Managed
data class ManagedStorageAccountArgs(val keyVaultId: Output<String>? = null, val name: Output<String>? = null, val regenerateKeyAutomatically: Output<Boolean>? = null, val regenerationPeriod: Output<String>? = null, val storageAccountId: Output<String>? = null, val storageAccountKey: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<ManagedStorageAccountArgs>
Manages a Key Vault Managed Storage Account.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const current = azure.core.getClientConfig({});
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "storageaccountname",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleKeyVault = new azure.keyvault.KeyVault("example", {
name: "keyvaultname",
location: example.location,
resourceGroupName: example.name,
tenantId: current.then(current => current.tenantId),
skuName: "standard",
accessPolicies: [{
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
secretPermissions: [
"Get",
"Delete",
],
storagePermissions: [
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
],
}],
});
const exampleManagedStorageAccount = new azure.keyvault.ManagedStorageAccount("example", {
name: "examplemanagedstorage",
keyVaultId: exampleKeyVault.id,
storageAccountId: exampleAccount.id,
storageAccountKey: "key1",
regenerateKeyAutomatically: false,
regenerationPeriod: "P1D",
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
current = azure.core.get_client_config()
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_account = azure.storage.Account("example",
name="storageaccountname",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_key_vault = azure.keyvault.KeyVault("example",
name="keyvaultname",
location=example.location,
resource_group_name=example.name,
tenant_id=current.tenant_id,
sku_name="standard",
access_policies=[{
"tenant_id": current.tenant_id,
"object_id": current.object_id,
"secret_permissions": [
"Get",
"Delete",
],
"storage_permissions": [
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
],
}])
example_managed_storage_account = azure.keyvault.ManagedStorageAccount("example",
name="examplemanagedstorage",
key_vault_id=example_key_vault.id,
storage_account_id=example_account.id,
storage_account_key="key1",
regenerate_key_automatically=False,
regeneration_period="P1D")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var current = Azure.Core.GetClientConfig.Invoke();
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "storageaccountname",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
{
Name = "keyvaultname",
Location = example.Location,
ResourceGroupName = example.Name,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
SkuName = "standard",
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
SecretPermissions = new[]
{
"Get",
"Delete",
},
StoragePermissions = new[]
{
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
},
},
},
});
var exampleManagedStorageAccount = new Azure.KeyVault.ManagedStorageAccount("example", new()
{
Name = "examplemanagedstorage",
KeyVaultId = exampleKeyVault.Id,
StorageAccountId = exampleAccount.Id,
StorageAccountKey = "key1",
RegenerateKeyAutomatically = false,
RegenerationPeriod = "P1D",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := core.GetClientConfig(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("storageaccountname"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
Name: pulumi.String("keyvaultname"),
Location: example.Location,
ResourceGroupName: example.Name,
TenantId: pulumi.String(current.TenantId),
SkuName: pulumi.String("standard"),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.String(current.TenantId),
ObjectId: pulumi.String(current.ObjectId),
SecretPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("Delete"),
},
StoragePermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Set"),
pulumi.String("SetSAS"),
pulumi.String("GetSAS"),
pulumi.String("DeleteSAS"),
pulumi.String("Update"),
pulumi.String("RegenerateKey"),
},
},
},
})
if err != nil {
return err
}
_, err = keyvault.NewManagedStorageAccount(ctx, "example", &keyvault.ManagedStorageAccountArgs{
Name: pulumi.String("examplemanagedstorage"),
KeyVaultId: exampleKeyVault.ID(),
StorageAccountId: exampleAccount.ID(),
StorageAccountKey: pulumi.String("key1"),
RegenerateKeyAutomatically: pulumi.Bool(false),
RegenerationPeriod: pulumi.String("P1D"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.ManagedStorageAccount;
import com.pulumi.azure.keyvault.ManagedStorageAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("storageaccountname")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("keyvaultname")
.location(example.location())
.resourceGroupName(example.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("standard")
.accessPolicies(KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.secretPermissions(
"Get",
"Delete")
.storagePermissions(
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey")
.build())
.build());
var exampleManagedStorageAccount = new ManagedStorageAccount("exampleManagedStorageAccount", ManagedStorageAccountArgs.builder()
.name("examplemanagedstorage")
.keyVaultId(exampleKeyVault.id())
.storageAccountId(exampleAccount.id())
.storageAccountKey("key1")
.regenerateKeyAutomatically(false)
.regenerationPeriod("P1D")
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: storageaccountname
