1. Packages
  2. Azure Native
  3. API Docs
  4. compute
  5. getDiskEncryptionSet
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

azure-native.compute.getDiskEncryptionSet

Explore with Pulumi AI

azure-native logo
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi

    Gets information about a disk encryption set. Azure REST API version: 2022-07-02.

    Other available API versions: 2020-06-30, 2023-01-02, 2023-04-02, 2023-10-02, 2024-03-02.

    Using getDiskEncryptionSet

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getDiskEncryptionSet(args: GetDiskEncryptionSetArgs, opts?: InvokeOptions): Promise<GetDiskEncryptionSetResult>
    function getDiskEncryptionSetOutput(args: GetDiskEncryptionSetOutputArgs, opts?: InvokeOptions): Output<GetDiskEncryptionSetResult>
    def get_disk_encryption_set(disk_encryption_set_name: Optional[str] = None,
                                resource_group_name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetDiskEncryptionSetResult
    def get_disk_encryption_set_output(disk_encryption_set_name: Optional[pulumi.Input[str]] = None,
                                resource_group_name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetDiskEncryptionSetResult]
    func LookupDiskEncryptionSet(ctx *Context, args *LookupDiskEncryptionSetArgs, opts ...InvokeOption) (*LookupDiskEncryptionSetResult, error)
    func LookupDiskEncryptionSetOutput(ctx *Context, args *LookupDiskEncryptionSetOutputArgs, opts ...InvokeOption) LookupDiskEncryptionSetResultOutput

    > Note: This function is named LookupDiskEncryptionSet in the Go SDK.

    public static class GetDiskEncryptionSet 
    {
        public static Task<GetDiskEncryptionSetResult> InvokeAsync(GetDiskEncryptionSetArgs args, InvokeOptions? opts = null)
        public static Output<GetDiskEncryptionSetResult> Invoke(GetDiskEncryptionSetInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetDiskEncryptionSetResult> getDiskEncryptionSet(GetDiskEncryptionSetArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: azure-native:compute:getDiskEncryptionSet
      arguments:
        # arguments dictionary

    The following arguments are supported:

    DiskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    ResourceGroupName string
    The name of the resource group.
    DiskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    ResourceGroupName string
    The name of the resource group.
    diskEncryptionSetName String
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    resourceGroupName String
    The name of the resource group.
    diskEncryptionSetName string
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    resourceGroupName string
    The name of the resource group.
    disk_encryption_set_name str
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    resource_group_name str
    The name of the resource group.
    diskEncryptionSetName String
    The name of the disk encryption set that is being created. The name can't be changed after the disk encryption set is created. Supported characters for the name are a-z, A-Z, 0-9, _ and -. The maximum name length is 80 characters.
    resourceGroupName String
    The name of the resource group.

    getDiskEncryptionSet Result

    The following output properties are available:

