azure-native.keyvault.Key
Explore with Pulumi AI
The key resource. API Version: 2019-09-01.
Example Usage
Create a key
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var key = new AzureNative.KeyVault.Key("key", new()
{
KeyName = "sample-key-name",
Properties = new AzureNative.KeyVault.Inputs.KeyPropertiesArgs
{
Kty = "RSA",
},
ResourceGroupName = "sample-group",
VaultName = "sample-vault-name",
});
});
package main
import (
keyvault "github.com/pulumi/pulumi-azure-native-sdk/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := keyvault.NewKey(ctx, "key", &keyvault.KeyArgs{
KeyName: pulumi.String("sample-key-name"),
Properties: &keyvault.KeyPropertiesArgs{
Kty: pulumi.String("RSA"),
},
ResourceGroupName: pulumi.String("sample-group"),
VaultName: pulumi.String("sample-vault-name"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.keyvault.Key;
import com.pulumi.azurenative.keyvault.KeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var key = new Key("key", KeyArgs.builder()
.keyName("sample-key-name")
.properties(Map.of("kty", "RSA"))
.resourceGroupName("sample-group")
.vaultName("sample-vault-name")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
key = azure_native.keyvault.Key("key",
key_name="sample-key-name",
properties=azure_native.keyvault.KeyPropertiesArgs(
kty="RSA",
),
resource_group_name="sample-group",
vault_name="sample-vault-name")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const key = new azure_native.keyvault.Key("key", {
keyName: "sample-key-name",
properties: {
kty: "RSA",
},
resourceGroupName: "sample-group",
vaultName: "sample-vault-name",
});
resources:
key:
type: azure-native:keyvault:Key
properties:
keyName: sample-key-name
properties:
kty: RSA
resourceGroupName: sample-group
vaultName: sample-vault-name
Create Key Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Key(name: string, args: KeyArgs, opts?: CustomResourceOptions);
@overload
def Key(resource_name: str,
args: KeyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Key(resource_name: str,
opts: Optional[ResourceOptions] = None,
properties: Optional[KeyPropertiesArgs] = None,
resource_group_name: Optional[str] = None,
vault_name: Optional[str] = None,
key_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
func NewKey(ctx *Context, name string, args KeyArgs, opts ...ResourceOption) (*Key, error)
public Key(string name, KeyArgs args, CustomResourceOptions? opts = null)
type: azure-native:keyvault:Key
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args KeyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var keyResource = new AzureNative.Keyvault.Key("keyResource", new()
{
Properties =
{
{ "attributes",
{
{ "enabled", false },
{ "expires", 0 },
{ "notBefore", 0 },
} },
{ "curveName", "string" },
{ "keyOps", new[]
{
"string",
} },
{ "keySize", 0 },
{ "kty", "string" },
},
ResourceGroupName = "string",
VaultName = "string",
KeyName = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := keyvault.NewKey(ctx, "keyResource", &keyvault.KeyArgs{
Properties: map[string]interface{}{
"attributes": map[string]interface{}{
"enabled": false,
"expires": 0,
"notBefore": 0,
},
"curveName": "string",
"keyOps": []string{
"string",
},
"keySize": 0,
"kty": "string",
},
ResourceGroupName: "string",
VaultName: "string",
KeyName: "string",
Tags: map[string]interface{}{
"string": "string",
},
})
var keyResource = new Key("keyResource", KeyArgs.builder()
.properties(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.resourceGroupName("string")
.vaultName("string")
.keyName("string")
.tags(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build());
key_resource = azure_native.keyvault.Key("keyResource",
properties={
attributes: {
enabled: False,
expires: 0,
notBefore: 0,
},
curveName: string,
keyOps: [string],
keySize: 0,
kty: string,
},
resource_group_name=string,
vault_name=string,
key_name=string,
tags={
string: string,
})
const keyResource = new azure_native.keyvault.Key("keyResource", {
properties: {
attributes: {
enabled: false,
expires: 0,
notBefore: 0,
},
curveName: "string",
keyOps: ["string"],
keySize: 0,
kty: "string",
},
resourceGroupName: "string",
vaultName: "string",
keyName: "string",
tags: {
string: "string",
},
});
type: azure-native:keyvault:Key
properties:
keyName: string
properties:
attributes:
enabled: false
expires: 0
notBefore: 0
curveName: string
keyOps:
- string
keySize: 0
kty: string
resourceGroupName: string
tags:
string: string
vaultName: string
Key Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Key resource accepts the following input properties:
- Properties
Pulumi.