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleKeyVault:
type: azure:keyvault:KeyVault
name: example
properties:
name: keyvaultname
location: ${example.location}
resourceGroupName: ${example.name}
tenantId: ${current.tenantId}
skuName: standard
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
secretPermissions:
- Get
- Delete
storagePermissions:
- Get
- List
- Set
- SetSAS
- GetSAS
- DeleteSAS
- Update
- RegenerateKey
exampleManagedStorageAccount:
type: azure:keyvault:ManagedStorageAccount
name: example
properties:
name: examplemanagedstorage
keyVaultId: ${exampleKeyVault.id}
storageAccountId: ${exampleAccount.id}
storageAccountKey: key1
regenerateKeyAutomatically: false
regenerationPeriod: P1D
variables:
current:
fn::invoke:
function: azure:core:getClientConfig
arguments: {}Content copied to clipboard
Automatically Regenerate Storage Account Access Key)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
import * as azuread from "@pulumi/azuread";
const current = azure.core.getClientConfig({});
const test = azuread.getServicePrincipal({
applicationId: "cfa8b339-82a2-471a-a3c9-0fc0be7a4093",
});
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "storageaccountname",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleKeyVault = new azure.keyvault.KeyVault("example", {
name: "keyvaultname",
location: example.location,
resourceGroupName: example.name,
tenantId: current.then(current => current.tenantId),
skuName: "standard",
accessPolicies: [{
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
secretPermissions: [
"Get",
"Delete",
],
storagePermissions: [
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
],
}],
});
const exampleAssignment = new azure.authorization.Assignment("example", {
scope: exampleAccount.id,
roleDefinitionName: "Storage Account Key Operator Service Role",
principalId: test.then(test => test.id),
});
const exampleManagedStorageAccount = new azure.keyvault.ManagedStorageAccount("example", {
name: "examplemanagedstorage",
keyVaultId: exampleKeyVault.id,
storageAccountId: exampleAccount.id,
storageAccountKey: "key1",
regenerateKeyAutomatically: true,
regenerationPeriod: "P1D",
}, {
dependsOn: [exampleAssignment],
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
import pulumi_azuread as azuread
current = azure.core.get_client_config()
test = azuread.get_service_principal(application_id="cfa8b339-82a2-471a-a3c9-0fc0be7a4093")
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_account = azure.storage.Account("example",
name="storageaccountname",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_key_vault = azure.keyvault.KeyVault("example",
name="keyvaultname",
location=example.location,
resource_group_name=example.name,
tenant_id=current.tenant_id,
sku_name="standard",
access_policies=[{
"tenant_id": current.tenant_id,
"object_id": current.object_id,
"secret_permissions": [
"Get",
"Delete",
],
"storage_permissions": [
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
],
}])
example_assignment = azure.authorization.Assignment("example",
scope=example_account.id,
role_definition_name="Storage Account Key Operator Service Role",
principal_id=test.id)
example_managed_storage_account = azure.keyvault.ManagedStorageAccount("example",
name="examplemanagedstorage",
key_vault_id=example_key_vault.id,
storage_account_id=example_account.id,
storage_account_key="key1",
regenerate_key_automatically=True,
regeneration_period="P1D",
opts = pulumi.ResourceOptions(depends_on=[example_assignment]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
using AzureAD = Pulumi.AzureAD;
return await Deployment.RunAsync(() =>
{
var current = Azure.Core.GetClientConfig.Invoke();
var test = AzureAD.GetServicePrincipal.Invoke(new()
{
ApplicationId = "cfa8b339-82a2-471a-a3c9-0fc0be7a4093",
});
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "storageaccountname",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
{
Name = "keyvaultname",
Location = example.Location,
ResourceGroupName = example.Name,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
SkuName = "standard",
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
SecretPermissions = new[]
{
"Get",
"Delete",
},
StoragePermissions = new[]
{
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey",
},
},
},
});
var exampleAssignment = new Azure.Authorization.Assignment("example", new()
{
Scope = exampleAccount.Id,
RoleDefinitionName = "Storage Account Key Operator Service Role",
PrincipalId = test.Apply(getServicePrincipalResult => getServicePrincipalResult.Id),
});
var exampleManagedStorageAccount = new Azure.KeyVault.ManagedStorageAccount("example", new()
{
Name = "examplemanagedstorage",
KeyVaultId = exampleKeyVault.Id,
StorageAccountId = exampleAccount.Id,
StorageAccountKey = "key1",
RegenerateKeyAutomatically = true,
RegenerationPeriod = "P1D",
}, new CustomResourceOptions
{
DependsOn =
{
exampleAssignment,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi-azuread/sdk/v5/go/azuread"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := core.GetClientConfig(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
test, err := azuread.LookupServicePrincipal(ctx, &azuread.LookupServicePrincipalArgs{
ApplicationId: pulumi.StringRef("cfa8b339-82a2-471a-a3c9-0fc0be7a4093"),
}, nil)
if err != nil {
return err
}
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("storageaccountname"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
Name: pulumi.String("keyvaultname"),
Location: example.Location,
ResourceGroupName: example.Name,
TenantId: pulumi.String(current.TenantId),
SkuName: pulumi.String("standard"),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.String(current.TenantId),
ObjectId: pulumi.String(current.ObjectId),
SecretPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("Delete"),
},
StoragePermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Set"),
pulumi.String("SetSAS"),
pulumi.String("GetSAS"),
pulumi.String("DeleteSAS"),
pulumi.String("Update"),
pulumi.String("RegenerateKey"),
},
},
},
})
if err != nil {
return err
}
exampleAssignment, err := authorization.NewAssignment(ctx, "example", &authorization.AssignmentArgs{
Scope: exampleAccount.ID(),
RoleDefinitionName: pulumi.String("Storage Account Key Operator Service Role"),
PrincipalId: pulumi.String(test.Id),
})
if err != nil {
return err
}
_, err = keyvault.NewManagedStorageAccount(ctx, "example", &keyvault.ManagedStorageAccountArgs{
Name: pulumi.String("examplemanagedstorage"),
KeyVaultId: exampleKeyVault.ID(),
StorageAccountId: exampleAccount.ID(),
StorageAccountKey: pulumi.String("key1"),
RegenerateKeyAutomatically: pulumi.Bool(true),
RegenerationPeriod: pulumi.String("P1D"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAssignment,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetServicePrincipalArgs;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.keyvault.ManagedStorageAccount;
import com.pulumi.azure.keyvault.ManagedStorageAccountArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
final var test = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()
.applicationId("cfa8b339-82a2-471a-a3c9-0fc0be7a4093")
.build());
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("storageaccountname")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("keyvaultname")
.location(example.location())
.resourceGroupName(example.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("standard")
.accessPolicies(KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.secretPermissions(
"Get",
"Delete")
.storagePermissions(
"Get",
"List",
"Set",
"SetSAS",
"GetSAS",
"DeleteSAS",
"Update",
"RegenerateKey")
.build())
.build());
var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
.scope(exampleAccount.id())
.roleDefinitionName("Storage Account Key Operator Service Role")
.principalId(test.applyValue(getServicePrincipalResult -> getServicePrincipalResult.id()))
.build());
var exampleManagedStorageAccount = new ManagedStorageAccount("exampleManagedStorageAccount", ManagedStorageAccountArgs.builder()
.name("examplemanagedstorage")
.keyVaultId(exampleKeyVault.id())
.storageAccountId(exampleAccount.id())
.storageAccountKey("key1")
.regenerateKeyAutomatically(true)
.regenerationPeriod("P1D")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAssignment)
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: storageaccountname
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleKeyVault:
type: azure:keyvault:KeyVault
name: example
properties:
name: keyvaultname
location: ${example.location}
resourceGroupName: ${example.name}
tenantId: ${current.tenantId}
skuName: standard
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
secretPermissions:
- Get
- Delete
storagePermissions:
- Get
- List
- Set
- SetSAS
- GetSAS
- DeleteSAS
- Update
- RegenerateKey
exampleAssignment:
type: azure:authorization:Assignment
name: example
properties:
scope: ${exampleAccount.id}
roleDefinitionName: Storage Account Key Operator Service Role
principalId: ${test.id}
exampleManagedStorageAccount:
type: azure:keyvault:ManagedStorageAccount
name: example
properties:
name: examplemanagedstorage
keyVaultId: ${exampleKeyVault.id}
storageAccountId: ${exampleAccount.id}
storageAccountKey: key1
regenerateKeyAutomatically: true
regenerationPeriod: P1D
options:
dependsOn:
- ${exampleAssignment}
variables:
current:
fn::invoke:
function: azure:core:getClientConfig
arguments: {}
test:
fn::invoke:
function: azuread:getServicePrincipal
arguments:
applicationId: cfa8b339-82a2-471a-a3c9-0fc0be7a4093Content copied to clipboard
Import
Key Vault Managed Storage Accounts can be imported using the resource id, e.g.
$ pulumi import azure:keyvault/managedStorageAccount:ManagedStorageAccount example https://example-keyvault.vault.azure.net/storage/exampleStorageAcc01Content copied to clipboard
Constructors
Link copied to clipboard
constructor(keyVaultId: Output<String>? = null, name: Output<String>? = null, regenerateKeyAutomatically: Output<Boolean>? = null, regenerationPeriod: Output<String>? = null, storageAccountId: Output<String>? = null, storageAccountKey: Output<String>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
The ID of the Key Vault where the Managed Storage Account should be created. Changing this forces a new resource to be created.
Link copied to clipboard
Should Storage Account access key be regenerated periodically?
Link copied to clipboard
How often Storage Account access key should be regenerated. Value needs to be in ISO 8601 duration format.
Link copied to clipboard
The ID of the Storage Account.
Link copied to clipboard
Which Storage Account access key that is managed by Key Vault. Possible values are key1 and key2.