    AutoKeyRotationError Pulumi.AzureNative.Compute.Outputs.ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    Id string
    Resource Id
    LastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    Location string
    Resource location
    Name string
    Resource name
    PreviousKeys List<Pulumi.AzureNative.Compute.Outputs.KeyForDiskEncryptionSetResponse>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    ProvisioningState string
    The disk encryption set provisioning state.
    Type string
    Resource type
    ActiveKey Pulumi.AzureNative.Compute.Outputs.KeyForDiskEncryptionSetResponse
    The key vault key which is currently used by this disk encryption set.
    EncryptionType string
    The type of key used to encrypt the data of the disk.
    FederatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    Identity Pulumi.AzureNative.Compute.Outputs.EncryptionSetIdentityResponse
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    RotationToLatestKeyVersionEnabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    Tags Dictionary<string, string>
    Resource tags
    AutoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    Id string
    Resource Id
    LastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    Location string
    Resource location
    Name string
    Resource name
    PreviousKeys []KeyForDiskEncryptionSetResponse
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    ProvisioningState string
    The disk encryption set provisioning state.
    Type string
    Resource type
    ActiveKey KeyForDiskEncryptionSetResponse
    The key vault key which is currently used by this disk encryption set.
    EncryptionType string
    The type of key used to encrypt the data of the disk.
    FederatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    Identity EncryptionSetIdentityResponse
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    RotationToLatestKeyVersionEnabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    Tags map[string]string
    Resource tags
    autoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id String
    Resource Id
    lastKeyRotationTimestamp String
    The time when the active key of this disk encryption set was updated.
    location String
    Resource location
    name String
    Resource name
    previousKeys List<KeyForDiskEncryptionSetResponse>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState String
    The disk encryption set provisioning state.
    type String
    Resource type
    activeKey KeyForDiskEncryptionSetResponse
    The key vault key which is currently used by this disk encryption set.
    encryptionType String
    The type of key used to encrypt the data of the disk.
    federatedClientId String
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentityResponse
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    rotationToLatestKeyVersionEnabled Boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Map<String,String>
    Resource tags
    autoKeyRotationError ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id string
    Resource Id
    lastKeyRotationTimestamp string
    The time when the active key of this disk encryption set was updated.
    location string
    Resource location
    name string
    Resource name
    previousKeys KeyForDiskEncryptionSetResponse[]
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState string
    The disk encryption set provisioning state.
    type string
    Resource type
    activeKey KeyForDiskEncryptionSetResponse
    The key vault key which is currently used by this disk encryption set.
    encryptionType string
    The type of key used to encrypt the data of the disk.
    federatedClientId string
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentityResponse
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    rotationToLatestKeyVersionEnabled boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags {[key: string]: string}
    Resource tags
    auto_key_rotation_error ApiErrorResponse
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id str
    Resource Id
    last_key_rotation_timestamp str
    The time when the active key of this disk encryption set was updated.
    location str
    Resource location
    name str
    Resource name
    previous_keys Sequence[KeyForDiskEncryptionSetResponse]
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioning_state str
    The disk encryption set provisioning state.
    type str
    Resource type
    active_key KeyForDiskEncryptionSetResponse
    The key vault key which is currently used by this disk encryption set.
    encryption_type str
    The type of key used to encrypt the data of the disk.
    federated_client_id str
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity EncryptionSetIdentityResponse
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    rotation_to_latest_key_version_enabled bool
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Mapping[str, str]
    Resource tags
    autoKeyRotationError Property Map
    The error that was encountered during auto-key rotation. If an error is present, then auto-key rotation will not be attempted until the error on this disk encryption set is fixed.
    id String
    Resource Id
    lastKeyRotationTimestamp String
    The time when the active key of this disk encryption set was updated.
    location String
    Resource location
    name String
    Resource name
    previousKeys List<Property Map>
    A readonly collection of key vault keys previously used by this disk encryption set while a key rotation is in progress. It will be empty if there is no ongoing key rotation.
    provisioningState String
    The disk encryption set provisioning state.
    type String
    Resource type
    activeKey Property Map
    The key vault key which is currently used by this disk encryption set.
    encryptionType String
    The type of key used to encrypt the data of the disk.
    federatedClientId String
    Multi-tenant application client id to access key vault in a different tenant. Setting the value to 'None' will clear the property.
    identity Property Map
    The managed identity for the disk encryption set. It should be given permission on the key vault before it can be used to encrypt disks.
    rotationToLatestKeyVersionEnabled Boolean
    Set this flag to true to enable auto-updating of this disk encryption set to the latest key version.
    tags Map<String>
    Resource tags

    Supporting Types

    ApiErrorBaseResponse

    Code string
    The error code.
    Message string
    The error message.
    Target string
    The target of the particular error.
    Code string
    The error code.
    Message string
    The error message.
    Target string
    The target of the particular error.
    code String
    The error code.
    message String
    The error message.
    target String
    The target of the particular error.
    code string
    The error code.
    message string
    The error message.
    target string
    The target of the particular error.
    code str
    The error code.
    message str
    The error message.
    target str
    The target of the particular error.
    code String
    The error code.
    message String
    The error message.
    target String
    The target of the particular error.

