManagedHardwareSecurityModuleRoleDefinition

ManagedHardwareSecurityModuleRoleDefinition

class ManagedHardwareSecurityModuleRoleDefinition : KotlinCustomResource

Manages a KeyVault Managed Hardware Security Module Role Definition. This resource works together with Managed hardware security module resource.

Example Usage

resources:
  example:
    type: azure:keyvault:ManagedHardwareSecurityModule
    properties:
      name: example
      resourceGroupName: ${exampleAzurermResourceGroup.name}
      location: ${exampleAzurermResourceGroup.location}
      skuName: Standard_B1
      tenantId: ${current.tenantId}
      adminObjectIds:
        - ${current.objectId}
      purgeProtectionEnabled: false
      activeConfig:
        - securityDomainCertificate:
            - ${cert[0].id}
            - ${cert[1].id}
            - ${cert[2].id}
          securityDomainQuorum: 2
  exampleManagedHardwareSecurityModuleRoleDefinition:
    type: azure:keyvault:ManagedHardwareSecurityModuleRoleDefinition
    name: example
    properties:
      name: 7d206142-bf01-11ed-80bc-00155d61ee9e
      vaultBaseUrl: ${example.hsmUri}
      description: desc foo
      permissions:
        - dataActions:
            - Microsoft.KeyVault/managedHsm/keys/read/action
Content copied to clipboard

Import

KeyVaults can be imported using the resource id, e.g.

$ pulumi import azure:keyvault/managedHardwareSecurityModuleRoleDefinition:ManagedHardwareSecurityModuleRoleDefinition example https://0000.managedhsm.azure.net///RoleDefinition/00000000-0000-0000-0000-000000000000
Content copied to clipboard

Properties

Link copied to clipboard
val description: Output<String>?

Specifies a text description about this KeyVault Role Definition.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val managedHsmId: Output<String>
Link copied to clipboard
val name: Output<String>

The name which should be used for this KeyVault Role Definition. Changing this forces a new KeyVault Role Definition to be created.

Link copied to clipboard
val permissions: Output<List<ManagedHardwareSecurityModuleRoleDefinitionPermission>>?

One or more permission blocks as defined below.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val resourceManagerId: Output<String>

The ID of the role definition resource without Key Vault base URL.

Link copied to clipboard
val roleName: Output<String>?

Specify a name for this KeyVault Role Definition.

Link copied to clipboard
val roleType: Output<String>

The type of the role definition. Possible values are AKVBuiltInRole and CustomRole.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val vaultBaseUrl: Output<String>

The base URL of the managed hardware security module resource. Changing this forces a new KeyVault Role Definition to be created.