Azure Native. Key Vault. Inputs. Key Properties - The properties of the key to be created.
- Resource
Group stringName - The name of the resource group which contains the specified key vault.
- Vault
Name string - The name of the key vault which contains the key to be created.
- Key
Name string - The name of the key to be created.
- Dictionary<string, string>
- The tags that will be assigned to the key.
- Properties
Key
Properties Args - The properties of the key to be created.
- Resource
Group stringName - The name of the resource group which contains the specified key vault.
- Vault
Name string - The name of the key vault which contains the key to be created.
- Key
Name string - The name of the key to be created.
- map[string]string
- The tags that will be assigned to the key.
- properties
Key
Properties - The properties of the key to be created.
- resource
Group StringName - The name of the resource group which contains the specified key vault.
- vault
Name String - The name of the key vault which contains the key to be created.
- key
Name String - The name of the key to be created.
- Map<String,String>
- The tags that will be assigned to the key.
- properties
Key
Properties - The properties of the key to be created.
- resource
Group stringName - The name of the resource group which contains the specified key vault.
- vault
Name string - The name of the key vault which contains the key to be created.
- key
Name string - The name of the key to be created.
- {[key: string]: string}
- The tags that will be assigned to the key.
- properties
Key
Properties Args - The properties of the key to be created.
- resource_
group_ strname - The name of the resource group which contains the specified key vault.
- vault_
name str - The name of the key vault which contains the key to be created.
- key_
name str - The name of the key to be created.
- Mapping[str, str]
- The tags that will be assigned to the key.
- properties Property Map
- The properties of the key to be created.
- resource
Group StringName - The name of the resource group which contains the specified key vault.
- vault
Name String - The name of the key vault which contains the key to be created.
- key
Name String - The name of the key to be created.
- Map<String>
- The tags that will be assigned to the key.
Outputs
All input properties are implicitly available as output properties. Additionally, the Key resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Key
Uri string - The URI to retrieve the current version of the key.
- Key
Uri stringWith Version - The URI to retrieve the specific version of the key.
- Location string
- Azure location of the key vault resource.
- Name string
- Name of the key vault resource.
- Type string
- Resource type of the key vault resource.
- Attributes
Pulumi.
Azure Native. Key Vault. Outputs. Key Attributes Response - The attributes of the key.
- Curve
Name string - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- Key
Ops List<string> - Key
Size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- Kty string
- The type of the key. For valid values, see JsonWebKeyType.
- Id string
- The provider-assigned unique ID for this managed resource.
- Key
Uri string - The URI to retrieve the current version of the key.
- Key
Uri stringWith Version - The URI to retrieve the specific version of the key.
- Location string
- Azure location of the key vault resource.
- Name string
- Name of the key vault resource.
- Type string
- Resource type of the key vault resource.
- Attributes
Key
Attributes Response - The attributes of the key.
- Curve
Name string - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- Key
Ops []string - Key
Size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- Kty string
- The type of the key. For valid values, see JsonWebKeyType.
- id String
- The provider-assigned unique ID for this managed resource.
- key
Uri String - The URI to retrieve the current version of the key.
- key
Uri StringWith Version - The URI to retrieve the specific version of the key.
- location String
- Azure location of the key vault resource.
- name String
- Name of the key vault resource.
- type String
- Resource type of the key vault resource.
- attributes
Key
Attributes Response - The attributes of the key.
- curve
Name String - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops List<String> - key
Size Integer - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty String
- The type of the key. For valid values, see JsonWebKeyType.
- id string
- The provider-assigned unique ID for this managed resource.
- key
Uri string - The URI to retrieve the current version of the key.
- key
Uri stringWith Version - The URI to retrieve the specific version of the key.
- location string
- Azure location of the key vault resource.
- name string
- Name of the key vault resource.
- type string
- Resource type of the key vault resource.
- attributes
Key
Attributes Response - The attributes of the key.
- curve
Name string - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops string[] - key
Size number - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty string
- The type of the key. For valid values, see JsonWebKeyType.
- id str
- The provider-assigned unique ID for this managed resource.
- key_
uri str - The URI to retrieve the current version of the key.
- key_
uri_ strwith_ version - The URI to retrieve the specific version of the key.
- location str
- Azure location of the key vault resource.
- name str
- Name of the key vault resource.
- type str
- Resource type of the key vault resource.
- attributes
Key
Attributes Response - The attributes of the key.
- curve_
name str - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key_
ops Sequence[str] - key_
size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty str
- The type of the key. For valid values, see JsonWebKeyType.
- id String
- The provider-assigned unique ID for this managed resource.
- key
Uri String - The URI to retrieve the current version of the key.
- key
Uri StringWith Version - The URI to retrieve the specific version of the key.
- location String
- Azure location of the key vault resource.
- name String
- Name of the key vault resource.
- type String
- Resource type of the key vault resource.
- attributes Property Map
- The attributes of the key.
- curve
Name String - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops List<String> - key
Size Number - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty String
- The type of the key. For valid values, see JsonWebKeyType.
Supporting Types
JsonWebKeyCurveName, JsonWebKeyCurveNameArgs
- P_256
- P-256
- P_384
- P-384
- P_521
- P-521
- P_256K
- P-256K
- Json
Web Key Curve Name_P_256 - P-256
- Json
Web Key Curve Name_P_384 - P-384
- Json
Web Key Curve Name_P_521 - P-521
- Json
Web Key Curve Name_P_256K - P-256K
- P256
- P-256
- P384
- P-384
- P521
- P-521
- P256K
- P-256K
- P_256
- P-256
- P_384
- P-384
- P_521
- P-521
- P_256K
- P-256K
- P_256
- P-256
- P_384
- P-384
- P_521
- P-521
- P_256_K
- P-256K
- "P-256"
- P-256
- "P-384"
- P-384
- "P-521"
- P-521
- "P-256K"
- P-256K
JsonWebKeyOperation, JsonWebKeyOperationArgs
- Encrypt
- encrypt
- Decrypt
- decrypt
- Sign
- sign
- Verify
- verify
- Wrap
Key - wrapKey
- Unwrap
Key - unwrapKey
- Import
- import
- Json
Web Key Operation Encrypt - encrypt
- Json
Web Key Operation Decrypt - decrypt
- Json
Web Key Operation Sign - sign
- Json
Web Key Operation Verify - verify
- Json
Web Key Operation Wrap Key - wrapKey
- Json
Web Key Operation Unwrap Key - unwrapKey
- Json
Web Key Operation Import - import
- Encrypt
- encrypt
- Decrypt
- decrypt
- Sign
- sign
- Verify
- verify
- Wrap
Key - wrapKey
- Unwrap
Key - unwrapKey
- Import_
- import
- Encrypt
- encrypt
- Decrypt
- decrypt
- Sign
- sign
- Verify
- verify
- Wrap
Key - wrapKey
- Unwrap
Key - unwrapKey
- Import
- import
- ENCRYPT
- encrypt
- DECRYPT
- decrypt
- SIGN
- sign
- VERIFY
- verify
- WRAP_KEY
- wrapKey
- UNWRAP_KEY
- unwrapKey
- IMPORT_
- import
- "encrypt"
- encrypt
- "decrypt"
- decrypt
- "sign"
- sign
- "verify"
- verify
- "wrap
Key" - wrapKey
- "unwrap
Key" - unwrapKey
- "import"
- import
JsonWebKeyType, JsonWebKeyTypeArgs
- EC
- EC
- EC_HSM
- EC-HSM
- RSA
- RSA
- RSA_HSM
- RSA-HSM
- Json
Web Key Type EC - EC
- Json
Web Key Type_EC_HSM - EC-HSM
- Json
Web Key Type RSA - RSA
- Json
Web Key Type_RSA_HSM - RSA-HSM
- EC
- EC
- ECHSM
- EC-HSM
- RSA
- RSA
- RSAHSM
- RSA-HSM
- EC
- EC
- EC_HSM
- EC-HSM
- RSA
- RSA
- RSA_HSM
- RSA-HSM
- EC
- EC
- E_C_HSM
- EC-HSM
- RSA
- RSA
- RS_A_HSM
- RSA-HSM
- "EC"
- EC
- "EC-HSM"
- EC-HSM
- "RSA"
- RSA
- "RSA-HSM"
- RSA-HSM
KeyAttributes, KeyAttributesArgs
- enabled bool
- Determines whether or not the object is enabled.
- expires float
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not_
before float - Not before date in seconds since 1970-01-01T00:00:00Z.
KeyAttributesResponse, KeyAttributesResponseArgs
- Created double
- Creation time in seconds since 1970-01-01T00:00:00Z.
- Recovery
Level string - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- Updated double
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- Enabled bool
- Determines whether or not the object is enabled.
- Expires double
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- Not
Before double - Not before date in seconds since 1970-01-01T00:00:00Z.
- Created float64
- Creation time in seconds since 1970-01-01T00:00:00Z.
- Recovery
Level string - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- Updated float64
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- Enabled bool
- Determines whether or not the object is enabled.
- Expires float64
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- Not
Before float64 - Not before date in seconds since 1970-01-01T00:00:00Z.
- created Double
- Creation time in seconds since 1970-01-01T00:00:00Z.
- recovery
Level String - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- updated Double
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled Boolean
- Determines whether or not the object is enabled.
- expires Double
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before Double - Not before date in seconds since 1970-01-01T00:00:00Z.
- created number
- Creation time in seconds since 1970-01-01T00:00:00Z.
- recovery
Level string - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- updated number
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled boolean
- Determines whether or not the object is enabled.
- expires number
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before number - Not before date in seconds since 1970-01-01T00:00:00Z.
- created float
- Creation time in seconds since 1970-01-01T00:00:00Z.
- recovery_
level str - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- updated float
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled bool
- Determines whether or not the object is enabled.
- expires float
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not_
before float - Not before date in seconds since 1970-01-01T00:00:00Z.
- created Number
- Creation time in seconds since 1970-01-01T00:00:00Z.
- recovery
Level String - The deletion recovery level currently in effect for the object. If it contains 'Purgeable', then the object can be permanently deleted by a privileged user; otherwise, only the system can purge the object at the end of the retention interval.
- updated Number
- Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled Boolean
- Determines whether or not the object is enabled.
- expires Number
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before Number - Not before date in seconds since 1970-01-01T00:00:00Z.
KeyProperties, KeyPropertiesArgs
- Attributes
Pulumi.
Azure Native. Key Vault. Inputs. Key Attributes - The attributes of the key.
- Curve
Name string | Pulumi.Azure Native. Key Vault. Json Web Key Curve Name - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- Key
Ops List<Union<string, Pulumi.Azure Native. Key Vault. Json Web Key Operation>> - Key
Size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- Kty
string | Pulumi.
Azure Native. Key Vault. Json Web Key Type - The type of the key. For valid values, see JsonWebKeyType.
- Attributes
Key
Attributes - The attributes of the key.
- Curve
Name string | JsonWeb Key Curve Name - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- Key
Ops []string - Key
Size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- Kty
string | Json
Web Key Type - The type of the key. For valid values, see JsonWebKeyType.
- attributes
Key
Attributes - The attributes of the key.
- curve
Name String | JsonWeb Key Curve Name - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops List<Either<String,JsonWeb Key Operation>> - key
Size Integer - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty
String | Json
Web Key Type - The type of the key. For valid values, see JsonWebKeyType.
- attributes
Key
Attributes - The attributes of the key.
- curve
Name string | JsonWeb Key Curve Name - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops (string | JsonWeb Key Operation)[] - key
Size number - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty
string | Json
Web Key Type - The type of the key. For valid values, see JsonWebKeyType.
- attributes
Key
Attributes - The attributes of the key.
- curve_
name str | JsonWeb Key Curve Name - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key_
ops Sequence[Union[str, JsonWeb Key Operation]] - key_
size int - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty
str | Json
Web Key Type - The type of the key. For valid values, see JsonWebKeyType.
- attributes Property Map
- The attributes of the key.
- curve
Name String | "P-256" | "P-384" | "P-521" | "P-256K" - The elliptic curve name. For valid values, see JsonWebKeyCurveName.
- key
Ops List<String | "encrypt" | "decrypt" | "sign" | "verify" | "wrapKey" | "unwrap Key" | "import"> - key
Size Number - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
- kty String | "EC" | "EC-HSM" | "RSA" | "RSA-HSM"
- The type of the key. For valid values, see JsonWebKeyType.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:keyvault:Key sample-key-name /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/sample-group/providers/Microsoft.KeyVault/vaults/sample-vault-name/keys/sample-key-name
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v1 pulumi/pulumi-azure-native
- License
- Apache-2.0