    ApiErrorResponse

    Code string
    The error code.
    Details List<Pulumi.AzureNative.Compute.Inputs.ApiErrorBaseResponse>
    The Api error details
    Innererror Pulumi.AzureNative.Compute.Inputs.InnerErrorResponse
    The Api inner error
    Message string
    The error message.
    Target string
    The target of the particular error.
    Code string
    The error code.
    Details []ApiErrorBaseResponse
    The Api error details
    Innererror InnerErrorResponse
    The Api inner error
    Message string
    The error message.
    Target string
    The target of the particular error.
    code String
    The error code.
    details List<ApiErrorBaseResponse>
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message String
    The error message.
    target String
    The target of the particular error.
    code string
    The error code.
    details ApiErrorBaseResponse[]
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message string
    The error message.
    target string
    The target of the particular error.
    code str
    The error code.
    details Sequence[ApiErrorBaseResponse]
    The Api error details
    innererror InnerErrorResponse
    The Api inner error
    message str
    The error message.
    target str
    The target of the particular error.
    code String
    The error code.
    details List<Property Map>
    The Api error details
    innererror Property Map
    The Api inner error
    message String
    The error message.
    target String
    The target of the particular error.

    EncryptionSetIdentityResponse

    PrincipalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    TenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    Type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities Dictionary<string, Pulumi.AzureNative.Compute.Inputs.UserAssignedIdentitiesResponseUserAssignedIdentities>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    PrincipalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    TenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    Type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    UserAssignedIdentities map[string]UserAssignedIdentitiesResponseUserAssignedIdentities
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId String
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId String
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type String
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities Map<String,UserAssignedIdentitiesResponseUserAssignedIdentities>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId string
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId string
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type string
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities {[key: string]: UserAssignedIdentitiesResponseUserAssignedIdentities}
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principal_id str
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenant_id str
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type str
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    user_assigned_identities Mapping[str, UserAssignedIdentitiesResponseUserAssignedIdentities]
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
    principalId String
    The object id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-identity-principal-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    tenantId String
    The tenant id of the Managed Identity Resource. This will be sent to the RP from ARM via the x-ms-client-tenant-id header in the PUT request if the resource has a systemAssigned(implicit) identity
    type String
    The type of Managed Identity used by the DiskEncryptionSet. Only SystemAssigned is supported for new creations. Disk Encryption Sets can be updated with Identity type None during migration of subscription to a new Azure Active Directory tenant; it will cause the encrypted resources to lose access to the keys.
    userAssignedIdentities Map<Property Map>
    The list of user identities associated with the disk encryption set. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

    InnerErrorResponse

    Errordetail string
    The internal error message or exception dump.
    Exceptiontype string
    The exception type.
    Errordetail string
    The internal error message or exception dump.
    Exceptiontype string
    The exception type.
    errordetail String
    The internal error message or exception dump.
    exceptiontype String
    The exception type.
    errordetail string
    The internal error message or exception dump.
    exceptiontype string
    The exception type.
    errordetail str
    The internal error message or exception dump.
    exceptiontype str
    The exception type.
    errordetail String
    The internal error message or exception dump.
    exceptiontype String
    The exception type.

    KeyForDiskEncryptionSetResponse

    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault Pulumi.AzureNative.Compute.Inputs.SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    KeyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    SourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl string
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    key_url str
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    source_vault SourceVaultResponse
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.
    keyUrl String
    Fully versioned Key Url pointing to a key in KeyVault. Version segment of the Url is required regardless of rotationToLatestKeyVersionEnabled value.
    sourceVault Property Map
    Resource id of the KeyVault containing the key or secret. This property is optional and cannot be used if the KeyVault subscription is not the same as the Disk Encryption Set subscription.

    SourceVaultResponse

    Id string
    Resource Id
    Id string
    Resource Id
    id String
    Resource Id
    id string
    Resource Id
    id str
    Resource Id
    id String
    Resource Id

    UserAssignedIdentitiesResponseUserAssignedIdentities

    ClientId string
    The client id of user assigned identity.
    PrincipalId string
    The principal id of user assigned identity.
    ClientId string
    The client id of user assigned identity.
    PrincipalId string
    The principal id of user assigned identity.
    clientId String
    The client id of user assigned identity.
    principalId String
    The principal id of user assigned identity.
    clientId string
    The client id of user assigned identity.
    principalId string
    The principal id of user assigned identity.
    client_id str
    The client id of user assigned identity.
    principal_id str
    The principal id of user assigned identity.
    clientId String
    The client id of user assigned identity.
    principalId String
    The principal id of user assigned identity.

    Package Details

    Repository
    Azure Native pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native logo
    This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
    Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi