diff --git a/patches/0001-Client-options.patch b/patches/0001-Client-options.patch
index 4337838c28..982a3477cc 100644
--- a/patches/0001-Client-options.patch
+++ b/patches/0001-Client-options.patch
@@ -5,7 +5,7 @@ Subject: [PATCH 1/9] Client-options
diff --git a/internal/common/client_options.go b/internal/common/client_options.go
-index be5e783620..8d7ccb0110 100644
+index 3a7e72eeb7..f907a35d09 100644
--- a/internal/common/client_options.go
+++ b/internal/common/client_options.go
@@ -14,7 +14,6 @@ import (
@@ -16,7 +16,7 @@ index be5e783620..8d7ccb0110 100644
"github.com/hashicorp/terraform-provider-azurerm/internal/features"
"github.com/hashicorp/terraform-provider-azurerm/version"
)
-@@ -96,12 +95,8 @@ func (o ClientOptions) ConfigureClient(c *autorest.Client, authorizer autorest.A
+@@ -97,12 +96,8 @@ func (o ClientOptions) ConfigureClient(c *autorest.Client, authorizer autorest.A
}
func userAgent(userAgent, tfVersion, partnerID string, disableTerraformPartnerID bool) string {
@@ -31,7 +31,7 @@ index be5e783620..8d7ccb0110 100644
userAgent = strings.TrimSpace(fmt.Sprintf("%s %s", userAgent, providerUserAgent))
// append the CloudShell version to the user agent if it exists
-@@ -110,11 +105,11 @@ func userAgent(userAgent, tfVersion, partnerID string, disableTerraformPartnerID
+@@ -111,11 +106,11 @@ func userAgent(userAgent, tfVersion, partnerID string, disableTerraformPartnerID
}
// only one pid can be interpreted currently
diff --git a/patches/0005-Modify-resources.patch b/patches/0005-Modify-resources.patch
index 6c9dc24e3f..ab77c0de5c 100644
--- a/patches/0005-Modify-resources.patch
+++ b/patches/0005-Modify-resources.patch
@@ -325,10 +325,10 @@ index fa43f4e9c8..9ddf246435 100644
string(disks.OperatingSystemTypesLinux),
}, false),
diff --git a/internal/services/compute/snapshot_resource.go b/internal/services/compute/snapshot_resource.go
-index 0b0cd11d72..1918f4e937 100644
+index 539c138df6..5446846a89 100644
--- a/internal/services/compute/snapshot_resource.go
+++ b/internal/services/compute/snapshot_resource.go
-@@ -67,7 +67,7 @@ func resourceSnapshot() *pluginsdk.Resource {
+@@ -68,7 +68,7 @@ func resourceSnapshot() *pluginsdk.Resource {
ValidateFunc: validation.StringInSlice([]string{
string(snapshots.DiskCreateOptionCopy),
string(snapshots.DiskCreateOptionImport),
@@ -488,7 +488,7 @@ index b141d14cfd..0e3d2fd1b2 100644
string(documentdb.IndexingModeConsistent),
string(documentdb.IndexingModeNone),
diff --git a/internal/services/cosmos/cosmosdb_account_resource.go b/internal/services/cosmos/cosmosdb_account_resource.go
-index 4001cad641..835aecb2d8 100644
+index bdbf31ad05..fb941af76c 100644
--- a/internal/services/cosmos/cosmosdb_account_resource.go
+++ b/internal/services/cosmos/cosmosdb_account_resource.go
@@ -13,6 +13,8 @@ import (
@@ -509,7 +509,7 @@ index 4001cad641..835aecb2d8 100644
},
"analytical_storage": {
-@@ -286,7 +288,7 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
+@@ -291,7 +293,7 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
string(cosmosdb.DatabaseAccountKindGlobalDocumentDB),
string(cosmosdb.DatabaseAccountKindMongoDB),
string(cosmosdb.DatabaseAccountKindParse),
@@ -518,7 +518,7 @@ index 4001cad641..835aecb2d8 100644
},
"ip_range_filter": func() *schema.Schema {
-@@ -360,7 +362,7 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
+@@ -387,7 +389,7 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
string(cosmosdb.DefaultConsistencyLevelEventual),
string(cosmosdb.DefaultConsistencyLevelSession),
string(cosmosdb.DefaultConsistencyLevelStrong),
@@ -527,7 +527,7 @@ index 4001cad641..835aecb2d8 100644
},
// This value can only change if the 'consistency_level' is set to 'BoundedStaleness'
-@@ -419,8 +421,9 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
+@@ -446,8 +448,9 @@ func resourceCosmosDbAccount() *pluginsdk.Resource {
Elem: &pluginsdk.Resource{
Schema: map[string]*pluginsdk.Schema{
"name": {
@@ -2469,7 +2469,7 @@ index b215edff58..4381151544 100644
if !ok {
return fmt.Errorf("could not determine Storage domain suffix for environment %q", meta.(*clients.Client).Account.Environment.Name)
diff --git a/internal/services/storage/storage_account_resource.go b/internal/services/storage/storage_account_resource.go
-index c6f3f221b2..6c460dddfe 100644
+index e3acc874e6..53984fe280 100644
--- a/internal/services/storage/storage_account_resource.go
+++ b/internal/services/storage/storage_account_resource.go
@@ -13,6 +13,9 @@ import (
@@ -2482,7 +2482,7 @@ index c6f3f221b2..6c460dddfe 100644
"github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2021-09-01/storage" // nolint: staticcheck
azautorest "github.com/Azure/go-autorest/autorest"
"github.com/hashicorp/go-azure-helpers/lang/pointer"
-@@ -139,8 +142,9 @@ func resourceStorageAccount() *pluginsdk.Resource {
+@@ -138,8 +141,9 @@ func resourceStorageAccount() *pluginsdk.Resource {
string(storage.KindBlockBlobStorage),
string(storage.KindFileStorage),
string(storage.KindStorageV2),
@@ -2494,7 +2494,7 @@ index c6f3f221b2..6c460dddfe 100644
},
"account_tier": {
-@@ -150,7 +154,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
+@@ -149,7 +153,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
ValidateFunc: validation.StringInSlice([]string{
string(storage.SkuTierStandard),
string(storage.SkuTierPremium),
@@ -2504,7 +2504,7 @@ index c6f3f221b2..6c460dddfe 100644
},
"account_replication_type": {
-@@ -163,7 +168,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
+@@ -162,7 +167,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
"RAGRS",
"GZRS",
"RAGZRS",
@@ -2514,7 +2514,7 @@ index c6f3f221b2..6c460dddfe 100644
},
// Only valid for FileStorage, BlobStorage & StorageV2 accounts, defaults to "Hot" in create function
-@@ -174,7 +180,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
+@@ -173,7 +179,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
ValidateFunc: validation.StringInSlice([]string{
string(storage.AccessTierCool),
string(storage.AccessTierHot),
@@ -2524,7 +2524,7 @@ index c6f3f221b2..6c460dddfe 100644
},
"azure_files_authentication": {
-@@ -403,7 +410,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
+@@ -402,7 +409,8 @@ func resourceStorageAccount() *pluginsdk.Resource {
string(storage.BypassLogging),
string(storage.BypassMetrics),
string(storage.BypassNone),
diff --git a/patches/0007-Update-documentation.patch b/patches/0007-Update-documentation.patch
index 7111712b90..05fb2d1f57 100644
--- a/patches/0007-Update-documentation.patch
+++ b/patches/0007-Update-documentation.patch
@@ -1011,7 +1011,7 @@ index aeaa4514d6..0c02bc4313 100644
```hcl
diff --git a/website/docs/r/cosmosdb_account.html.markdown b/website/docs/r/cosmosdb_account.html.markdown
-index 0970ddbe7e..51f934438d 100644
+index e15f6badcf..84b98f43a1 100644
--- a/website/docs/r/cosmosdb_account.html.markdown
+++ b/website/docs/r/cosmosdb_account.html.markdown
@@ -13,9 +13,9 @@ Manages a CosmosDB (formally DocumentDB) Account.
@@ -1700,16 +1700,17 @@ index d9c71a1023..c1c041691e 100644
eventhub_endpoint_name = "events"
resource_group_name = azurerm_resource_group.example.name
diff --git a/website/docs/r/key_vault.html.markdown b/website/docs/r/key_vault.html.markdown
-index 9413715a49..1b5b764080 100644
+index 2b480185e6..42864de069 100644
--- a/website/docs/r/key_vault.html.markdown
+++ b/website/docs/r/key_vault.html.markdown
-@@ -12,11 +12,9 @@ Manages a Key Vault.
+@@ -12,12 +12,9 @@ Manages a Key Vault.
## Disclaimers
-~> **Note:** It's possible to define Key Vault Access Policies both within [the `azurerm_key_vault` resource](key_vault.html) via the `access_policy` block and by using [the `azurerm_key_vault_access_policy` resource](key_vault_access_policy.html). However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.
+~> **Note:** It's possible to define Key Vault Access Policies both within the `azurerm_key_vault` resource via the `access_policy` block and by using the `azurerm_key_vault_access_policy` resource. However it's not possible to use both methods to manage Access Policies within a KeyVault, since there'll be conflicts.
+-
-~> **Note:** It's possible to define Key Vault Certificate Contacts both within [the `azurerm_key_vault` resource](key_vault.html) via the `contact` block and by using [the `azurerm_key_vault_certificate_contacts` resource](key_vault_certificate_contacts.html). However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.
-
-~> **Note:** Terraform will automatically recover a soft-deleted Key Vault during Creation if one is found - you can opt out of this using the `features` block within the Provider block.
@@ -1717,7 +1718,7 @@ index 9413715a49..1b5b764080 100644
## Example Usage
-@@ -83,7 +81,7 @@ The following arguments are supported:
+@@ -84,7 +81,7 @@ The following arguments are supported:
---
@@ -1726,7 +1727,7 @@ index 9413715a49..1b5b764080 100644
-> **NOTE** Since `access_policy` can be configured both inline and via the separate `azurerm_key_vault_access_policy` resource, we have to explicitly set it to empty slice (`[]`) to remove it.
-@@ -99,7 +97,7 @@ The following arguments are supported:
+@@ -100,7 +97,7 @@ The following arguments are supported:
* `purge_protection_enabled` - (Optional) Is Purge Protection enabled for this Key Vault?
@@ -1755,22 +1756,19 @@ index 84fbd56f53..e46bf51e6c 100644
--> **NOTE:** Both Identifiers are unique to Terraform and don't map to an existing object within Azure.
+-> **NOTE:** Both Identifiers are unique to this provider and don't map to an existing object within Azure.
diff --git a/website/docs/r/key_vault_certificate.html.markdown b/website/docs/r/key_vault_certificate.html.markdown
-index 89198d584b..d2c3bee09a 100644
+index 89198d584b..f2ec1a778a 100644
--- a/website/docs/r/key_vault_certificate.html.markdown
+++ b/website/docs/r/key_vault_certificate.html.markdown
-@@ -11,8 +11,11 @@ description: |-
+@@ -11,8 +11,6 @@ description: |-
Manages a Key Vault Certificate.
-+<<<<<<< HEAD
- ~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_certificates_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_certificates_on_destroy) for more information.
-
-+=======
-+>>>>>>> 8d78c87098 (Update-documentation)
+-~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_certificates_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_certificates_on_destroy) for more information.
+-
## Example Usage (Importing a PFX)
~> **Note:** this example assumed the PFX file is located in the same directory at `certificate-to-import.pfx`.
-@@ -103,7 +106,7 @@ resource "azurerm_key_vault_certificate" "example" {
+@@ -103,7 +101,7 @@ resource "azurerm_key_vault_certificate" "example" {
}
```
@@ -1780,21 +1778,18 @@ index 89198d584b..d2c3bee09a 100644
```hcl
data "azurerm_client_config" "current" {}
diff --git a/website/docs/r/key_vault_secret.html.markdown b/website/docs/r/key_vault_secret.html.markdown
-index c6387f8e37..10ac1d0ad4 100644
+index c6387f8e37..ab11365777 100644
--- a/website/docs/r/key_vault_secret.html.markdown
+++ b/website/docs/r/key_vault_secret.html.markdown
-@@ -11,11 +11,14 @@ description: |-
+@@ -11,11 +11,6 @@ description: |-
Manages a Key Vault Secret.
-+<<<<<<< HEAD
- ~> **Note:** All arguments including the secret value will be stored in the raw state as plain-text.
- [Read more about sensitive data in state](/docs/state/sensitive-data.html).
-
- ~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_secrets_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_secrets_on_destroy) for more information.
-
-+=======
-+>>>>>>> 8d78c87098 (Update-documentation)
+-~> **Note:** All arguments including the secret value will be stored in the raw state as plain-text.
+-[Read more about sensitive data in state](/docs/state/sensitive-data.html).
+-
+-~> **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See [`purge_soft_deleted_secrets_on_destroy`](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/features-block#purge_soft_deleted_secrets_on_destroy) for more information.
+-
## Example Usage
```hcl
@@ -2711,7 +2706,7 @@ index 06660e1381..3562812668 100644
-> **NOTE:** You must specify exact one of `blob_uri`, `managed_image_id` and `os_disk_snapshot_id`.
diff --git a/website/docs/r/signalr_service.html.markdown b/website/docs/r/signalr_service.html.markdown
-index f2e1549d43..4836c3ef0a 100644
+index ea6e5aa12e..596c16baba 100644
--- a/website/docs/r/signalr_service.html.markdown
+++ b/website/docs/r/signalr_service.html.markdown
@@ -14,8 +14,8 @@ Manages an Azure SignalR service.
@@ -2754,7 +2749,7 @@ index 8f57c91d06..e08781fa67 100644
```hcl
diff --git a/website/docs/r/storage_blob.html.markdown b/website/docs/r/storage_blob.html.markdown
-index 04ca0f76e5..f0d311a601 100644
+index d5b970d394..34cf87d1ae 100644
--- a/website/docs/r/storage_blob.html.markdown
+++ b/website/docs/r/storage_blob.html.markdown
@@ -65,8 +65,6 @@ The following arguments are supported:
@@ -2763,9 +2758,9 @@ index 04ca0f76e5..f0d311a601 100644
-~> **NOTE:** This property is intended to be used with the Terraform internal [filemd5](https://www.terraform.io/docs/configuration/functions/filemd5.html) and [md5](https://www.terraform.io/docs/configuration/functions/md5.html) functions when `source` or `source_content`, respectively, are defined.
-
- * `source` - (Optional) An absolute path to a file on the local system. This field cannot be specified for Append blobs and cannot be specified if `source_content` or `source_uri` is specified. Changing this forces a new resource to be created.
+ * `encryption_scope` - (Optional) The encryption scope to use for this blob.
- * `source_content` - (Optional) The content for this blob which should be defined inline. This field can only be specified for Block blobs and cannot be specified if `source` or `source_uri` is specified. Changing this forces a new resource to be created.
+ * `source` - (Optional) An absolute path to a file on the local system. This field cannot be specified for Append blobs and cannot be specified if `source_content` or `source_uri` is specified. Changing this forces a new resource to be created.
diff --git a/website/docs/r/storage_data_lake_gen2_path.html.markdown b/website/docs/r/storage_data_lake_gen2_path.html.markdown
index 6786f8eb01..38823a0fd4 100644
--- a/website/docs/r/storage_data_lake_gen2_path.html.markdown
@@ -2780,7 +2775,7 @@ index 6786f8eb01..38823a0fd4 100644
name = "example-resources"
location = "West Europe"
diff --git a/website/docs/r/subnet.html.markdown b/website/docs/r/subnet.html.markdown
-index febf934234..d8187c43d6 100644
+index eb2020be7a..6f8b64b8c3 100644
--- a/website/docs/r/subnet.html.markdown
+++ b/website/docs/r/subnet.html.markdown
@@ -11,7 +11,7 @@ description: |-
diff --git a/provider/cmd/pulumi-resource-azure/schema.json b/provider/cmd/pulumi-resource-azure/schema.json
index 4dad899b2b..666cac7fec 100644
--- a/provider/cmd/pulumi-resource-azure/schema.json
+++ b/provider/cmd/pulumi-resource-azure/schema.json
@@ -245,7 +245,7 @@
},
"environment": {
"type": "string",
- "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.\n",
+ "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not\nused and should not be specified when `metadata_host` is specified.\n",
"default": "public",
"defaultInfo": {
"environment": [
@@ -11355,7 +11355,7 @@
"properties": {
"azureBlobStorage": {
"$ref": "#/types/azure:appservice/LinuxWebAppLogsHttpLogsAzureBlobStorage:LinuxWebAppLogsHttpLogsAzureBlobStorage",
- "description": "A `azure_blob_storage_http` block as defined below.\n"
+ "description": "A `azure_blob_storage_http` block as defined above.\n"
},
"fileSystem": {
"$ref": "#/types/azure:appservice/LinuxWebAppLogsHttpLogsFileSystem:LinuxWebAppLogsHttpLogsFileSystem",
@@ -11603,7 +11603,7 @@
},
"javaVersion": {
"type": "string",
- "description": "The Version of Java to use. Possible values include `8`, `11`, and `17`.\n\n\u003e **NOTE:** The valid version combinations for `java_version`, `java_server` and `java_server_version` can be checked from the command line via `az webapp list-runtimes --linux`.\n"
+ "description": "The Version of Java to use. Possible values include `8`, `11`, and `17`.\n\n\u003e **NOTE:** The valid version combinations for `java_version`, `java_server` and `java_server_version` can be checked from the command line via `az webapp list-runtimes --linux`.\n\n\u003e **NOTE:** `java_server`, `java_server_version`, and `java_version` must all be specified if building a java app\n"
},
"nodeVersion": {
"type": "string",
@@ -18175,7 +18175,7 @@
"properties": {
"azureBlobStorage": {
"$ref": "#/types/azure:appservice/WindowsWebAppLogsHttpLogsAzureBlobStorage:WindowsWebAppLogsHttpLogsAzureBlobStorage",
- "description": "A `azure_blob_storage_http` block as defined above.\n"
+ "description": "A `azure_blob_storage_http` block as defined below.\n"
},
"fileSystem": {
"$ref": "#/types/azure:appservice/WindowsWebAppLogsHttpLogsFileSystem:WindowsWebAppLogsHttpLogsFileSystem",
@@ -86835,7 +86835,7 @@
},
"name": {
"type": "string",
- "description": "The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.\n"
+ "description": "The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.\n"
}
},
"type": "object",
@@ -97527,11 +97527,11 @@
"properties": {
"capacity": {
"type": "integer",
- "description": "Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.\n"
+ "description": "Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.\n\n\u003e **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.\n"
},
"name": {
"type": "string",
- "description": "Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.\n"
+ "description": "Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.\n"
}
},
"type": "object",
@@ -103348,7 +103348,7 @@
},
"environment": {
"type": "string",
- "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.\n"
+ "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not\nused and should not be specified when `metadata_host` is specified.\n"
},
"features": {
"$ref": "#/types/azure:index/ProviderFeatures:ProviderFeatures"
@@ -103472,7 +103472,7 @@
},
"environment": {
"type": "string",
- "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.\n",
+ "description": "The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not\nused and should not be specified when `metadata_host` is specified.\n",
"default": "public",
"defaultInfo": {
"environment": [
@@ -135092,7 +135092,7 @@
},
"publicNetworkAccessEnabled": {
"type": "boolean",
- "description": "Whether public network access is allowed for this server. Defaults to `true`.\n"
+ "description": "Whether public network access is enabled. Defaults to `true`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -135200,7 +135200,7 @@
},
"publicNetworkAccessEnabled": {
"type": "boolean",
- "description": "Whether public network access is allowed for this server. Defaults to `true`.\n"
+ "description": "Whether public network access is enabled. Defaults to `true`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -135309,7 +135309,7 @@
},
"publicNetworkAccessEnabled": {
"type": "boolean",
- "description": "Whether public network access is allowed for this server. Defaults to `true`.\n"
+ "description": "Whether public network access is enabled. Defaults to `true`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -137685,7 +137685,7 @@
}
},
"azure:chaosstudio/target:Target": {
- "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Chaos Studio Target.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.chaosstudio.Target;\nimport com.pulumi.azure.chaosstudio.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new KubernetesCluster(\"example\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .build())\n .upgradeSettings(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleTarget = new Target(\"exampleTarget\", TargetArgs.builder() \n .location(exampleResourceGroup.location())\n .targetResourceId(example.id())\n .targetType(\"example-value\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:containerservice:KubernetesCluster\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n - maxSurge: example-value\n identity:\n type: example-value\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleTarget:\n type: azure:chaosstudio:Target\n name: example\n properties:\n location: ${exampleResourceGroup.location}\n targetResourceId: ${example.id}\n targetType: example-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Chaos Studio Target can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:chaosstudio/target:Target example /{scope}/providers/Microsoft.Chaos/targets/{targetName}\n```\n\n* Where `{scope}` is the ID of the Azure Resource under which the Chaos Studio Target exists. For example `/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/some-resource-group`.\n\n* Where `{targetName}` is the name of the Target. For example `targetValue`.\n\n",
+ "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Chaos Studio Target.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst example = new azure.containerservice.KubernetesCluster(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n dnsPrefix: \"acctestaksexample\",\n defaultNodePool: {\n name: \"example-value\",\n nodeCount: \"example-value\",\n vmSize: \"example-value\",\n upgradeSettings: {\n maxSurge: \"example-value\",\n },\n },\n identity: {\n type: \"example-value\",\n },\n});\nconst exampleTarget = new azure.chaosstudio.Target(\"example\", {\n location: exampleResourceGroup.location,\n targetResourceId: example.id,\n targetType: \"example-value\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample = azure.containerservice.KubernetesCluster(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n dns_prefix=\"acctestaksexample\",\n default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(\n name=\"example-value\",\n node_count=\"example-value\",\n vm_size=\"example-value\",\n upgrade_settings=azure.containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs(\n max_surge=\"example-value\",\n ),\n ),\n identity=azure.containerservice.KubernetesClusterIdentityArgs(\n type=\"example-value\",\n ))\nexample_target = azure.chaosstudio.Target(\"example\",\n location=example_resource_group.location,\n target_resource_id=example.id,\n target_type=\"example-value\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var example = new Azure.ContainerService.KubernetesCluster(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n DnsPrefix = \"acctestaksexample\",\n DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs\n {\n Name = \"example-value\",\n NodeCount = \"example-value\",\n VmSize = \"example-value\",\n UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs\n {\n MaxSurge = \"example-value\",\n },\n },\n Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs\n {\n Type = \"example-value\",\n },\n });\n\n var exampleTarget = new Azure.ChaosStudio.Target(\"example\", new()\n {\n Location = exampleResourceGroup.Location,\n TargetResourceId = example.Id,\n TargetType = \"example-value\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/chaosstudio\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := containerservice.NewKubernetesCluster(ctx, \"example\", \u0026containerservice.KubernetesClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tDnsPrefix: pulumi.String(\"acctestaksexample\"),\n\t\t\tDefaultNodePool: \u0026containerservice.KubernetesClusterDefaultNodePoolArgs{\n\t\t\t\tName: pulumi.String(\"example-value\"),\n\t\t\t\tNodeCount: pulumi.Int(\"example-value\"),\n\t\t\t\tVmSize: pulumi.String(\"example-value\"),\n\t\t\t\tUpgradeSettings: \u0026containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{\n\t\t\t\t\tMaxSurge: pulumi.String(\"example-value\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdentity: \u0026containerservice.KubernetesClusterIdentityArgs{\n\t\t\t\tType: pulumi.String(\"example-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chaosstudio.NewTarget(ctx, \"example\", \u0026chaosstudio.TargetArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tTargetResourceId: example.ID(),\n\t\t\tTargetType: pulumi.String(\"example-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.chaosstudio.Target;\nimport com.pulumi.azure.chaosstudio.TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new KubernetesCluster(\"example\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .upgradeSettings(KubernetesClusterDefaultNodePoolUpgradeSettingsArgs.builder()\n .maxSurge(\"example-value\")\n .build())\n .build())\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleTarget = new Target(\"exampleTarget\", TargetArgs.builder() \n .location(exampleResourceGroup.location())\n .targetResourceId(example.id())\n .targetType(\"example-value\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:containerservice:KubernetesCluster\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n maxSurge: example-value\n identity:\n type: example-value\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleTarget:\n type: azure:chaosstudio:Target\n name: example\n properties:\n location: ${exampleResourceGroup.location}\n targetResourceId: ${example.id}\n targetType: example-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Chaos Studio Target can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:chaosstudio/target:Target example /{scope}/providers/Microsoft.Chaos/targets/{targetName}\n```\n\n* Where `{scope}` is the ID of the Azure Resource under which the Chaos Studio Target exists. For example `/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/some-resource-group`.\n\n* Where `{targetName}` is the name of the Target. For example `targetValue`.\n\n",
"properties": {
"location": {
"type": "string",
@@ -145195,6 +145195,14 @@
"type": "string",
"description": "Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.\n"
},
+ "networkAccessPolicy": {
+ "type": "string",
+ "description": "Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.\n"
+ },
+ "publicNetworkAccessEnabled": {
+ "type": "boolean",
+ "description": "Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.\n"
+ },
"resourceGroupName": {
"type": "string",
"description": "The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.\n"
@@ -145259,6 +145267,14 @@
"description": "Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.\n",
"willReplaceOnChanges": true
},
+ "networkAccessPolicy": {
+ "type": "string",
+ "description": "Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.\n"
+ },
+ "publicNetworkAccessEnabled": {
+ "type": "boolean",
+ "description": "Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.\n"
+ },
"resourceGroupName": {
"type": "string",
"description": "The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.\n",
@@ -145321,6 +145337,14 @@
"description": "Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.\n",
"willReplaceOnChanges": true
},
+ "networkAccessPolicy": {
+ "type": "string",
+ "description": "Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.\n"
+ },
+ "publicNetworkAccessEnabled": {
+ "type": "boolean",
+ "description": "Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.\n"
+ },
"resourceGroupName": {
"type": "string",
"description": "The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.\n",
@@ -149445,7 +149469,7 @@
}
},
"azure:containerservice/clusterTrustedAccessRoleBinding:ClusterTrustedAccessRoleBinding": {
- "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Kubernetes Cluster Trusted Access Role Binding\n\u003e **Note:** This Resource is in **Preview** to use this you must be opted into the Preview. You can do this by running `az feature register --namespace Microsoft.ContainerService --name TrustedAccessPreview` and then `az provider register -n Microsoft.ContainerService`\n.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.appinsights.Insights;\nimport com.pulumi.azure.appinsights.InsightsArgs;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.machinelearning.Workspace;\nimport com.pulumi.azure.machinelearning.WorkspaceArgs;\nimport com.pulumi.azure.machinelearning.inputs.WorkspaceIdentityArgs;\nimport com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBinding;\nimport com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new Insights(\"example\", InsightsArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .applicationType(\"example-value\")\n .build());\n\n final var test = CoreFunctions.getClientConfig();\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .tenantId(exampleAzurermClientConfig.tenantId())\n .skuName(\"example-value\")\n .softDeleteRetentionDays(\"example-value\")\n .build());\n\n var exampleAccessPolicy = new AccessPolicy(\"exampleAccessPolicy\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleAzurermClientConfig.tenantId())\n .objectId(exampleAzurermClientConfig.objectId())\n .keyPermissions(\"example-value\")\n .build());\n\n var exampleKubernetesCluster = new KubernetesCluster(\"exampleKubernetesCluster\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .build())\n .upgradeSettings(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\", AccountArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .accountTier(\"example-value\")\n .accountReplicationType(\"example-value\")\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .keyVaultId(exampleKeyVault.id())\n .storageAccountId(exampleAccount.id())\n .applicationInsightsId(example.id())\n .identity(WorkspaceIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleClusterTrustedAccessRoleBinding = new ClusterTrustedAccessRoleBinding(\"exampleClusterTrustedAccessRoleBinding\", ClusterTrustedAccessRoleBindingArgs.builder() \n .kubernetesClusterId(exampleKubernetesCluster.id())\n .name(\"example\")\n .roles(\"example-value\")\n .sourceResourceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:appinsights:Insights\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n applicationType: example-value\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n tenantId: ${exampleAzurermClientConfig.tenantId}\n skuName: example-value\n softDeleteRetentionDays: example-value\n exampleAccessPolicy:\n type: azure:keyvault:AccessPolicy\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleAzurermClientConfig.tenantId}\n objectId: ${exampleAzurermClientConfig.objectId}\n keyPermissions: example-value\n exampleKubernetesCluster:\n type: azure:containerservice:KubernetesCluster\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n - maxSurge: example-value\n identity:\n type: example-value\n exampleWorkspace:\n type: azure:machinelearning:Workspace\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n keyVaultId: ${exampleKeyVault.id}\n storageAccountId: ${exampleAccount.id}\n applicationInsightsId: ${example.id}\n identity:\n type: example-value\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleAccount:\n type: azure:storage:Account\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n accountTier: example-value\n accountReplicationType: example-value\n exampleClusterTrustedAccessRoleBinding:\n type: azure:containerservice:ClusterTrustedAccessRoleBinding\n name: example\n properties:\n kubernetesClusterId: ${exampleKubernetesCluster.id}\n name: example\n roles: example-value\n sourceResourceId: ${exampleWorkspace.id}\nvariables:\n test:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Kubernetes Cluster Trusted Access Role Binding can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:containerservice/clusterTrustedAccessRoleBinding:ClusterTrustedAccessRoleBinding example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{managedClusterName}/trustedAccessRoleBindings/{trustedAccessRoleBindingName}\n```\n\n* Where `{subscriptionId}` is the ID of the Azure Subscription where the Kubernetes Cluster Trusted Access Role Binding exists. For example `12345678-1234-9876-4563-123456789012`.\n\n* Where `{resourceGroupName}` is the name of Resource Group where this Kubernetes Cluster Trusted Access Role Binding exists. For example `example-resource-group`.\n\n* Where `{managedClusterName}` is the name of the Managed Cluster. For example `managedClusterValue`.\n\n* Where `{trustedAccessRoleBindingName}` is the name of the Trusted Access Role Binding. For example `trustedAccessRoleBindingValue`.\n\n",
+ "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Kubernetes Cluster Trusted Access Role Binding\n\u003e **Note:** This Resource is in **Preview** to use this you must be opted into the Preview. You can do this by running `az feature register --namespace Microsoft.ContainerService --name TrustedAccessPreview` and then `az provider register -n Microsoft.ContainerService`\n.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst example = new azure.appinsights.Insights(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n applicationType: \"example-value\",\n});\nconst test = azure.core.getClientConfig({});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n tenantId: exampleAzurermClientConfig.tenantId,\n skuName: \"example-value\",\n softDeleteRetentionDays: \"example-value\",\n});\nconst exampleAccessPolicy = new azure.keyvault.AccessPolicy(\"example\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: exampleAzurermClientConfig.tenantId,\n objectId: exampleAzurermClientConfig.objectId,\n keyPermissions: \"example-value\",\n});\nconst exampleKubernetesCluster = new azure.containerservice.KubernetesCluster(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n dnsPrefix: \"acctestaksexample\",\n defaultNodePool: {\n name: \"example-value\",\n nodeCount: \"example-value\",\n vmSize: \"example-value\",\n upgradeSettings: {\n maxSurge: \"example-value\",\n },\n },\n identity: {\n type: \"example-value\",\n },\n});\nconst exampleAccount = new azure.storage.Account(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n accountTier: \"example-value\",\n accountReplicationType: \"example-value\",\n});\nconst exampleWorkspace = new azure.machinelearning.Workspace(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n keyVaultId: exampleKeyVault.id,\n storageAccountId: exampleAccount.id,\n applicationInsightsId: example.id,\n identity: {\n type: \"example-value\",\n },\n});\nconst exampleClusterTrustedAccessRoleBinding = new azure.containerservice.ClusterTrustedAccessRoleBinding(\"example\", {\n kubernetesClusterId: exampleKubernetesCluster.id,\n name: \"example\",\n roles: \"example-value\",\n sourceResourceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample = azure.appinsights.Insights(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n application_type=\"example-value\")\ntest = azure.core.get_client_config()\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n tenant_id=example_azurerm_client_config[\"tenantId\"],\n sku_name=\"example-value\",\n soft_delete_retention_days=\"example-value\")\nexample_access_policy = azure.keyvault.AccessPolicy(\"example\",\n key_vault_id=example_key_vault.id,\n tenant_id=example_azurerm_client_config[\"tenantId\"],\n object_id=example_azurerm_client_config[\"objectId\"],\n key_permissions=\"example-value\")\nexample_kubernetes_cluster = azure.containerservice.KubernetesCluster(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n dns_prefix=\"acctestaksexample\",\n default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(\n name=\"example-value\",\n node_count=\"example-value\",\n vm_size=\"example-value\",\n upgrade_settings=azure.containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs(\n max_surge=\"example-value\",\n ),\n ),\n identity=azure.containerservice.KubernetesClusterIdentityArgs(\n type=\"example-value\",\n ))\nexample_account = azure.storage.Account(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n account_tier=\"example-value\",\n account_replication_type=\"example-value\")\nexample_workspace = azure.machinelearning.Workspace(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n key_vault_id=example_key_vault.id,\n storage_account_id=example_account.id,\n application_insights_id=example.id,\n identity=azure.machinelearning.WorkspaceIdentityArgs(\n type=\"example-value\",\n ))\nexample_cluster_trusted_access_role_binding = azure.containerservice.ClusterTrustedAccessRoleBinding(\"example\",\n kubernetes_cluster_id=example_kubernetes_cluster.id,\n name=\"example\",\n roles=\"example-value\",\n source_resource_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var example = new Azure.AppInsights.Insights(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n ApplicationType = \"example-value\",\n });\n\n var test = Azure.Core.GetClientConfig.Invoke();\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n TenantId = exampleAzurermClientConfig.TenantId,\n SkuName = \"example-value\",\n SoftDeleteRetentionDays = \"example-value\",\n });\n\n var exampleAccessPolicy = new Azure.KeyVault.AccessPolicy(\"example\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = exampleAzurermClientConfig.TenantId,\n ObjectId = exampleAzurermClientConfig.ObjectId,\n KeyPermissions = \"example-value\",\n });\n\n var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n DnsPrefix = \"acctestaksexample\",\n DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs\n {\n Name = \"example-value\",\n NodeCount = \"example-value\",\n VmSize = \"example-value\",\n UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs\n {\n MaxSurge = \"example-value\",\n },\n },\n Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs\n {\n Type = \"example-value\",\n },\n });\n\n var exampleAccount = new Azure.Storage.Account(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n AccountTier = \"example-value\",\n AccountReplicationType = \"example-value\",\n });\n\n var exampleWorkspace = new Azure.MachineLearning.Workspace(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n KeyVaultId = exampleKeyVault.Id,\n StorageAccountId = exampleAccount.Id,\n ApplicationInsightsId = example.Id,\n Identity = new Azure.MachineLearning.Inputs.WorkspaceIdentityArgs\n {\n Type = \"example-value\",\n },\n });\n\n var exampleClusterTrustedAccessRoleBinding = new Azure.ContainerService.ClusterTrustedAccessRoleBinding(\"example\", new()\n {\n KubernetesClusterId = exampleKubernetesCluster.Id,\n Name = \"example\",\n Roles = \"example-value\",\n SourceResourceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appinsights\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/machinelearning\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := appinsights.NewInsights(ctx, \"example\", \u0026appinsights.InsightsArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tApplicationType: pulumi.String(\"example-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tTenantId: pulumi.Any(exampleAzurermClientConfig.TenantId),\n\t\t\tSkuName: pulumi.String(\"example-value\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(\"example-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewAccessPolicy(ctx, \"example\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: pulumi.Any(exampleAzurermClientConfig.TenantId),\n\t\t\tObjectId: pulumi.Any(exampleAzurermClientConfig.ObjectId),\n\t\t\tKeyPermissions: pulumi.StringArray(\"example-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, \"example\", \u0026containerservice.KubernetesClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tDnsPrefix: pulumi.String(\"acctestaksexample\"),\n\t\t\tDefaultNodePool: \u0026containerservice.KubernetesClusterDefaultNodePoolArgs{\n\t\t\t\tName: pulumi.String(\"example-value\"),\n\t\t\t\tNodeCount: pulumi.Int(\"example-value\"),\n\t\t\t\tVmSize: pulumi.String(\"example-value\"),\n\t\t\t\tUpgradeSettings: \u0026containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{\n\t\t\t\t\tMaxSurge: pulumi.String(\"example-value\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdentity: \u0026containerservice.KubernetesClusterIdentityArgs{\n\t\t\t\tType: pulumi.String(\"example-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccount, err := storage.NewAccount(ctx, \"example\", \u0026storage.AccountArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tAccountTier: pulumi.String(\"example-value\"),\n\t\t\tAccountReplicationType: pulumi.String(\"example-value\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := machinelearning.NewWorkspace(ctx, \"example\", \u0026machinelearning.WorkspaceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tStorageAccountId: exampleAccount.ID(),\n\t\t\tApplicationInsightsId: example.ID(),\n\t\t\tIdentity: \u0026machinelearning.WorkspaceIdentityArgs{\n\t\t\t\tType: pulumi.String(\"example-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = containerservice.NewClusterTrustedAccessRoleBinding(ctx, \"example\", \u0026containerservice.ClusterTrustedAccessRoleBindingArgs{\n\t\t\tKubernetesClusterId: exampleKubernetesCluster.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoles: pulumi.StringArray(\"example-value\"),\n\t\t\tSourceResourceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.appinsights.Insights;\nimport com.pulumi.azure.appinsights.InsightsArgs;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.machinelearning.Workspace;\nimport com.pulumi.azure.machinelearning.WorkspaceArgs;\nimport com.pulumi.azure.machinelearning.inputs.WorkspaceIdentityArgs;\nimport com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBinding;\nimport com.pulumi.azure.containerservice.ClusterTrustedAccessRoleBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new Insights(\"example\", InsightsArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .applicationType(\"example-value\")\n .build());\n\n final var test = CoreFunctions.getClientConfig();\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .tenantId(exampleAzurermClientConfig.tenantId())\n .skuName(\"example-value\")\n .softDeleteRetentionDays(\"example-value\")\n .build());\n\n var exampleAccessPolicy = new AccessPolicy(\"exampleAccessPolicy\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleAzurermClientConfig.tenantId())\n .objectId(exampleAzurermClientConfig.objectId())\n .keyPermissions(\"example-value\")\n .build());\n\n var exampleKubernetesCluster = new KubernetesCluster(\"exampleKubernetesCluster\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .upgradeSettings(KubernetesClusterDefaultNodePoolUpgradeSettingsArgs.builder()\n .maxSurge(\"example-value\")\n .build())\n .build())\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\", AccountArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .accountTier(\"example-value\")\n .accountReplicationType(\"example-value\")\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .keyVaultId(exampleKeyVault.id())\n .storageAccountId(exampleAccount.id())\n .applicationInsightsId(example.id())\n .identity(WorkspaceIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleClusterTrustedAccessRoleBinding = new ClusterTrustedAccessRoleBinding(\"exampleClusterTrustedAccessRoleBinding\", ClusterTrustedAccessRoleBindingArgs.builder() \n .kubernetesClusterId(exampleKubernetesCluster.id())\n .name(\"example\")\n .roles(\"example-value\")\n .sourceResourceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:appinsights:Insights\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n applicationType: example-value\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n tenantId: ${exampleAzurermClientConfig.tenantId}\n skuName: example-value\n softDeleteRetentionDays: example-value\n exampleAccessPolicy:\n type: azure:keyvault:AccessPolicy\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleAzurermClientConfig.tenantId}\n objectId: ${exampleAzurermClientConfig.objectId}\n keyPermissions: example-value\n exampleKubernetesCluster:\n type: azure:containerservice:KubernetesCluster\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n maxSurge: example-value\n identity:\n type: example-value\n exampleWorkspace:\n type: azure:machinelearning:Workspace\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n keyVaultId: ${exampleKeyVault.id}\n storageAccountId: ${exampleAccount.id}\n applicationInsightsId: ${example.id}\n identity:\n type: example-value\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleAccount:\n type: azure:storage:Account\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n accountTier: example-value\n accountReplicationType: example-value\n exampleClusterTrustedAccessRoleBinding:\n type: azure:containerservice:ClusterTrustedAccessRoleBinding\n name: example\n properties:\n kubernetesClusterId: ${exampleKubernetesCluster.id}\n name: example\n roles: example-value\n sourceResourceId: ${exampleWorkspace.id}\nvariables:\n test:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Kubernetes Cluster Trusted Access Role Binding can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:containerservice/clusterTrustedAccessRoleBinding:ClusterTrustedAccessRoleBinding example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{managedClusterName}/trustedAccessRoleBindings/{trustedAccessRoleBindingName}\n```\n\n* Where `{subscriptionId}` is the ID of the Azure Subscription where the Kubernetes Cluster Trusted Access Role Binding exists. For example `12345678-1234-9876-4563-123456789012`.\n\n* Where `{resourceGroupName}` is the name of Resource Group where this Kubernetes Cluster Trusted Access Role Binding exists. For example `example-resource-group`.\n\n* Where `{managedClusterName}` is the name of the Managed Cluster. For example `managedClusterValue`.\n\n* Where `{trustedAccessRoleBindingName}` is the name of the Trusted Access Role Binding. For example `trustedAccessRoleBindingValue`.\n\n",
"properties": {
"kubernetesClusterId": {
"type": "string",
@@ -149726,7 +149750,7 @@
}
},
"azure:containerservice/fleetMember:FleetMember": {
- "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Kubernetes Fleet Member.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.containerservice.KubernetesFleetManager;\nimport com.pulumi.azure.containerservice.KubernetesFleetManagerArgs;\nimport com.pulumi.azure.containerservice.FleetMember;\nimport com.pulumi.azure.containerservice.FleetMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new KubernetesCluster(\"example\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .build())\n .upgradeSettings(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleKubernetesFleetManager = new KubernetesFleetManager(\"exampleKubernetesFleetManager\", KubernetesFleetManagerArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleFleetMember = new FleetMember(\"exampleFleetMember\", FleetMemberArgs.builder() \n .kubernetesClusterId(example.id())\n .kubernetesFleetId(exampleKubernetesFleetManager.id())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:containerservice:KubernetesCluster\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n - maxSurge: example-value\n identity:\n type: example-value\n exampleKubernetesFleetManager:\n type: azure:containerservice:KubernetesFleetManager\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleFleetMember:\n type: azure:containerservice:FleetMember\n name: example\n properties:\n kubernetesClusterId: ${example.id}\n kubernetesFleetId: ${exampleKubernetesFleetManager.id}\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Kubernetes Fleet Member can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:containerservice/fleetMember:FleetMember example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{memberName}\n```\n\n* Where `{subscriptionId}` is the ID of the Azure Subscription where the Kubernetes Fleet Member exists. For example `12345678-1234-9876-4563-123456789012`.\n\n* Where `{resourceGroupName}` is the name of Resource Group where this Kubernetes Fleet Member exists. For example `example-resource-group`.\n\n* Where `{fleetName}` is the name of the Fleet. For example `fleetValue`.\n\n* Where `{memberName}` is the name of the Member. For example `memberValue`.\n\n",
+ "description": "\u003c!-- Note: This documentation is generated. Any manual changes will be overwritten --\u003e\n\nManages a Kubernetes Fleet Member.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst example = new azure.containerservice.KubernetesCluster(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n dnsPrefix: \"acctestaksexample\",\n defaultNodePool: {\n name: \"example-value\",\n nodeCount: \"example-value\",\n vmSize: \"example-value\",\n upgradeSettings: {\n maxSurge: \"example-value\",\n },\n },\n identity: {\n type: \"example-value\",\n },\n});\nconst exampleKubernetesFleetManager = new azure.containerservice.KubernetesFleetManager(\"example\", {\n name: \"example\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n});\nconst exampleFleetMember = new azure.containerservice.FleetMember(\"example\", {\n kubernetesClusterId: example.id,\n kubernetesFleetId: exampleKubernetesFleetManager.id,\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample = azure.containerservice.KubernetesCluster(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n dns_prefix=\"acctestaksexample\",\n default_node_pool=azure.containerservice.KubernetesClusterDefaultNodePoolArgs(\n name=\"example-value\",\n node_count=\"example-value\",\n vm_size=\"example-value\",\n upgrade_settings=azure.containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs(\n max_surge=\"example-value\",\n ),\n ),\n identity=azure.containerservice.KubernetesClusterIdentityArgs(\n type=\"example-value\",\n ))\nexample_kubernetes_fleet_manager = azure.containerservice.KubernetesFleetManager(\"example\",\n name=\"example\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name)\nexample_fleet_member = azure.containerservice.FleetMember(\"example\",\n kubernetes_cluster_id=example.id,\n kubernetes_fleet_id=example_kubernetes_fleet_manager.id,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var example = new Azure.ContainerService.KubernetesCluster(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n DnsPrefix = \"acctestaksexample\",\n DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs\n {\n Name = \"example-value\",\n NodeCount = \"example-value\",\n VmSize = \"example-value\",\n UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs\n {\n MaxSurge = \"example-value\",\n },\n },\n Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs\n {\n Type = \"example-value\",\n },\n });\n\n var exampleKubernetesFleetManager = new Azure.ContainerService.KubernetesFleetManager(\"example\", new()\n {\n Name = \"example\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var exampleFleetMember = new Azure.ContainerService.FleetMember(\"example\", new()\n {\n KubernetesClusterId = example.Id,\n KubernetesFleetId = exampleKubernetesFleetManager.Id,\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := containerservice.NewKubernetesCluster(ctx, \"example\", \u0026containerservice.KubernetesClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tDnsPrefix: pulumi.String(\"acctestaksexample\"),\n\t\t\tDefaultNodePool: \u0026containerservice.KubernetesClusterDefaultNodePoolArgs{\n\t\t\t\tName: pulumi.String(\"example-value\"),\n\t\t\t\tNodeCount: pulumi.Int(\"example-value\"),\n\t\t\t\tVmSize: pulumi.String(\"example-value\"),\n\t\t\t\tUpgradeSettings: \u0026containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{\n\t\t\t\t\tMaxSurge: pulumi.String(\"example-value\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tIdentity: \u0026containerservice.KubernetesClusterIdentityArgs{\n\t\t\t\tType: pulumi.String(\"example-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKubernetesFleetManager, err := containerservice.NewKubernetesFleetManager(ctx, \"example\", \u0026containerservice.KubernetesFleetManagerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = containerservice.NewFleetMember(ctx, \"example\", \u0026containerservice.FleetMemberArgs{\n\t\t\tKubernetesClusterId: example.ID(),\n\t\t\tKubernetesFleetId: exampleKubernetesFleetManager.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.containerservice.KubernetesCluster;\nimport com.pulumi.azure.containerservice.KubernetesClusterArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs;\nimport com.pulumi.azure.containerservice.inputs.KubernetesClusterIdentityArgs;\nimport com.pulumi.azure.containerservice.KubernetesFleetManager;\nimport com.pulumi.azure.containerservice.KubernetesFleetManagerArgs;\nimport com.pulumi.azure.containerservice.FleetMember;\nimport com.pulumi.azure.containerservice.FleetMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var example = new KubernetesCluster(\"example\", KubernetesClusterArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .dnsPrefix(\"acctestaksexample\")\n .defaultNodePool(KubernetesClusterDefaultNodePoolArgs.builder()\n .name(\"example-value\")\n .nodeCount(\"example-value\")\n .vmSize(\"example-value\")\n .upgradeSettings(KubernetesClusterDefaultNodePoolUpgradeSettingsArgs.builder()\n .maxSurge(\"example-value\")\n .build())\n .build())\n .identity(KubernetesClusterIdentityArgs.builder()\n .type(\"example-value\")\n .build())\n .build());\n\n var exampleKubernetesFleetManager = new KubernetesFleetManager(\"exampleKubernetesFleetManager\", KubernetesFleetManagerArgs.builder() \n .name(\"example\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleFleetMember = new FleetMember(\"exampleFleetMember\", FleetMemberArgs.builder() \n .kubernetesClusterId(example.id())\n .kubernetesFleetId(exampleKubernetesFleetManager.id())\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:containerservice:KubernetesCluster\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n dnsPrefix: acctestaksexample\n defaultNodePool:\n name: example-value\n nodeCount: example-value\n vmSize: example-value\n upgradeSettings:\n maxSurge: example-value\n identity:\n type: example-value\n exampleKubernetesFleetManager:\n type: azure:containerservice:KubernetesFleetManager\n name: example\n properties:\n name: example\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n name: example\n properties:\n name: example-resources\n location: West Europe\n exampleFleetMember:\n type: azure:containerservice:FleetMember\n name: example\n properties:\n kubernetesClusterId: ${example.id}\n kubernetesFleetId: ${exampleKubernetesFleetManager.id}\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAn existing Kubernetes Fleet Member can be imported into Terraform using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:containerservice/fleetMember:FleetMember example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/fleets/{fleetName}/members/{memberName}\n```\n\n* Where `{subscriptionId}` is the ID of the Azure Subscription where the Kubernetes Fleet Member exists. For example `12345678-1234-9876-4563-123456789012`.\n\n* Where `{resourceGroupName}` is the name of Resource Group where this Kubernetes Fleet Member exists. For example `example-resource-group`.\n\n* Where `{fleetName}` is the name of the Fleet. For example `fleetValue`.\n\n* Where `{memberName}` is the name of the Member. For example `memberValue`.\n\n",
"properties": {
"group": {
"type": "string",
@@ -157509,6 +157533,10 @@
"type": "boolean",
"description": "Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.\n"
},
+ "automaticFailoverEnabled": {
+ "type": "boolean",
+ "description": "Enable automatic failover for this Cosmos DB account.\n"
+ },
"backup": {
"$ref": "#/types/azure:cosmosdb/AccountBackup:AccountBackup",
"description": "A `backup` block as defined below.\n"
@@ -157529,7 +157557,7 @@
"items": {
"type": "string"
},
- "description": "A list of connection strings available for this CosmosDB account.\n",
+ "deprecationMessage": "This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider",
"secret": true
},
"consistencyPolicy": {
@@ -157550,20 +157578,24 @@
},
"enableAutomaticFailover": {
"type": "boolean",
- "description": "Enable automatic failover for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `automatic_failover_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableFreeTier": {
"type": "boolean",
- "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n"
+ "deprecationMessage": "This property has been superseded by `free_tier_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableMultipleWriteLocations": {
"type": "boolean",
- "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `multiple_write_locations_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"endpoint": {
"type": "string",
"description": "The endpoint used to connect to the CosmosDB account.\n"
},
+ "freeTierEnabled": {
+ "type": "boolean",
+ "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n"
+ },
"geoLocations": {
"type": "array",
"items": {
@@ -157607,6 +157639,10 @@
"type": "string",
"description": "The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.\n"
},
+ "multipleWriteLocationsEnabled": {
+ "type": "boolean",
+ "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ },
"name": {
"type": "string",
"description": "Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.\n"
@@ -157733,17 +157769,23 @@
},
"required": [
"analyticalStorage",
+ "automaticFailoverEnabled",
"backup",
"capabilities",
"capacity",
"connectionStrings",
"consistencyPolicy",
"createMode",
+ "enableAutomaticFailover",
+ "enableFreeTier",
+ "enableMultipleWriteLocations",
"endpoint",
+ "freeTierEnabled",
"geoLocations",
"location",
"minimalTlsVersion",
"mongoServerVersion",
+ "multipleWriteLocationsEnabled",
"name",
"offerType",
"primaryKey",
@@ -157775,6 +157817,10 @@
"type": "boolean",
"description": "Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.\n"
},
+ "automaticFailoverEnabled": {
+ "type": "boolean",
+ "description": "Enable automatic failover for this Cosmos DB account.\n"
+ },
"backup": {
"$ref": "#/types/azure:cosmosdb/AccountBackup:AccountBackup",
"description": "A `backup` block as defined below.\n"
@@ -157809,16 +157855,19 @@
},
"enableAutomaticFailover": {
"type": "boolean",
- "description": "Enable automatic failover for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `automatic_failover_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableFreeTier": {
"type": "boolean",
- "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n",
- "willReplaceOnChanges": true
+ "deprecationMessage": "This property has been superseded by `free_tier_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableMultipleWriteLocations": {
"type": "boolean",
- "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `multiple_write_locations_enabled` and will be removed in v4.0 of the AzureRM Provider"
+ },
+ "freeTierEnabled": {
+ "type": "boolean",
+ "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n"
},
"geoLocations": {
"type": "array",
@@ -157866,6 +157915,10 @@
"type": "string",
"description": "The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.\n"
},
+ "multipleWriteLocationsEnabled": {
+ "type": "boolean",
+ "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ },
"name": {
"type": "string",
"description": "Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.\n",
@@ -157939,6 +157992,10 @@
"type": "boolean",
"description": "Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.\n"
},
+ "automaticFailoverEnabled": {
+ "type": "boolean",
+ "description": "Enable automatic failover for this Cosmos DB account.\n"
+ },
"backup": {
"$ref": "#/types/azure:cosmosdb/AccountBackup:AccountBackup",
"description": "A `backup` block as defined below.\n"
@@ -157959,7 +158016,7 @@
"items": {
"type": "string"
},
- "description": "A list of connection strings available for this CosmosDB account.\n",
+ "deprecationMessage": "This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider",
"secret": true
},
"consistencyPolicy": {
@@ -157981,21 +158038,24 @@
},
"enableAutomaticFailover": {
"type": "boolean",
- "description": "Enable automatic failover for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `automatic_failover_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableFreeTier": {
"type": "boolean",
- "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n",
- "willReplaceOnChanges": true
+ "deprecationMessage": "This property has been superseded by `free_tier_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"enableMultipleWriteLocations": {
"type": "boolean",
- "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ "deprecationMessage": "This property has been superseded by `multiple_write_locations_enabled` and will be removed in v4.0 of the AzureRM Provider"
},
"endpoint": {
"type": "string",
"description": "The endpoint used to connect to the CosmosDB account.\n"
},
+ "freeTierEnabled": {
+ "type": "boolean",
+ "description": "Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.\n"
+ },
"geoLocations": {
"type": "array",
"items": {
@@ -158042,6 +158102,10 @@
"type": "string",
"description": "The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.\n"
},
+ "multipleWriteLocationsEnabled": {
+ "type": "boolean",
+ "description": "Enable multiple write locations for this Cosmos DB account.\n"
+ },
"name": {
"type": "string",
"description": "Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.\n",
@@ -194231,7 +194295,7 @@
}
},
"azure:keyvault/certifiate:Certifiate": {
- "description": "Manages a Key Vault Certificate.\n\n\u003c\u003c\u003c\u003c\u003c\u003c\u003c HEAD\n\u003e **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_certificates_on_destroy` for more information. \n\n=======\n\u003e\u003e\u003e\u003e\u003e\u003e\u003e 8d78c87098 (Update-documentation)\n## Example Usage\n\n### Importing A PFX)\n\n\u003e **Note:** this example assumed the PFX file is located in the same directory at `certificate-to-import.pfx`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"imported-cert\",\n keyVaultId: exampleKeyVault.id,\n certificate: {\n contents: std.filebase64({\n input: \"certificate-to-import.pfx\",\n }).then(invoke =\u003e invoke.result),\n password: \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_std as std\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"imported-cert\",\n key_vault_id=example_key_vault.id,\n certificate=azure.keyvault.CertificateCertificateArgs(\n contents=std.filebase64(input=\"certificate-to-import.pfx\").result,\n password=\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"imported-cert\",\n KeyVaultId = exampleKeyVault.Id,\n KeyVaultCertificate = new Azure.KeyVault.Inputs.CertificateCertificateArgs\n {\n Contents = Std.Filebase64.Invoke(new()\n {\n Input = \"certificate-to-import.pfx\",\n }).Apply(invoke =\u003e invoke.Result),\n Password = \"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"certificate-to-import.pfx\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"imported-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificate: \u0026keyvault.CertificateCertificateArgs{\n\t\t\t\tContents: invokeFilebase64.Result,\n\t\t\t\tPassword: pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"imported-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificate(CertificateCertificateArgs.builder()\n .contents(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"certificate-to-import.pfx\")\n .build()).result())\n .password(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: imported-cert\n keyVaultId: ${exampleKeyVault.id}\n certificate:\n contents:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: certificate-to-import.pfx\n Return: result\n password:\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Generating a new certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"standard\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.1\"],\n keyUsages: [\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: \"CN=hello-world\",\n validityInMonths: 12,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"standard\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_key_vault.id,\n certificate_policy=azure.keyvault.CertificateCertificatePolicyArgs(\n issuer_parameters=azure.keyvault.CertificateCertificatePolicyIssuerParametersArgs(\n name=\"Self\",\n ),\n key_properties=azure.keyvault.CertificateCertificatePolicyKeyPropertiesArgs(\n exportable=True,\n key_size=2048,\n key_type=\"RSA\",\n reuse_key=True,\n ),\n lifetime_actions=[azure.keyvault.CertificateCertificatePolicyLifetimeActionArgs(\n action=azure.keyvault.CertificateCertificatePolicyLifetimeActionActionArgs(\n action_type=\"AutoRenew\",\n ),\n trigger=azure.keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs(\n days_before_expiry=30,\n ),\n )],\n secret_properties=azure.keyvault.CertificateCertificatePolicySecretPropertiesArgs(\n content_type=\"application/x-pkcs12\",\n ),\n x509_certificate_properties=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs(\n extended_key_usages=[\"1.3.6.1.5.5.7.3.1\"],\n key_usages=[\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subject_alternative_names=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs(\n dns_names=[\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n ),\n subject=\"CN=hello-world\",\n validity_in_months=12,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"standard\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.1\",\n },\n KeyUsages = new[]\n {\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = \"CN=hello-world\",\n ValidityInMonths = 12,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"standard\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.1\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"cRLSign\"),\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyAgreement\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.String(\"CN=hello-world\"),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"standard\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"generated-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.1\")\n .keyUsages( \n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(\"CN=hello-world\")\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: standard\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - Purge\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: generated-cert\n keyVaultId: ${exampleKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.1\n keyUsages:\n - cRLSign\n - dataEncipherment\n - digitalSignature\n - keyAgreement\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=hello-world\n validityInMonths: 12\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificates can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certifiate:Certifiate example \"https://example-keyvault.vault.azure.net/certificates/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
+ "description": "Manages a Key Vault Certificate.\n\n## Example Usage\n\n### Importing A PFX)\n\n\u003e **Note:** this example assumed the PFX file is located in the same directory at `certificate-to-import.pfx`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"imported-cert\",\n keyVaultId: exampleKeyVault.id,\n certificate: {\n contents: std.filebase64({\n input: \"certificate-to-import.pfx\",\n }).then(invoke =\u003e invoke.result),\n password: \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_std as std\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"imported-cert\",\n key_vault_id=example_key_vault.id,\n certificate=azure.keyvault.CertificateCertificateArgs(\n contents=std.filebase64(input=\"certificate-to-import.pfx\").result,\n password=\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"imported-cert\",\n KeyVaultId = exampleKeyVault.Id,\n KeyVaultCertificate = new Azure.KeyVault.Inputs.CertificateCertificateArgs\n {\n Contents = Std.Filebase64.Invoke(new()\n {\n Input = \"certificate-to-import.pfx\",\n }).Apply(invoke =\u003e invoke.Result),\n Password = \"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"certificate-to-import.pfx\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"imported-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificate: \u0026keyvault.CertificateCertificateArgs{\n\t\t\t\tContents: invokeFilebase64.Result,\n\t\t\t\tPassword: pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"imported-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificate(CertificateCertificateArgs.builder()\n .contents(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"certificate-to-import.pfx\")\n .build()).result())\n .password(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: imported-cert\n keyVaultId: ${exampleKeyVault.id}\n certificate:\n contents:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: certificate-to-import.pfx\n Return: result\n password:\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Generating a new certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"standard\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.1\"],\n keyUsages: [\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: \"CN=hello-world\",\n validityInMonths: 12,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"standard\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_key_vault.id,\n certificate_policy=azure.keyvault.CertificateCertificatePolicyArgs(\n issuer_parameters=azure.keyvault.CertificateCertificatePolicyIssuerParametersArgs(\n name=\"Self\",\n ),\n key_properties=azure.keyvault.CertificateCertificatePolicyKeyPropertiesArgs(\n exportable=True,\n key_size=2048,\n key_type=\"RSA\",\n reuse_key=True,\n ),\n lifetime_actions=[azure.keyvault.CertificateCertificatePolicyLifetimeActionArgs(\n action=azure.keyvault.CertificateCertificatePolicyLifetimeActionActionArgs(\n action_type=\"AutoRenew\",\n ),\n trigger=azure.keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs(\n days_before_expiry=30,\n ),\n )],\n secret_properties=azure.keyvault.CertificateCertificatePolicySecretPropertiesArgs(\n content_type=\"application/x-pkcs12\",\n ),\n x509_certificate_properties=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs(\n extended_key_usages=[\"1.3.6.1.5.5.7.3.1\"],\n key_usages=[\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subject_alternative_names=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs(\n dns_names=[\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n ),\n subject=\"CN=hello-world\",\n validity_in_months=12,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"standard\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.1\",\n },\n KeyUsages = new[]\n {\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = \"CN=hello-world\",\n ValidityInMonths = 12,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"standard\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.1\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"cRLSign\"),\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyAgreement\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.String(\"CN=hello-world\"),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"standard\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"generated-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.1\")\n .keyUsages( \n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(\"CN=hello-world\")\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: standard\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - Purge\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: generated-cert\n keyVaultId: ${exampleKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.1\n keyUsages:\n - cRLSign\n - dataEncipherment\n - digitalSignature\n - keyAgreement\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=hello-world\n validityInMonths: 12\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificates can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certifiate:Certifiate example \"https://example-keyvault.vault.azure.net/certificates/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
"properties": {
"certificate": {
"$ref": "#/types/azure:keyvault/CertifiateCertificate:CertifiateCertificate",
@@ -194437,7 +194501,7 @@
"deprecationMessage": "azure.keyvault.Certifiate has been deprecated in favor of azure.keyvault.Certificate"
},
"azure:keyvault/certificate:Certificate": {
- "description": "Manages a Key Vault Certificate.\n\n\u003c\u003c\u003c\u003c\u003c\u003c\u003c HEAD\n\u003e **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_certificates_on_destroy` for more information. \n\n=======\n\u003e\u003e\u003e\u003e\u003e\u003e\u003e 8d78c87098 (Update-documentation)\n## Example Usage\n\n### Importing A PFX)\n\n\u003e **Note:** this example assumed the PFX file is located in the same directory at `certificate-to-import.pfx`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"imported-cert\",\n keyVaultId: exampleKeyVault.id,\n certificate: {\n contents: std.filebase64({\n input: \"certificate-to-import.pfx\",\n }).then(invoke =\u003e invoke.result),\n password: \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_std as std\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"imported-cert\",\n key_vault_id=example_key_vault.id,\n certificate=azure.keyvault.CertificateCertificateArgs(\n contents=std.filebase64(input=\"certificate-to-import.pfx\").result,\n password=\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"imported-cert\",\n KeyVaultId = exampleKeyVault.Id,\n KeyVaultCertificate = new Azure.KeyVault.Inputs.CertificateCertificateArgs\n {\n Contents = Std.Filebase64.Invoke(new()\n {\n Input = \"certificate-to-import.pfx\",\n }).Apply(invoke =\u003e invoke.Result),\n Password = \"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"certificate-to-import.pfx\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"imported-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificate: \u0026keyvault.CertificateCertificateArgs{\n\t\t\t\tContents: invokeFilebase64.Result,\n\t\t\t\tPassword: pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"imported-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificate(CertificateCertificateArgs.builder()\n .contents(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"certificate-to-import.pfx\")\n .build()).result())\n .password(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: imported-cert\n keyVaultId: ${exampleKeyVault.id}\n certificate:\n contents:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: certificate-to-import.pfx\n Return: result\n password:\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Generating a new certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"standard\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.1\"],\n keyUsages: [\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: \"CN=hello-world\",\n validityInMonths: 12,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"standard\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_key_vault.id,\n certificate_policy=azure.keyvault.CertificateCertificatePolicyArgs(\n issuer_parameters=azure.keyvault.CertificateCertificatePolicyIssuerParametersArgs(\n name=\"Self\",\n ),\n key_properties=azure.keyvault.CertificateCertificatePolicyKeyPropertiesArgs(\n exportable=True,\n key_size=2048,\n key_type=\"RSA\",\n reuse_key=True,\n ),\n lifetime_actions=[azure.keyvault.CertificateCertificatePolicyLifetimeActionArgs(\n action=azure.keyvault.CertificateCertificatePolicyLifetimeActionActionArgs(\n action_type=\"AutoRenew\",\n ),\n trigger=azure.keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs(\n days_before_expiry=30,\n ),\n )],\n secret_properties=azure.keyvault.CertificateCertificatePolicySecretPropertiesArgs(\n content_type=\"application/x-pkcs12\",\n ),\n x509_certificate_properties=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs(\n extended_key_usages=[\"1.3.6.1.5.5.7.3.1\"],\n key_usages=[\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subject_alternative_names=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs(\n dns_names=[\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n ),\n subject=\"CN=hello-world\",\n validity_in_months=12,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"standard\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.1\",\n },\n KeyUsages = new[]\n {\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = \"CN=hello-world\",\n ValidityInMonths = 12,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"standard\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.1\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"cRLSign\"),\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyAgreement\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.String(\"CN=hello-world\"),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"standard\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"generated-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.1\")\n .keyUsages( \n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(\"CN=hello-world\")\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: standard\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - Purge\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: generated-cert\n keyVaultId: ${exampleKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.1\n keyUsages:\n - cRLSign\n - dataEncipherment\n - digitalSignature\n - keyAgreement\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=hello-world\n validityInMonths: 12\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificates can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certificate:Certificate example \"https://example-keyvault.vault.azure.net/certificates/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
+ "description": "Manages a Key Vault Certificate.\n\n## Example Usage\n\n### Importing A PFX)\n\n\u003e **Note:** this example assumed the PFX file is located in the same directory at `certificate-to-import.pfx`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as std from \"@pulumi/std\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"imported-cert\",\n keyVaultId: exampleKeyVault.id,\n certificate: {\n contents: std.filebase64({\n input: \"certificate-to-import.pfx\",\n }).then(invoke =\u003e invoke.result),\n password: \"\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\nimport pulumi_std as std\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"imported-cert\",\n key_vault_id=example_key_vault.id,\n certificate=azure.keyvault.CertificateCertificateArgs(\n contents=std.filebase64(input=\"certificate-to-import.pfx\").result,\n password=\"\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"imported-cert\",\n KeyVaultId = exampleKeyVault.Id,\n KeyVaultCertificate = new Azure.KeyVault.Inputs.CertificateCertificateArgs\n {\n Contents = Std.Filebase64.Invoke(new()\n {\n Input = \"certificate-to-import.pfx\",\n }).Apply(invoke =\u003e invoke.Result),\n Password = \"\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeFilebase64, err := std.Filebase64(ctx, \u0026std.Filebase64Args{\n\t\t\tInput: \"certificate-to-import.pfx\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"imported-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificate: \u0026keyvault.CertificateCertificateArgs{\n\t\t\t\tContents: invokeFilebase64.Result,\n\t\t\t\tPassword: pulumi.String(\"\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"imported-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificate(CertificateCertificateArgs.builder()\n .contents(StdFunctions.filebase64(Filebase64Args.builder()\n .input(\"certificate-to-import.pfx\")\n .build()).result())\n .password(\"\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: imported-cert\n keyVaultId: ${exampleKeyVault.id}\n certificate:\n contents:\n fn::invoke:\n Function: std:filebase64\n Arguments:\n input: certificate-to-import.pfx\n Return: result\n password:\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Generating a new certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"standard\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n keyPermissions: [\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secretPermissions: [\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n }],\n});\nconst exampleCertificate = new azure.keyvault.Certificate(\"example\", {\n name: \"generated-cert\",\n keyVaultId: exampleKeyVault.id,\n certificatePolicy: {\n issuerParameters: {\n name: \"Self\",\n },\n keyProperties: {\n exportable: true,\n keySize: 2048,\n keyType: \"RSA\",\n reuseKey: true,\n },\n lifetimeActions: [{\n action: {\n actionType: \"AutoRenew\",\n },\n trigger: {\n daysBeforeExpiry: 30,\n },\n }],\n secretProperties: {\n contentType: \"application/x-pkcs12\",\n },\n x509CertificateProperties: {\n extendedKeyUsages: [\"1.3.6.1.5.5.7.3.1\"],\n keyUsages: [\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subjectAlternativeNames: {\n dnsNames: [\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n },\n subject: \"CN=hello-world\",\n validityInMonths: 12,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"standard\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n ],\n key_permissions=[\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n ],\n secret_permissions=[\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n ],\n )])\nexample_certificate = azure.keyvault.Certificate(\"example\",\n name=\"generated-cert\",\n key_vault_id=example_key_vault.id,\n certificate_policy=azure.keyvault.CertificateCertificatePolicyArgs(\n issuer_parameters=azure.keyvault.CertificateCertificatePolicyIssuerParametersArgs(\n name=\"Self\",\n ),\n key_properties=azure.keyvault.CertificateCertificatePolicyKeyPropertiesArgs(\n exportable=True,\n key_size=2048,\n key_type=\"RSA\",\n reuse_key=True,\n ),\n lifetime_actions=[azure.keyvault.CertificateCertificatePolicyLifetimeActionArgs(\n action=azure.keyvault.CertificateCertificatePolicyLifetimeActionActionArgs(\n action_type=\"AutoRenew\",\n ),\n trigger=azure.keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs(\n days_before_expiry=30,\n ),\n )],\n secret_properties=azure.keyvault.CertificateCertificatePolicySecretPropertiesArgs(\n content_type=\"application/x-pkcs12\",\n ),\n x509_certificate_properties=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs(\n extended_key_usages=[\"1.3.6.1.5.5.7.3.1\"],\n key_usages=[\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n ],\n subject_alternative_names=azure.keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs(\n dns_names=[\n \"internal.contoso.com\",\n \"domain.hello.world\",\n ],\n ),\n subject=\"CN=hello-world\",\n validity_in_months=12,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"standard\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\",\n },\n KeyPermissions = new[]\n {\n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\",\n },\n SecretPermissions = new[]\n {\n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\",\n },\n },\n },\n });\n\n var exampleCertificate = new Azure.KeyVault.Certificate(\"example\", new()\n {\n Name = \"generated-cert\",\n KeyVaultId = exampleKeyVault.Id,\n CertificatePolicy = new Azure.KeyVault.Inputs.CertificateCertificatePolicyArgs\n {\n IssuerParameters = new Azure.KeyVault.Inputs.CertificateCertificatePolicyIssuerParametersArgs\n {\n Name = \"Self\",\n },\n KeyProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyKeyPropertiesArgs\n {\n Exportable = true,\n KeySize = 2048,\n KeyType = \"RSA\",\n ReuseKey = true,\n },\n LifetimeActions = new[]\n {\n new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionArgs\n {\n Action = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionActionArgs\n {\n ActionType = \"AutoRenew\",\n },\n Trigger = new Azure.KeyVault.Inputs.CertificateCertificatePolicyLifetimeActionTriggerArgs\n {\n DaysBeforeExpiry = 30,\n },\n },\n },\n SecretProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicySecretPropertiesArgs\n {\n ContentType = \"application/x-pkcs12\",\n },\n X509CertificateProperties = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs\n {\n ExtendedKeyUsages = new[]\n {\n \"1.3.6.1.5.5.7.3.1\",\n },\n KeyUsages = new[]\n {\n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\",\n },\n SubjectAlternativeNames = new Azure.KeyVault.Inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs\n {\n DnsNames = new[]\n {\n \"internal.contoso.com\",\n \"domain.hello.world\",\n },\n },\n Subject = \"CN=hello-world\",\n ValidityInMonths = 12,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"standard\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"DeleteIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"GetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"ListIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t\t\t\tpulumi.String(\"ManageIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"SetIssuers\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Encrypt\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Import\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\t\t\tpulumi.String(\"UnwrapKey\"),\n\t\t\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\t\t\tpulumi.String(\"Verify\"),\n\t\t\t\t\t\tpulumi.String(\"WrapKey\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Backup\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t\tpulumi.String(\"Restore\"),\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificate(ctx, \"example\", \u0026keyvault.CertificateArgs{\n\t\t\tName: pulumi.String(\"generated-cert\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tCertificatePolicy: \u0026keyvault.CertificateCertificatePolicyArgs{\n\t\t\t\tIssuerParameters: \u0026keyvault.CertificateCertificatePolicyIssuerParametersArgs{\n\t\t\t\t\tName: pulumi.String(\"Self\"),\n\t\t\t\t},\n\t\t\t\tKeyProperties: \u0026keyvault.CertificateCertificatePolicyKeyPropertiesArgs{\n\t\t\t\t\tExportable: pulumi.Bool(true),\n\t\t\t\t\tKeySize: pulumi.Int(2048),\n\t\t\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\t\t\tReuseKey: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tLifetimeActions: keyvault.CertificateCertificatePolicyLifetimeActionArray{\n\t\t\t\t\t\u0026keyvault.CertificateCertificatePolicyLifetimeActionArgs{\n\t\t\t\t\t\tAction: \u0026keyvault.CertificateCertificatePolicyLifetimeActionActionArgs{\n\t\t\t\t\t\t\tActionType: pulumi.String(\"AutoRenew\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tTrigger: \u0026keyvault.CertificateCertificatePolicyLifetimeActionTriggerArgs{\n\t\t\t\t\t\t\tDaysBeforeExpiry: pulumi.Int(30),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSecretProperties: \u0026keyvault.CertificateCertificatePolicySecretPropertiesArgs{\n\t\t\t\t\tContentType: pulumi.String(\"application/x-pkcs12\"),\n\t\t\t\t},\n\t\t\t\tX509CertificateProperties: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesArgs{\n\t\t\t\t\tExtendedKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"1.3.6.1.5.5.7.3.1\"),\n\t\t\t\t\t},\n\t\t\t\t\tKeyUsages: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"cRLSign\"),\n\t\t\t\t\t\tpulumi.String(\"dataEncipherment\"),\n\t\t\t\t\t\tpulumi.String(\"digitalSignature\"),\n\t\t\t\t\t\tpulumi.String(\"keyAgreement\"),\n\t\t\t\t\t\tpulumi.String(\"keyCertSign\"),\n\t\t\t\t\t\tpulumi.String(\"keyEncipherment\"),\n\t\t\t\t\t},\n\t\t\t\t\tSubjectAlternativeNames: \u0026keyvault.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs{\n\t\t\t\t\t\tDnsNames: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"internal.contoso.com\"),\n\t\t\t\t\t\t\tpulumi.String(\"domain.hello.world\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tSubject: pulumi.String(\"CN=hello-world\"),\n\t\t\t\t\tValidityInMonths: pulumi.Int(12),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Certificate;\nimport com.pulumi.azure.keyvault.CertificateArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyIssuerParametersArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyKeyPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicySecretPropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"standard\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions( \n \"Create\",\n \"Delete\",\n \"DeleteIssuers\",\n \"Get\",\n \"GetIssuers\",\n \"Import\",\n \"List\",\n \"ListIssuers\",\n \"ManageContacts\",\n \"ManageIssuers\",\n \"Purge\",\n \"SetIssuers\",\n \"Update\")\n .keyPermissions( \n \"Backup\",\n \"Create\",\n \"Decrypt\",\n \"Delete\",\n \"Encrypt\",\n \"Get\",\n \"Import\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Sign\",\n \"UnwrapKey\",\n \"Update\",\n \"Verify\",\n \"WrapKey\")\n .secretPermissions( \n \"Backup\",\n \"Delete\",\n \"Get\",\n \"List\",\n \"Purge\",\n \"Recover\",\n \"Restore\",\n \"Set\")\n .build())\n .build());\n\n var exampleCertificate = new Certificate(\"exampleCertificate\", CertificateArgs.builder() \n .name(\"generated-cert\")\n .keyVaultId(exampleKeyVault.id())\n .certificatePolicy(CertificateCertificatePolicyArgs.builder()\n .issuerParameters(CertificateCertificatePolicyIssuerParametersArgs.builder()\n .name(\"Self\")\n .build())\n .keyProperties(CertificateCertificatePolicyKeyPropertiesArgs.builder()\n .exportable(true)\n .keySize(2048)\n .keyType(\"RSA\")\n .reuseKey(true)\n .build())\n .lifetimeActions(CertificateCertificatePolicyLifetimeActionArgs.builder()\n .action(CertificateCertificatePolicyLifetimeActionActionArgs.builder()\n .actionType(\"AutoRenew\")\n .build())\n .trigger(CertificateCertificatePolicyLifetimeActionTriggerArgs.builder()\n .daysBeforeExpiry(30)\n .build())\n .build())\n .secretProperties(CertificateCertificatePolicySecretPropertiesArgs.builder()\n .contentType(\"application/x-pkcs12\")\n .build())\n .x509CertificateProperties(CertificateCertificatePolicyX509CertificatePropertiesArgs.builder()\n .extendedKeyUsages(\"1.3.6.1.5.5.7.3.1\")\n .keyUsages( \n \"cRLSign\",\n \"dataEncipherment\",\n \"digitalSignature\",\n \"keyAgreement\",\n \"keyCertSign\",\n \"keyEncipherment\")\n .subjectAlternativeNames(CertificateCertificatePolicyX509CertificatePropertiesSubjectAlternativeNamesArgs.builder()\n .dnsNames( \n \"internal.contoso.com\",\n \"domain.hello.world\")\n .build())\n .subject(\"CN=hello-world\")\n .validityInMonths(12)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: standard\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - Create\n - Delete\n - DeleteIssuers\n - Get\n - GetIssuers\n - Import\n - List\n - ListIssuers\n - ManageContacts\n - ManageIssuers\n - Purge\n - SetIssuers\n - Update\n keyPermissions:\n - Backup\n - Create\n - Decrypt\n - Delete\n - Encrypt\n - Get\n - Import\n - List\n - Purge\n - Recover\n - Restore\n - Sign\n - UnwrapKey\n - Update\n - Verify\n - WrapKey\n secretPermissions:\n - Backup\n - Delete\n - Get\n - List\n - Purge\n - Recover\n - Restore\n - Set\n exampleCertificate:\n type: azure:keyvault:Certificate\n name: example\n properties:\n name: generated-cert\n keyVaultId: ${exampleKeyVault.id}\n certificatePolicy:\n issuerParameters:\n name: Self\n keyProperties:\n exportable: true\n keySize: 2048\n keyType: RSA\n reuseKey: true\n lifetimeActions:\n - action:\n actionType: AutoRenew\n trigger:\n daysBeforeExpiry: 30\n secretProperties:\n contentType: application/x-pkcs12\n x509CertificateProperties:\n extendedKeyUsages:\n - 1.3.6.1.5.5.7.3.1\n keyUsages:\n - cRLSign\n - dataEncipherment\n - digitalSignature\n - keyAgreement\n - keyCertSign\n - keyEncipherment\n subjectAlternativeNames:\n dnsNames:\n - internal.contoso.com\n - domain.hello.world\n subject: CN=hello-world\n validityInMonths: 12\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificates can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certificate:Certificate example \"https://example-keyvault.vault.azure.net/certificates/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
"properties": {
"certificate": {
"$ref": "#/types/azure:keyvault/CertificateCertificate:CertificateCertificate",
@@ -194647,14 +194711,14 @@
]
},
"azure:keyvault/certificateContacts:CertificateContacts": {
- "description": "Manages Key Vault Certificate Contacts.\n\n## Disclaimers\n\n\u003e **Note:** It's possible to define Key Vault Certificate Contacts both within the `azure.keyvault.KeyVault` resource via the `contact` block and by using the `azure.keyvault.CertificateContacts` resource. However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n});\nconst exampleAccessPolicy = new azure.keyvault.AccessPolicy(\"example\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\"ManageContacts\"],\n keyPermissions: [\"Create\"],\n secretPermissions: [\"Set\"],\n});\nconst exampleCertificateContacts = new azure.keyvault.CertificateContacts(\"example\", {\n keyVaultId: exampleKeyVault.id,\n contacts: [\n {\n email: \"example@example.com\",\n name: \"example\",\n phone: \"01234567890\",\n },\n {\n email: \"example2@example.com\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\")\nexample_access_policy = azure.keyvault.AccessPolicy(\"example\",\n key_vault_id=example_key_vault.id,\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\"ManageContacts\"],\n key_permissions=[\"Create\"],\n secret_permissions=[\"Set\"])\nexample_certificate_contacts = azure.keyvault.CertificateContacts(\"example\",\n key_vault_id=example_key_vault.id,\n contacts=[\n azure.keyvault.CertificateContactsContactArgs(\n email=\"example@example.com\",\n name=\"example\",\n phone=\"01234567890\",\n ),\n azure.keyvault.CertificateContactsContactArgs(\n email=\"example2@example.com\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n });\n\n var exampleAccessPolicy = new Azure.KeyVault.AccessPolicy(\"example\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"ManageContacts\",\n },\n KeyPermissions = new[]\n {\n \"Create\",\n },\n SecretPermissions = new[]\n {\n \"Set\",\n },\n });\n\n var exampleCertificateContacts = new Azure.KeyVault.CertificateContacts(\"example\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n Contacts = new[]\n {\n new Azure.KeyVault.Inputs.CertificateContactsContactArgs\n {\n Email = \"example@example.com\",\n Name = \"example\",\n Phone = \"01234567890\",\n },\n new Azure.KeyVault.Inputs.CertificateContactsContactArgs\n {\n Email = \"example2@example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewAccessPolicy(ctx, \"example\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t},\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t},\n\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificateContacts(ctx, \"example\", \u0026keyvault.CertificateContactsArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tContacts: keyvault.CertificateContactsContactArray{\n\t\t\t\t\u0026keyvault.CertificateContactsContactArgs{\n\t\t\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tPhone: pulumi.String(\"01234567890\"),\n\t\t\t\t},\n\t\t\t\t\u0026keyvault.CertificateContactsContactArgs{\n\t\t\t\t\tEmail: pulumi.String(\"example2@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.keyvault.CertificateContacts;\nimport com.pulumi.azure.keyvault.CertificateContactsArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateContactsContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .build());\n\n var exampleAccessPolicy = new AccessPolicy(\"exampleAccessPolicy\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions(\"ManageContacts\")\n .keyPermissions(\"Create\")\n .secretPermissions(\"Set\")\n .build());\n\n var exampleCertificateContacts = new CertificateContacts(\"exampleCertificateContacts\", CertificateContactsArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .contacts( \n CertificateContactsContactArgs.builder()\n .email(\"example@example.com\")\n .name(\"example\")\n .phone(\"01234567890\")\n .build(),\n CertificateContactsContactArgs.builder()\n .email(\"example2@example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n exampleAccessPolicy:\n type: azure:keyvault:AccessPolicy\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - ManageContacts\n keyPermissions:\n - Create\n secretPermissions:\n - Set\n exampleCertificateContacts:\n type: azure:keyvault:CertificateContacts\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n contacts:\n - email: example@example.com\n name: example\n phone: '01234567890'\n - email: example2@example.com\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificate Contacts can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certificateContacts:CertificateContacts example https://example-keyvault.vault.azure.net/certificates/contacts\n```\n\n",
+ "description": "Manages Key Vault Certificate Contacts.\n\n## Disclaimers\n\n\u003c!-- TODO: Remove Note in 4.0 --\u003e\n\u003e **Note:** It's possible to define Key Vault Certificate Contacts both within the `azure.keyvault.KeyVault` resource via the `contact` block and by using the `azure.keyvault.CertificateContacts` resource. However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n});\nconst exampleAccessPolicy = new azure.keyvault.AccessPolicy(\"example\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n certificatePermissions: [\"ManageContacts\"],\n keyPermissions: [\"Create\"],\n secretPermissions: [\"Set\"],\n});\nconst exampleCertificateContacts = new azure.keyvault.CertificateContacts(\"example\", {\n keyVaultId: exampleKeyVault.id,\n contacts: [\n {\n email: \"example@example.com\",\n name: \"example\",\n phone: \"01234567890\",\n },\n {\n email: \"example2@example.com\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\")\nexample_access_policy = azure.keyvault.AccessPolicy(\"example\",\n key_vault_id=example_key_vault.id,\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n certificate_permissions=[\"ManageContacts\"],\n key_permissions=[\"Create\"],\n secret_permissions=[\"Set\"])\nexample_certificate_contacts = azure.keyvault.CertificateContacts(\"example\",\n key_vault_id=example_key_vault.id,\n contacts=[\n azure.keyvault.CertificateContactsContactArgs(\n email=\"example@example.com\",\n name=\"example\",\n phone=\"01234567890\",\n ),\n azure.keyvault.CertificateContactsContactArgs(\n email=\"example2@example.com\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n });\n\n var exampleAccessPolicy = new Azure.KeyVault.AccessPolicy(\"example\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n CertificatePermissions = new[]\n {\n \"ManageContacts\",\n },\n KeyPermissions = new[]\n {\n \"Create\",\n },\n SecretPermissions = new[]\n {\n \"Set\",\n },\n });\n\n var exampleCertificateContacts = new Azure.KeyVault.CertificateContacts(\"example\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n Contacts = new[]\n {\n new Azure.KeyVault.Inputs.CertificateContactsContactArgs\n {\n Email = \"example@example.com\",\n Name = \"example\",\n Phone = \"01234567890\",\n },\n new Azure.KeyVault.Inputs.CertificateContactsContactArgs\n {\n Email = \"example2@example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewAccessPolicy(ctx, \"example\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\tCertificatePermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ManageContacts\"),\n\t\t\t},\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t},\n\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewCertificateContacts(ctx, \"example\", \u0026keyvault.CertificateContactsArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tContacts: keyvault.CertificateContactsContactArray{\n\t\t\t\t\u0026keyvault.CertificateContactsContactArgs{\n\t\t\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tPhone: pulumi.String(\"01234567890\"),\n\t\t\t\t},\n\t\t\t\t\u0026keyvault.CertificateContactsContactArgs{\n\t\t\t\t\tEmail: pulumi.String(\"example2@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.keyvault.CertificateContacts;\nimport com.pulumi.azure.keyvault.CertificateContactsArgs;\nimport com.pulumi.azure.keyvault.inputs.CertificateContactsContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .build());\n\n var exampleAccessPolicy = new AccessPolicy(\"exampleAccessPolicy\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .certificatePermissions(\"ManageContacts\")\n .keyPermissions(\"Create\")\n .secretPermissions(\"Set\")\n .build());\n\n var exampleCertificateContacts = new CertificateContacts(\"exampleCertificateContacts\", CertificateContactsArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .contacts( \n CertificateContactsContactArgs.builder()\n .email(\"example@example.com\")\n .name(\"example\")\n .phone(\"01234567890\")\n .build(),\n CertificateContactsContactArgs.builder()\n .email(\"example2@example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n exampleAccessPolicy:\n type: azure:keyvault:AccessPolicy\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n certificatePermissions:\n - ManageContacts\n keyPermissions:\n - Create\n secretPermissions:\n - Set\n exampleCertificateContacts:\n type: azure:keyvault:CertificateContacts\n name: example\n properties:\n keyVaultId: ${exampleKeyVault.id}\n contacts:\n - email: example@example.com\n name: example\n phone: '01234567890'\n - email: example2@example.com\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Certificate Contacts can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/certificateContacts:CertificateContacts example https://example-keyvault.vault.azure.net/certificates/contacts\n```\n\n",
"properties": {
"contacts": {
"type": "array",
"items": {
"$ref": "#/types/azure:keyvault/CertificateContactsContact:CertificateContactsContact"
},
- "description": "One or more `contact` blocks as defined below.\n"
+ "description": "One or more `contact` blocks as defined below.\n--\u003e\n"
},
"keyVaultId": {
"type": "string",
@@ -194671,7 +194735,7 @@
"items": {
"$ref": "#/types/azure:keyvault/CertificateContactsContact:CertificateContactsContact"
},
- "description": "One or more `contact` blocks as defined below.\n"
+ "description": "One or more `contact` blocks as defined below.\n--\u003e\n"
},
"keyVaultId": {
"type": "string",
@@ -194691,7 +194755,7 @@
"items": {
"$ref": "#/types/azure:keyvault/CertificateContactsContact:CertificateContactsContact"
},
- "description": "One or more `contact` blocks as defined below.\n"
+ "description": "One or more `contact` blocks as defined below.\n--\u003e\n"
},
"keyVaultId": {
"type": "string",
@@ -195102,7 +195166,8 @@
"items": {
"$ref": "#/types/azure:keyvault/KeyVaultContact:KeyVaultContact"
},
- "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n"
+ "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n",
+ "deprecationMessage": "As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `azure.keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider."
},
"enableRbacAuthorization": {
"type": "boolean",
@@ -195150,7 +195215,7 @@
},
"softDeleteRetentionDays": {
"type": "integer",
- "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n"
+ "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n\n\u003c!-- TODO: Remove `contact` and Notes in 4.0 --\u003e\n"
},
"tags": {
"type": "object",
@@ -195170,6 +195235,7 @@
},
"required": [
"accessPolicies",
+ "contacts",
"location",
"name",
"networkAcls",
@@ -195191,7 +195257,8 @@
"items": {
"$ref": "#/types/azure:keyvault/KeyVaultContact:KeyVaultContact"
},
- "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n"
+ "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n",
+ "deprecationMessage": "As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `azure.keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider."
},
"enableRbacAuthorization": {
"type": "boolean",
@@ -195242,7 +195309,7 @@
},
"softDeleteRetentionDays": {
"type": "integer",
- "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n"
+ "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n\n\u003c!-- TODO: Remove `contact` and Notes in 4.0 --\u003e\n"
},
"tags": {
"type": "object",
@@ -195276,7 +195343,8 @@
"items": {
"$ref": "#/types/azure:keyvault/KeyVaultContact:KeyVaultContact"
},
- "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n"
+ "description": "One or more `contact` block as defined below.\n\n\u003e **Note:** This field can only be set once user has `managecontacts` certificate permission.\n\n\u003e **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.\n",
+ "deprecationMessage": "As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `azure.keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider."
},
"enableRbacAuthorization": {
"type": "boolean",
@@ -195327,7 +195395,7 @@
},
"softDeleteRetentionDays": {
"type": "integer",
- "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n"
+ "description": "The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.\n\n\u003e **Note:** This field can only be configured one time and cannot be updated.\n\n\u003c!-- TODO: Remove `contact` and Notes in 4.0 --\u003e\n"
},
"tags": {
"type": "object",
@@ -196055,7 +196123,7 @@
}
},
"azure:keyvault/secret:Secret": {
- "description": "Manages a Key Vault Secret.\n\n\u003c\u003c\u003c\u003c\u003c\u003c\u003c HEAD\n\u003e **Note:** All arguments including the secret value will be stored in the raw state as plain-text.\n[Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).\n\n\u003e **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_secrets_on_destroy` for more information.\n\n=======\n\u003e\u003e\u003e\u003e\u003e\u003e\u003e 8d78c87098 (Update-documentation)\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n keyPermissions: [\n \"Create\",\n \"Get\",\n ],\n secretPermissions: [\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n ],\n }],\n});\nconst exampleSecret = new azure.keyvault.Secret(\"example\", {\n name: \"secret-sauce\",\n value: \"szechuan\",\n keyVaultId: exampleKeyVault.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n key_permissions=[\n \"Create\",\n \"Get\",\n ],\n secret_permissions=[\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n ],\n )])\nexample_secret = azure.keyvault.Secret(\"example\",\n name=\"secret-sauce\",\n value=\"szechuan\",\n key_vault_id=example_key_vault.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Get\",\n },\n SecretPermissions = new[]\n {\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n },\n },\n },\n });\n\n var exampleSecret = new Azure.KeyVault.Secret(\"example\", new()\n {\n Name = \"secret-sauce\",\n Value = \"szechuan\",\n KeyVaultId = exampleKeyVault.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewSecret(ctx, \"example\", \u0026keyvault.SecretArgs{\n\t\t\tName: pulumi.String(\"secret-sauce\"),\n\t\t\tValue: pulumi.String(\"szechuan\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Secret;\nimport com.pulumi.azure.keyvault.SecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .keyPermissions( \n \"Create\",\n \"Get\")\n .secretPermissions( \n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\")\n .build())\n .build());\n\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder() \n .name(\"secret-sauce\")\n .value(\"szechuan\")\n .keyVaultId(exampleKeyVault.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n keyPermissions:\n - Create\n - Get\n secretPermissions:\n - Set\n - Get\n - Delete\n - Purge\n - Recover\n exampleSecret:\n type: azure:keyvault:Secret\n name: example\n properties:\n name: secret-sauce\n value: szechuan\n keyVaultId: ${exampleKeyVault.id}\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Secrets which are Enabled can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/secret:Secret example \"https://example-keyvault.vault.azure.net/secrets/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
+ "description": "Manages a Key Vault Secret.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst example = new azure.core.ResourceGroup(\"example\", {\n name: \"example-resources\",\n location: \"West Europe\",\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"example\", {\n name: \"examplekeyvault\",\n location: example.location,\n resourceGroupName: example.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n softDeleteRetentionDays: 7,\n accessPolicies: [{\n tenantId: current.then(current =\u003e current.tenantId),\n objectId: current.then(current =\u003e current.objectId),\n keyPermissions: [\n \"Create\",\n \"Get\",\n ],\n secretPermissions: [\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n ],\n }],\n});\nconst exampleSecret = new azure.keyvault.Secret(\"example\", {\n name: \"secret-sauce\",\n value: \"szechuan\",\n keyVaultId: exampleKeyVault.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample = azure.core.ResourceGroup(\"example\",\n name=\"example-resources\",\n location=\"West Europe\")\nexample_key_vault = azure.keyvault.KeyVault(\"example\",\n name=\"examplekeyvault\",\n location=example.location,\n resource_group_name=example.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n soft_delete_retention_days=7,\n access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(\n tenant_id=current.tenant_id,\n object_id=current.object_id,\n key_permissions=[\n \"Create\",\n \"Get\",\n ],\n secret_permissions=[\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n ],\n )])\nexample_secret = azure.keyvault.Secret(\"example\",\n name=\"secret-sauce\",\n value=\"szechuan\",\n key_vault_id=example_key_vault.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Name = \"example-resources\",\n Location = \"West Europe\",\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"example\", new()\n {\n Name = \"examplekeyvault\",\n Location = example.Location,\n ResourceGroupName = example.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n SoftDeleteRetentionDays = 7,\n AccessPolicies = new[]\n {\n new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs\n {\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Get\",\n },\n SecretPermissions = new[]\n {\n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\",\n },\n },\n },\n });\n\n var exampleSecret = new Azure.KeyVault.Secret(\"example\", new()\n {\n Name = \"secret-sauce\",\n Value = \"szechuan\",\n KeyVaultId = exampleKeyVault.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tName: pulumi.String(\"example-resources\"),\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"example\", \u0026keyvault.KeyVaultArgs{\n\t\t\tName: pulumi.String(\"examplekeyvault\"),\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t\tAccessPolicies: keyvault.KeyVaultAccessPolicyArray{\n\t\t\t\t\u0026keyvault.KeyVaultAccessPolicyArgs{\n\t\t\t\t\tTenantId: pulumi.String(current.TenantId),\n\t\t\t\t\tObjectId: pulumi.String(current.ObjectId),\n\t\t\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecretPermissions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Set\"),\n\t\t\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = keyvault.NewSecret(ctx, \"example\", \u0026keyvault.SecretArgs{\n\t\t\tName: pulumi.String(\"secret-sauce\"),\n\t\t\tValue: pulumi.String(\"szechuan\"),\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Secret;\nimport com.pulumi.azure.keyvault.SecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .name(\"example-resources\")\n .location(\"West Europe\")\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .name(\"examplekeyvault\")\n .location(example.location())\n .resourceGroupName(example.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .softDeleteRetentionDays(7)\n .accessPolicies(KeyVaultAccessPolicyArgs.builder()\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .keyPermissions( \n \"Create\",\n \"Get\")\n .secretPermissions( \n \"Set\",\n \"Get\",\n \"Delete\",\n \"Purge\",\n \"Recover\")\n .build())\n .build());\n\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder() \n .name(\"secret-sauce\")\n .value(\"szechuan\")\n .keyVaultId(exampleKeyVault.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n name: example-resources\n location: West Europe\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n name: example\n properties:\n name: examplekeyvault\n location: ${example.location}\n resourceGroupName: ${example.name}\n tenantId: ${current.tenantId}\n skuName: premium\n softDeleteRetentionDays: 7\n accessPolicies:\n - tenantId: ${current.tenantId}\n objectId: ${current.objectId}\n keyPermissions:\n - Create\n - Get\n secretPermissions:\n - Set\n - Get\n - Delete\n - Purge\n - Recover\n exampleSecret:\n type: azure:keyvault:Secret\n name: example\n properties:\n name: secret-sauce\n value: szechuan\n keyVaultId: ${exampleKeyVault.id}\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKey Vault Secrets which are Enabled can be imported using the `resource id`, e.g.\n\n```sh\n$ pulumi import azure:keyvault/secret:Secret example \"https://example-keyvault.vault.azure.net/secrets/example/fdf067c93bbb4b22bff4d8b7a9a56217\"\n```\n\n",
"properties": {
"contentType": {
"type": "string",
@@ -245252,7 +245320,7 @@
},
"objectIdAlias": {
"type": "string",
- "description": "The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n"
+ "description": "The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n"
},
"redisCacheId": {
"type": "string",
@@ -245284,7 +245352,7 @@
},
"objectIdAlias": {
"type": "string",
- "description": "The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n",
+ "description": "The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n",
"willReplaceOnChanges": true
},
"redisCacheId": {
@@ -245319,7 +245387,7 @@
},
"objectIdAlias": {
"type": "string",
- "description": "The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n",
+ "description": "The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.\n",
"willReplaceOnChanges": true
},
"redisCacheId": {
@@ -259586,7 +259654,7 @@
},
"queueProperties": {
"$ref": "#/types/azure:storage/AccountQueueProperties:AccountQueueProperties",
- "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`\n"
+ "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -259753,7 +259821,7 @@
},
"shareProperties": {
"$ref": "#/types/azure:storage/AccountShareProperties:AccountShareProperties",
- "description": "A `share_properties` block as defined below.\n"
+ "description": "A `share_properties` block as defined below.\n\n\u003e **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.\n"
},
"sharedAccessKeyEnabled": {
"type": "boolean"
@@ -259985,7 +260053,7 @@
},
"queueProperties": {
"$ref": "#/types/azure:storage/AccountQueueProperties:AccountQueueProperties",
- "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`\n"
+ "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -260006,7 +260074,7 @@
},
"shareProperties": {
"$ref": "#/types/azure:storage/AccountShareProperties:AccountShareProperties",
- "description": "A `share_properties` block as defined below.\n"
+ "description": "A `share_properties` block as defined below.\n\n\u003e **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.\n"
},
"sharedAccessKeyEnabled": {
"type": "boolean"
@@ -260307,7 +260375,7 @@
},
"queueProperties": {
"$ref": "#/types/azure:storage/AccountQueueProperties:AccountQueueProperties",
- "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`\n"
+ "description": "A `queue_properties` block as defined below.\n\n\u003e **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.\n"
},
"resourceGroupName": {
"type": "string",
@@ -260475,7 +260543,7 @@
},
"shareProperties": {
"$ref": "#/types/azure:storage/AccountShareProperties:AccountShareProperties",
- "description": "A `share_properties` block as defined below.\n"
+ "description": "A `share_properties` block as defined below.\n\n\u003e **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.\n"
},
"sharedAccessKeyEnabled": {
"type": "boolean"
@@ -260653,6 +260721,10 @@
"type": "string",
"description": "The content type of the storage blob. Cannot be defined if `source_uri` is defined. Defaults to `application/octet-stream`.\n"
},
+ "encryptionScope": {
+ "type": "string",
+ "description": "The encryption scope to use for this blob.\n"
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -260728,6 +260800,11 @@
"type": "string",
"description": "The content type of the storage blob. Cannot be defined if `source_uri` is defined. Defaults to `application/octet-stream`.\n"
},
+ "encryptionScope": {
+ "type": "string",
+ "description": "The encryption scope to use for this blob.\n",
+ "willReplaceOnChanges": true
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -260806,6 +260883,11 @@
"type": "string",
"description": "The content type of the storage blob. Cannot be defined if `source_uri` is defined. Defaults to `application/octet-stream`.\n"
},
+ "encryptionScope": {
+ "type": "string",
+ "description": "The encryption scope to use for this blob.\n",
+ "willReplaceOnChanges": true
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -260929,6 +261011,14 @@
"type": "string",
"description": "The Access Level configured for this Container. Possible values are `blob`, `container` or `private`. Defaults to `private`.\n\n\u003e **Note** When updating `container_access_type` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.\n"
+ },
+ "encryptionScopeOverrideEnabled": {
+ "type": "boolean",
+ "description": "Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.\n"
+ },
"hasImmutabilityPolicy": {
"type": "boolean",
"description": "Is there an Immutability Policy configured on this Storage Container?\n"
@@ -260958,6 +261048,7 @@
}
},
"required": [
+ "defaultEncryptionScope",
"hasImmutabilityPolicy",
"hasLegalHold",
"metadata",
@@ -260970,6 +261061,16 @@
"type": "string",
"description": "The Access Level configured for this Container. Possible values are `blob`, `container` or `private`. Defaults to `private`.\n\n\u003e **Note** When updating `container_access_type` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
+ "encryptionScopeOverrideEnabled": {
+ "type": "boolean",
+ "description": "Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -260998,6 +261099,16 @@
"type": "string",
"description": "The Access Level configured for this Container. Possible values are `blob`, `container` or `private`. Defaults to `private`.\n\n\u003e **Note** When updating `container_access_type` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
+ "encryptionScopeOverrideEnabled": {
+ "type": "boolean",
+ "description": "Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
"hasImmutabilityPolicy": {
"type": "boolean",
"description": "Is there an Immutability Policy configured on this Storage Container?\n"
@@ -261146,6 +261257,10 @@
},
"description": "One or more `ace` blocks as defined below to specify the entries for the ACL for the path.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.\n"
+ },
"group": {
"type": "string",
"description": "Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.\n\n\u003e **NOTE:** The Storage Account requires `account_kind` to be either `StorageV2` or `BlobStorage`. In addition, `is_hns_enabled` has to be set to `true`.\n"
@@ -261172,6 +261287,7 @@
},
"required": [
"aces",
+ "defaultEncryptionScope",
"group",
"name",
"owner",
@@ -261185,6 +261301,11 @@
},
"description": "One or more `ace` blocks as defined below to specify the entries for the ACL for the path.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
"group": {
"type": "string",
"description": "Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.\n\n\u003e **NOTE:** The Storage Account requires `account_kind` to be either `StorageV2` or `BlobStorage`. In addition, `is_hns_enabled` has to be set to `true`.\n"
@@ -261224,6 +261345,11 @@
},
"description": "One or more `ace` blocks as defined below to specify the entries for the ACL for the path.\n"
},
+ "defaultEncryptionScope": {
+ "type": "string",
+ "description": "The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.\n",
+ "willReplaceOnChanges": true
+ },
"group": {
"type": "string",
"description": "Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.\n\n\u003e **NOTE:** The Storage Account requires `account_kind` to be either `StorageV2` or `BlobStorage`. In addition, `is_hns_enabled` has to be set to `true`.\n"
@@ -263268,6 +263394,9 @@
"contentType": {
"type": "string"
},
+ "encryptionScope": {
+ "type": "string"
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -263329,6 +263458,10 @@
"contentType": {
"type": "string"
},
+ "encryptionScope": {
+ "type": "string",
+ "willReplaceOnChanges": true
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -263393,6 +263526,10 @@
"contentType": {
"type": "string"
},
+ "encryptionScope": {
+ "type": "string",
+ "willReplaceOnChanges": true
+ },
"metadata": {
"type": "object",
"additionalProperties": {
@@ -270974,7 +271111,7 @@
},
"capacity": {
"type": "integer",
- "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.\n"
+ "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.\n\n\u003e **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.\n"
},
"externalIp": {
"type": "string",
@@ -271042,7 +271179,7 @@
},
"sku": {
"type": "string",
- "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.\n"
+ "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.\n"
},
"tags": {
"type": "object",
@@ -271081,7 +271218,7 @@
},
"capacity": {
"type": "integer",
- "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.\n"
+ "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.\n\n\u003e **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.\n"
},
"identity": {
"$ref": "#/types/azure:webpubsub/ServiceIdentity:ServiceIdentity",
@@ -271116,7 +271253,7 @@
},
"sku": {
"type": "string",
- "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.\n"
+ "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.\n"
},
"tags": {
"type": "object",
@@ -271143,7 +271280,7 @@
},
"capacity": {
"type": "integer",
- "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.\n"
+ "description": "Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.\n\n\u003e **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.\n"
},
"externalIp": {
"type": "string",
@@ -271214,7 +271351,7 @@
},
"sku": {
"type": "string",
- "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.\n"
+ "description": "Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.\n"
},
"tags": {
"type": "object",
@@ -281904,6 +282041,10 @@
"outputs": {
"description": "A collection of values returned by getAccount.\n",
"properties": {
+ "automaticFailoverEnabled": {
+ "description": "If automatic failover is enabled for this CosmosDB Account.\n",
+ "type": "boolean"
+ },
"capabilities": {
"description": "Capabilities enabled on this Cosmos DB account.\n",
"items": {
@@ -281912,7 +282053,7 @@
"type": "array"
},
"connectionStrings": {
- "description": "A list of connection strings available for this CosmosDB account.\n",
+ "deprecationMessage": "This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider",
"items": {
"type": "string"
},
@@ -281926,21 +282067,25 @@
"type": "array"
},
"enableAutomaticFailover": {
- "description": "If automatic failover is enabled for this CosmosDB Account.\n",
+ "deprecationMessage": "This property has been renamed to `automatic_failover_enabled` and will be removed in v4.0 of the AzureRM provider",
"type": "boolean"
},
"enableFreeTier": {
- "description": "If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.\n",
+ "deprecationMessage": "This property has been renamed to `free_tier_enabled` and will be removed in v4.0 of the AzureRM provider",
"type": "boolean"
},
"enableMultipleWriteLocations": {
- "description": "If multiple write locations are enabled for this Cosmos DB account.\n",
+ "deprecationMessage": "This property has been renamed to `multiple_write_locations_enabled` and will be removed in v4.0 of the AzureRM provider",
"type": "boolean"
},
"endpoint": {
"description": "The endpoint used to connect to the CosmosDB account.\n",
"type": "string"
},
+ "freeTierEnabled": {
+ "description": "If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.\n",
+ "type": "boolean"
+ },
"geoLocations": {
"items": {
"$ref": "#/types/azure:cosmosdb/getAccountGeoLocation:getAccountGeoLocation"
@@ -281971,6 +282116,10 @@
"description": "The name of the Azure region hosting replicated data.\n",
"type": "string"
},
+ "multipleWriteLocationsEnabled": {
+ "description": "If multiple write locations are enabled for this Cosmos DB account.\n",
+ "type": "boolean"
+ },
"name": {
"type": "string"
},
@@ -282071,6 +282220,7 @@
}
},
"required": [
+ "automaticFailoverEnabled",
"capabilities",
"connectionStrings",
"consistencyPolicies",
@@ -282078,12 +282228,14 @@
"enableFreeTier",
"enableMultipleWriteLocations",
"endpoint",
+ "freeTierEnabled",
"geoLocations",
"ipRangeFilter",
"isVirtualNetworkFilterEnabled",
"keyVaultKeyId",
"kind",
"location",
+ "multipleWriteLocationsEnabled",
"name",
"offerType",
"primaryKey",
@@ -294857,6 +295009,7 @@
"type": "string"
},
"ipPrefix": {
+ "description": "The Public IP address range, in CIDR notation.\n",
"type": "string"
},
"location": {
@@ -294864,7 +295017,6 @@
"type": "string"
},
"name": {
- "description": "The name of the Public IP prefix resource.\n",
"type": "string"
},
"prefixLength": {
@@ -294872,7 +295024,6 @@
"type": "integer"
},
"resourceGroupName": {
- "description": "The name of the resource group in which to create the public IP.\n",
"type": "string"
},
"sku": {
@@ -301820,6 +301971,10 @@
"description": "The content type of the storage blob.\n",
"type": "string"
},
+ "encryptionScope": {
+ "description": "The encryption scope for this blob.\n",
+ "type": "string"
+ },
"id": {
"description": "The provider-assigned unique ID for this managed resource.\n",
"type": "string"
@@ -301853,6 +302008,7 @@
"accessTier",
"contentMd5",
"contentType",
+ "encryptionScope",
"metadata",
"name",
"storageAccountName",
@@ -302119,6 +302275,14 @@
"description": "The Access Level configured for this Container.\n",
"type": "string"
},
+ "defaultEncryptionScope": {
+ "description": "The default encryption scope in use for blobs uploaded to this container.\n",
+ "type": "string"
+ },
+ "encryptionScopeOverrideEnabled": {
+ "description": "Whether blobs are allowed to override the default encryption scope for this container.\n",
+ "type": "boolean"
+ },
"hasImmutabilityPolicy": {
"description": "Is there an Immutability Policy configured on this Storage Container?\n",
"type": "boolean"
@@ -302151,6 +302315,8 @@
},
"required": [
"containerAccessType",
+ "defaultEncryptionScope",
+ "encryptionScopeOverrideEnabled",
"hasImmutabilityPolicy",
"hasLegalHold",
"metadata",
diff --git a/provider/go.mod b/provider/go.mod
index 4d771884b4..4404348774 100644
--- a/provider/go.mod
+++ b/provider/go.mod
@@ -6,7 +6,7 @@ toolchain go1.21.3
require (
github.com/Azure/go-autorest/autorest/azure/cli v0.4.6
- github.com/hashicorp/go-azure-sdk/sdk v0.20240402.1085733
+ github.com/hashicorp/go-azure-sdk/sdk v0.20240411.1104331
github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0
github.com/hashicorp/terraform-provider-azurerm v1.44.1-0.20220923005104-eaa801c358ff
github.com/pulumi/providertest v0.0.11
@@ -124,7 +124,7 @@ require (
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-azure-helpers v0.67.0 // indirect
- github.com/hashicorp/go-azure-sdk/resource-manager v0.20240402.1085733 // indirect
+ github.com/hashicorp/go-azure-sdk/resource-manager v0.20240411.1104331 // indirect
github.com/hashicorp/go-checkpoint v0.5.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect
@@ -228,7 +228,7 @@ require (
github.com/spf13/cobra v1.8.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/texttheater/golang-levenshtein v1.0.1 // indirect
- github.com/tombuildsstuff/giovanni v0.25.4 // indirect
+ github.com/tombuildsstuff/giovanni v0.26.1 // indirect
github.com/tombuildsstuff/kermit v0.20240122.1123108 // indirect
github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect
github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
diff --git a/provider/go.sum b/provider/go.sum
index 3302ed05d0..f6716898c7 100644
--- a/provider/go.sum
+++ b/provider/go.sum
@@ -2169,10 +2169,10 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-azure-helpers v0.67.0 h1:0RY6mY3W3Ym2I+jExLtyLx96fh6p5n9vidqisAKGUSE=
github.com/hashicorp/go-azure-helpers v0.67.0/go.mod h1:S4Bu66vyJvHA0trqHQB0YVGsISuF7HMH9tyEsMVlx8A=
-github.com/hashicorp/go-azure-sdk/resource-manager v0.20240402.1085733 h1:DVlpK94z/cUY65wtQFWUAjZnLgQRQQy7NwJW/RAd4v8=
-github.com/hashicorp/go-azure-sdk/resource-manager v0.20240402.1085733/go.mod h1:v/vma+KYHsYCX2CmmefB+XO77SOh0rcWqqeHq1Kec2M=
-github.com/hashicorp/go-azure-sdk/sdk v0.20240402.1085733 h1:d5ckUwgcqa5R78G5yqg8wDHqAhppJCjZStyHIif5SKo=
-github.com/hashicorp/go-azure-sdk/sdk v0.20240402.1085733/go.mod h1:POOjeoqNp+mvlLBuibJTziUAkBZ7FxXGeGestwemL/w=
+github.com/hashicorp/go-azure-sdk/resource-manager v0.20240411.1104331 h1:B6CaXKPRlckMFv6olNDIiVEnM5igZgmTF/ycugEatJk=
+github.com/hashicorp/go-azure-sdk/resource-manager v0.20240411.1104331/go.mod h1:JAEN43cznhbtPV1LJ3xhW5K6XigKVY8vhyZvlUsKub0=
+github.com/hashicorp/go-azure-sdk/sdk v0.20240411.1104331 h1:LYQI0A1rWPjrMa0J8N8MA5ZjFfHNaVpoPY1vmzrS/C8=
+github.com/hashicorp/go-azure-sdk/sdk v0.20240411.1104331/go.mod h1:POOjeoqNp+mvlLBuibJTziUAkBZ7FxXGeGestwemL/w=
github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU=
github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg=
github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
@@ -3018,8 +3018,8 @@ github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6
github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tombuildsstuff/giovanni v0.25.4 h1:BVFNZVbQZwoYQepxnnnPFn72k12SEkMh8QGUx+S3eag=
-github.com/tombuildsstuff/giovanni v0.25.4/go.mod h1:s7xbU2lN5Iz9MBglmDDv9p2QPbn6x3UkJBtpCfUerLs=
+github.com/tombuildsstuff/giovanni v0.26.1 h1:RZgnpyIHtgw0GXYpw3xttNk35obJNoI1hztCZsh/Djo=
+github.com/tombuildsstuff/giovanni v0.26.1/go.mod h1:s7xbU2lN5Iz9MBglmDDv9p2QPbn6x3UkJBtpCfUerLs=
github.com/tombuildsstuff/kermit v0.20240122.1123108 h1:icQaxsv/ANv/KC4Sr0V1trrWA/XIL+3QAVBDpiSTgj8=
github.com/tombuildsstuff/kermit v0.20240122.1123108/go.mod h1:T3YBVFhRV4qA7SbnRaNE6eapIMpKDA9rG/V7Ocsjlno=
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
diff --git a/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsArgs.cs b/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsArgs.cs
index 873d1ab656..d5045f9b7f 100644
--- a/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsArgs.cs
@@ -13,7 +13,7 @@ namespace Pulumi.Azure.AppService.Inputs
public sealed class LinuxWebAppLogsHttpLogsArgs : global::Pulumi.ResourceArgs
{
///
- /// A `azure_blob_storage_http` block as defined below.
+ /// A `azure_blob_storage_http` block as defined above.
///
[Input("azureBlobStorage")]
public Input? AzureBlobStorage { get; set; }
diff --git a/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsGetArgs.cs b/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsGetArgs.cs
index 2aff6f978f..392c4b4f39 100644
--- a/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsGetArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/LinuxWebAppLogsHttpLogsGetArgs.cs
@@ -13,7 +13,7 @@ namespace Pulumi.Azure.AppService.Inputs
public sealed class LinuxWebAppLogsHttpLogsGetArgs : global::Pulumi.ResourceArgs
{
///
- /// A `azure_blob_storage_http` block as defined below.
+ /// A `azure_blob_storage_http` block as defined above.
///
[Input("azureBlobStorage")]
public Input? AzureBlobStorage { get; set; }
diff --git a/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackArgs.cs b/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackArgs.cs
index bea2a39eb8..4f81686b1c 100644
--- a/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackArgs.cs
@@ -84,6 +84,8 @@ public Input? DockerRegistryPassword
/// The Version of Java to use. Possible values include `8`, `11`, and `17`.
///
/// > **NOTE:** The valid version combinations for `java_version`, `java_server` and `java_server_version` can be checked from the command line via `az webapp list-runtimes --linux`.
+ ///
+ /// > **NOTE:** `java_server`, `java_server_version`, and `java_version` must all be specified if building a java app
///
[Input("javaVersion")]
public Input? JavaVersion { get; set; }
diff --git a/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackGetArgs.cs b/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackGetArgs.cs
index 6f4adf32e1..061613336c 100644
--- a/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackGetArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/LinuxWebAppSiteConfigApplicationStackGetArgs.cs
@@ -84,6 +84,8 @@ public Input? DockerRegistryPassword
/// The Version of Java to use. Possible values include `8`, `11`, and `17`.
///
/// > **NOTE:** The valid version combinations for `java_version`, `java_server` and `java_server_version` can be checked from the command line via `az webapp list-runtimes --linux`.
+ ///
+ /// > **NOTE:** `java_server`, `java_server_version`, and `java_version` must all be specified if building a java app
///
[Input("javaVersion")]
public Input? JavaVersion { get; set; }
diff --git a/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsArgs.cs b/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsArgs.cs
index 7dcfae240f..f023b9d0d5 100644
--- a/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsArgs.cs
@@ -13,7 +13,7 @@ namespace Pulumi.Azure.AppService.Inputs
public sealed class WindowsWebAppLogsHttpLogsArgs : global::Pulumi.ResourceArgs
{
///
- /// A `azure_blob_storage_http` block as defined above.
+ /// A `azure_blob_storage_http` block as defined below.
///
[Input("azureBlobStorage")]
public Input? AzureBlobStorage { get; set; }
diff --git a/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsGetArgs.cs b/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsGetArgs.cs
index b4dab705ff..cf1d4c3fd7 100644
--- a/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsGetArgs.cs
+++ b/sdk/dotnet/AppService/Inputs/WindowsWebAppLogsHttpLogsGetArgs.cs
@@ -13,7 +13,7 @@ namespace Pulumi.Azure.AppService.Inputs
public sealed class WindowsWebAppLogsHttpLogsGetArgs : global::Pulumi.ResourceArgs
{
///
- /// A `azure_blob_storage_http` block as defined above.
+ /// A `azure_blob_storage_http` block as defined below.
///
[Input("azureBlobStorage")]
public Input? AzureBlobStorage { get; set; }
diff --git a/sdk/dotnet/AppService/Outputs/LinuxWebAppLogsHttpLogs.cs b/sdk/dotnet/AppService/Outputs/LinuxWebAppLogsHttpLogs.cs
index e967a5f462..411677e498 100644
--- a/sdk/dotnet/AppService/Outputs/LinuxWebAppLogsHttpLogs.cs
+++ b/sdk/dotnet/AppService/Outputs/LinuxWebAppLogsHttpLogs.cs
@@ -14,7 +14,7 @@ namespace Pulumi.Azure.AppService.Outputs
public sealed class LinuxWebAppLogsHttpLogs
{
///
- /// A `azure_blob_storage_http` block as defined below.
+ /// A `azure_blob_storage_http` block as defined above.
///
public readonly Outputs.LinuxWebAppLogsHttpLogsAzureBlobStorage? AzureBlobStorage;
///
diff --git a/sdk/dotnet/AppService/Outputs/LinuxWebAppSiteConfigApplicationStack.cs b/sdk/dotnet/AppService/Outputs/LinuxWebAppSiteConfigApplicationStack.cs
index 6b3f122ecc..d993adb3ef 100644
--- a/sdk/dotnet/AppService/Outputs/LinuxWebAppSiteConfigApplicationStack.cs
+++ b/sdk/dotnet/AppService/Outputs/LinuxWebAppSiteConfigApplicationStack.cs
@@ -55,6 +55,8 @@ public sealed class LinuxWebAppSiteConfigApplicationStack
/// The Version of Java to use. Possible values include `8`, `11`, and `17`.
///
/// > **NOTE:** The valid version combinations for `java_version`, `java_server` and `java_server_version` can be checked from the command line via `az webapp list-runtimes --linux`.
+ ///
+ /// > **NOTE:** `java_server`, `java_server_version`, and `java_version` must all be specified if building a java app
///
public readonly string? JavaVersion;
///
diff --git a/sdk/dotnet/AppService/Outputs/WindowsWebAppLogsHttpLogs.cs b/sdk/dotnet/AppService/Outputs/WindowsWebAppLogsHttpLogs.cs
index 426ebb0d6c..b475f0d7ae 100644
--- a/sdk/dotnet/AppService/Outputs/WindowsWebAppLogsHttpLogs.cs
+++ b/sdk/dotnet/AppService/Outputs/WindowsWebAppLogsHttpLogs.cs
@@ -14,7 +14,7 @@ namespace Pulumi.Azure.AppService.Outputs
public sealed class WindowsWebAppLogsHttpLogs
{
///
- /// A `azure_blob_storage_http` block as defined above.
+ /// A `azure_blob_storage_http` block as defined below.
///
public readonly Outputs.WindowsWebAppLogsHttpLogsAzureBlobStorage? AzureBlobStorage;
///
diff --git a/sdk/dotnet/Bot/ServiceAzureBot.cs b/sdk/dotnet/Bot/ServiceAzureBot.cs
index daefc7439d..ddb8bc2518 100644
--- a/sdk/dotnet/Bot/ServiceAzureBot.cs
+++ b/sdk/dotnet/Bot/ServiceAzureBot.cs
@@ -183,7 +183,7 @@ public partial class ServiceAzureBot : global::Pulumi.CustomResource
public Output Name { get; private set; } = null!;
///
- /// Whether public network access is allowed for this server. Defaults to `true`.
+ /// Whether public network access is enabled. Defaults to `true`.
///
[Output("publicNetworkAccessEnabled")]
public Output PublicNetworkAccessEnabled { get; private set; } = null!;
@@ -388,7 +388,7 @@ public Input? LuisKey
public Input? Name { get; set; }
///
- /// Whether public network access is allowed for this server. Defaults to `true`.
+ /// Whether public network access is enabled. Defaults to `true`.
///
[Input("publicNetworkAccessEnabled")]
public Input? PublicNetworkAccessEnabled { get; set; }
@@ -556,7 +556,7 @@ public Input? LuisKey
public Input? Name { get; set; }
///
- /// Whether public network access is allowed for this server. Defaults to `true`.
+ /// Whether public network access is enabled. Defaults to `true`.
///
[Input("publicNetworkAccessEnabled")]
public Input? PublicNetworkAccessEnabled { get; set; }
diff --git a/sdk/dotnet/ChaosStudio/Target.cs b/sdk/dotnet/ChaosStudio/Target.cs
index 972e2d7369..19ee261e3d 100644
--- a/sdk/dotnet/ChaosStudio/Target.cs
+++ b/sdk/dotnet/ChaosStudio/Target.cs
@@ -14,6 +14,56 @@ namespace Pulumi.Azure.ChaosStudio
///
/// Manages a Chaos Studio Target.
///
+ /// ## Example Usage
+ ///
+ /// <!--Start PulumiCodeChooser -->
+ /// ```csharp
+ /// using System.Collections.Generic;
+ /// using System.Linq;
+ /// using Pulumi;
+ /// using Azure = Pulumi.Azure;
+ ///
+ /// return await Deployment.RunAsync(() =>
+ /// {
+ /// var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
+ /// {
+ /// Name = "example-resources",
+ /// Location = "West Europe",
+ /// });
+ ///
+ /// var example = new Azure.ContainerService.KubernetesCluster("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// DnsPrefix = "acctestaksexample",
+ /// DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
+ /// {
+ /// Name = "example-value",
+ /// NodeCount = "example-value",
+ /// VmSize = "example-value",
+ /// UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs
+ /// {
+ /// MaxSurge = "example-value",
+ /// },
+ /// },
+ /// Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
+ /// {
+ /// Type = "example-value",
+ /// },
+ /// });
+ ///
+ /// var exampleTarget = new Azure.ChaosStudio.Target("example", new()
+ /// {
+ /// Location = exampleResourceGroup.Location,
+ /// TargetResourceId = example.Id,
+ /// TargetType = "example-value",
+ /// });
+ ///
+ /// });
+ /// ```
+ /// <!--End PulumiCodeChooser -->
+ ///
/// ## Import
///
/// An existing Chaos Studio Target can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/dotnet/Compute/Snapshot.cs b/sdk/dotnet/Compute/Snapshot.cs
index 655c30ee05..7cb579d012 100644
--- a/sdk/dotnet/Compute/Snapshot.cs
+++ b/sdk/dotnet/Compute/Snapshot.cs
@@ -103,6 +103,18 @@ public partial class Snapshot : global::Pulumi.CustomResource
[Output("name")]
public Output Name { get; private set; } = null!;
+ ///
+ /// Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ ///
+ [Output("networkAccessPolicy")]
+ public Output NetworkAccessPolicy { get; private set; } = null!;
+
+ ///
+ /// Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ ///
+ [Output("publicNetworkAccessEnabled")]
+ public Output PublicNetworkAccessEnabled { get; private set; } = null!;
+
///
/// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
///
@@ -225,6 +237,18 @@ public sealed class SnapshotArgs : global::Pulumi.ResourceArgs
[Input("name")]
public Input? Name { get; set; }
+ ///
+ /// Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ ///
+ [Input("networkAccessPolicy")]
+ public Input? NetworkAccessPolicy { get; set; }
+
+ ///
+ /// Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ ///
+ [Input("publicNetworkAccessEnabled")]
+ public Input? PublicNetworkAccessEnabled { get; set; }
+
///
/// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
///
@@ -309,6 +333,18 @@ public sealed class SnapshotState : global::Pulumi.ResourceArgs
[Input("name")]
public Input? Name { get; set; }
+ ///
+ /// Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ ///
+ [Input("networkAccessPolicy")]
+ public Input? NetworkAccessPolicy { get; set; }
+
+ ///
+ /// Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ ///
+ [Input("publicNetworkAccessEnabled")]
+ public Input? PublicNetworkAccessEnabled { get; set; }
+
///
/// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
///
diff --git a/sdk/dotnet/Config/Config.cs b/sdk/dotnet/Config/Config.cs
index eb94a35b0d..acc0bfea5d 100644
--- a/sdk/dotnet/Config/Config.cs
+++ b/sdk/dotnet/Config/Config.cs
@@ -131,7 +131,8 @@ public static bool? DisableTerraformPartnerId
private static readonly __Value _environment = new __Value(() => __config.Get("environment") ?? Utilities.GetEnv("AZURE_ENVIRONMENT", "ARM_ENVIRONMENT") ?? "public");
///
- /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ /// used and should not be specified when `metadata_host` is specified.
///
public static string? Environment
{
diff --git a/sdk/dotnet/ContainerService/ClusterTrustedAccessRoleBinding.cs b/sdk/dotnet/ContainerService/ClusterTrustedAccessRoleBinding.cs
index 780bd0dd32..baa4fba1af 100644
--- a/sdk/dotnet/ContainerService/ClusterTrustedAccessRoleBinding.cs
+++ b/sdk/dotnet/ContainerService/ClusterTrustedAccessRoleBinding.cs
@@ -16,6 +16,108 @@ namespace Pulumi.Azure.ContainerService
/// > **Note:** This Resource is in **Preview** to use this you must be opted into the Preview. You can do this by running `az feature register --namespace Microsoft.ContainerService --name TrustedAccessPreview` and then `az provider register -n Microsoft.ContainerService`
/// .
///
+ /// ## Example Usage
+ ///
+ /// <!--Start PulumiCodeChooser -->
+ /// ```csharp
+ /// using System.Collections.Generic;
+ /// using System.Linq;
+ /// using Pulumi;
+ /// using Azure = Pulumi.Azure;
+ ///
+ /// return await Deployment.RunAsync(() =>
+ /// {
+ /// var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
+ /// {
+ /// Name = "example-resources",
+ /// Location = "West Europe",
+ /// });
+ ///
+ /// var example = new Azure.AppInsights.Insights("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// ApplicationType = "example-value",
+ /// });
+ ///
+ /// var test = Azure.Core.GetClientConfig.Invoke();
+ ///
+ /// var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// TenantId = exampleAzurermClientConfig.TenantId,
+ /// SkuName = "example-value",
+ /// SoftDeleteRetentionDays = "example-value",
+ /// });
+ ///
+ /// var exampleAccessPolicy = new Azure.KeyVault.AccessPolicy("example", new()
+ /// {
+ /// KeyVaultId = exampleKeyVault.Id,
+ /// TenantId = exampleAzurermClientConfig.TenantId,
+ /// ObjectId = exampleAzurermClientConfig.ObjectId,
+ /// KeyPermissions = "example-value",
+ /// });
+ ///
+ /// var exampleKubernetesCluster = new Azure.ContainerService.KubernetesCluster("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// DnsPrefix = "acctestaksexample",
+ /// DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
+ /// {
+ /// Name = "example-value",
+ /// NodeCount = "example-value",
+ /// VmSize = "example-value",
+ /// UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs
+ /// {
+ /// MaxSurge = "example-value",
+ /// },
+ /// },
+ /// Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
+ /// {
+ /// Type = "example-value",
+ /// },
+ /// });
+ ///
+ /// var exampleAccount = new Azure.Storage.Account("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// AccountTier = "example-value",
+ /// AccountReplicationType = "example-value",
+ /// });
+ ///
+ /// var exampleWorkspace = new Azure.MachineLearning.Workspace("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// KeyVaultId = exampleKeyVault.Id,
+ /// StorageAccountId = exampleAccount.Id,
+ /// ApplicationInsightsId = example.Id,
+ /// Identity = new Azure.MachineLearning.Inputs.WorkspaceIdentityArgs
+ /// {
+ /// Type = "example-value",
+ /// },
+ /// });
+ ///
+ /// var exampleClusterTrustedAccessRoleBinding = new Azure.ContainerService.ClusterTrustedAccessRoleBinding("example", new()
+ /// {
+ /// KubernetesClusterId = exampleKubernetesCluster.Id,
+ /// Name = "example",
+ /// Roles = "example-value",
+ /// SourceResourceId = exampleWorkspace.Id,
+ /// });
+ ///
+ /// });
+ /// ```
+ /// <!--End PulumiCodeChooser -->
+ ///
/// ## Import
///
/// An existing Kubernetes Cluster Trusted Access Role Binding can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/dotnet/ContainerService/FleetMember.cs b/sdk/dotnet/ContainerService/FleetMember.cs
index 0c2592fe98..c260777a08 100644
--- a/sdk/dotnet/ContainerService/FleetMember.cs
+++ b/sdk/dotnet/ContainerService/FleetMember.cs
@@ -14,6 +14,63 @@ namespace Pulumi.Azure.ContainerService
///
/// Manages a Kubernetes Fleet Member.
///
+ /// ## Example Usage
+ ///
+ /// <!--Start PulumiCodeChooser -->
+ /// ```csharp
+ /// using System.Collections.Generic;
+ /// using System.Linq;
+ /// using Pulumi;
+ /// using Azure = Pulumi.Azure;
+ ///
+ /// return await Deployment.RunAsync(() =>
+ /// {
+ /// var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
+ /// {
+ /// Name = "example-resources",
+ /// Location = "West Europe",
+ /// });
+ ///
+ /// var example = new Azure.ContainerService.KubernetesCluster("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// DnsPrefix = "acctestaksexample",
+ /// DefaultNodePool = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolArgs
+ /// {
+ /// Name = "example-value",
+ /// NodeCount = "example-value",
+ /// VmSize = "example-value",
+ /// UpgradeSettings = new Azure.ContainerService.Inputs.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs
+ /// {
+ /// MaxSurge = "example-value",
+ /// },
+ /// },
+ /// Identity = new Azure.ContainerService.Inputs.KubernetesClusterIdentityArgs
+ /// {
+ /// Type = "example-value",
+ /// },
+ /// });
+ ///
+ /// var exampleKubernetesFleetManager = new Azure.ContainerService.KubernetesFleetManager("example", new()
+ /// {
+ /// Name = "example",
+ /// Location = exampleResourceGroup.Location,
+ /// ResourceGroupName = exampleResourceGroup.Name,
+ /// });
+ ///
+ /// var exampleFleetMember = new Azure.ContainerService.FleetMember("example", new()
+ /// {
+ /// KubernetesClusterId = example.Id,
+ /// KubernetesFleetId = exampleKubernetesFleetManager.Id,
+ /// Name = "example",
+ /// });
+ ///
+ /// });
+ /// ```
+ /// <!--End PulumiCodeChooser -->
+ ///
/// ## Import
///
/// An existing Kubernetes Fleet Member can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/dotnet/CosmosDB/Account.cs b/sdk/dotnet/CosmosDB/Account.cs
index 1fa93f590a..bd286aff35 100644
--- a/sdk/dotnet/CosmosDB/Account.cs
+++ b/sdk/dotnet/CosmosDB/Account.cs
@@ -185,6 +185,12 @@ public partial class Account : global::Pulumi.CustomResource
[Output("analyticalStorageEnabled")]
public Output AnalyticalStorageEnabled { get; private set; } = null!;
+ ///
+ /// Enable automatic failover for this Cosmos DB account.
+ ///
+ [Output("automaticFailoverEnabled")]
+ public Output AutomaticFailoverEnabled { get; private set; } = null!;
+
///
/// A `backup` block as defined below.
///
@@ -203,9 +209,6 @@ public partial class Account : global::Pulumi.CustomResource
[Output("capacity")]
public Output Capacity { get; private set; } = null!;
- ///
- /// A list of connection strings available for this CosmosDB account.
- ///
[Output("connectionStrings")]
public Output> ConnectionStrings { get; private set; } = null!;
@@ -235,23 +238,14 @@ public partial class Account : global::Pulumi.CustomResource
[Output("defaultIdentityType")]
public Output DefaultIdentityType { get; private set; } = null!;
- ///
- /// Enable automatic failover for this Cosmos DB account.
- ///
[Output("enableAutomaticFailover")]
- public Output EnableAutomaticFailover { get; private set; } = null!;
+ public Output EnableAutomaticFailover { get; private set; } = null!;
- ///
- /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
- ///
[Output("enableFreeTier")]
- public Output EnableFreeTier { get; private set; } = null!;
+ public Output EnableFreeTier { get; private set; } = null!;
- ///
- /// Enable multiple write locations for this Cosmos DB account.
- ///
[Output("enableMultipleWriteLocations")]
- public Output EnableMultipleWriteLocations { get; private set; } = null!;
+ public Output EnableMultipleWriteLocations { get; private set; } = null!;
///
/// The endpoint used to connect to the CosmosDB account.
@@ -259,6 +253,12 @@ public partial class Account : global::Pulumi.CustomResource
[Output("endpoint")]
public Output Endpoint { get; private set; } = null!;
+ ///
+ /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ ///
+ [Output("freeTierEnabled")]
+ public Output FreeTierEnabled { get; private set; } = null!;
+
///
/// Specifies a `geo_location` resource, used to define where data should be replicated with the `failover_priority` 0 specifying the primary location. Value is a `geo_location` block as defined below.
///
@@ -327,6 +327,12 @@ public partial class Account : global::Pulumi.CustomResource
[Output("mongoServerVersion")]
public Output MongoServerVersion { get; private set; } = null!;
+ ///
+ /// Enable multiple write locations for this Cosmos DB account.
+ ///
+ [Output("multipleWriteLocationsEnabled")]
+ public Output MultipleWriteLocationsEnabled { get; private set; } = null!;
+
///
/// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
///
@@ -553,6 +559,12 @@ public sealed class AccountArgs : global::Pulumi.ResourceArgs
[Input("analyticalStorageEnabled")]
public Input? AnalyticalStorageEnabled { get; set; }
+ ///
+ /// Enable automatic failover for this Cosmos DB account.
+ ///
+ [Input("automaticFailoverEnabled")]
+ public Input? AutomaticFailoverEnabled { get; set; }
+
///
/// A `backup` block as defined below.
///
@@ -603,24 +615,21 @@ public InputList Capabilities
[Input("defaultIdentityType")]
public Input? DefaultIdentityType { get; set; }
- ///
- /// Enable automatic failover for this Cosmos DB account.
- ///
[Input("enableAutomaticFailover")]
public Input? EnableAutomaticFailover { get; set; }
- ///
- /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
- ///
[Input("enableFreeTier")]
public Input? EnableFreeTier { get; set; }
- ///
- /// Enable multiple write locations for this Cosmos DB account.
- ///
[Input("enableMultipleWriteLocations")]
public Input? EnableMultipleWriteLocations { get; set; }
+ ///
+ /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ ///
+ [Input("freeTierEnabled")]
+ public Input? FreeTierEnabled { get; set; }
+
[Input("geoLocations", required: true)]
private InputList? _geoLocations;
@@ -695,6 +704,12 @@ public InputList GeoLocations
[Input("mongoServerVersion")]
public Input? MongoServerVersion { get; set; }
+ ///
+ /// Enable multiple write locations for this Cosmos DB account.
+ ///
+ [Input("multipleWriteLocationsEnabled")]
+ public Input? MultipleWriteLocationsEnabled { get; set; }
+
///
/// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
///
@@ -801,6 +816,12 @@ public sealed class AccountState : global::Pulumi.ResourceArgs
[Input("analyticalStorageEnabled")]
public Input? AnalyticalStorageEnabled { get; set; }
+ ///
+ /// Enable automatic failover for this Cosmos DB account.
+ ///
+ [Input("automaticFailoverEnabled")]
+ public Input? AutomaticFailoverEnabled { get; set; }
+
///
/// A `backup` block as defined below.
///
@@ -827,10 +848,7 @@ public InputList Capabilities
[Input("connectionStrings")]
private InputList? _connectionStrings;
-
- ///
- /// A list of connection strings available for this CosmosDB account.
- ///
+ [Obsolete(@"This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider")]
public InputList ConnectionStrings
{
get => _connectionStrings ?? (_connectionStrings = new InputList());
@@ -867,21 +885,12 @@ public InputList ConnectionStrings
[Input("defaultIdentityType")]
public Input? DefaultIdentityType { get; set; }
- ///
- /// Enable automatic failover for this Cosmos DB account.
- ///
[Input("enableAutomaticFailover")]
public Input? EnableAutomaticFailover { get; set; }
- ///
- /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
- ///
[Input("enableFreeTier")]
public Input? EnableFreeTier { get; set; }
- ///
- /// Enable multiple write locations for this Cosmos DB account.
- ///
[Input("enableMultipleWriteLocations")]
public Input? EnableMultipleWriteLocations { get; set; }
@@ -891,6 +900,12 @@ public InputList ConnectionStrings
[Input("endpoint")]
public Input? Endpoint { get; set; }
+ ///
+ /// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ ///
+ [Input("freeTierEnabled")]
+ public Input? FreeTierEnabled { get; set; }
+
[Input("geoLocations")]
private InputList? _geoLocations;
@@ -965,6 +980,12 @@ public InputList GeoLocations
[Input("mongoServerVersion")]
public Input? MongoServerVersion { get; set; }
+ ///
+ /// Enable multiple write locations for this Cosmos DB account.
+ ///
+ [Input("multipleWriteLocationsEnabled")]
+ public Input? MultipleWriteLocationsEnabled { get; set; }
+
///
/// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
///
diff --git a/sdk/dotnet/CosmosDB/GetAccount.cs b/sdk/dotnet/CosmosDB/GetAccount.cs
index d39978a44a..050bc524a0 100644
--- a/sdk/dotnet/CosmosDB/GetAccount.cs
+++ b/sdk/dotnet/CosmosDB/GetAccount.cs
@@ -120,30 +120,26 @@ public GetAccountInvokeArgs()
public sealed class GetAccountResult
{
///
- /// Capabilities enabled on this Cosmos DB account.
+ /// If automatic failover is enabled for this CosmosDB Account.
///
- public readonly ImmutableArray Capabilities;
+ public readonly bool AutomaticFailoverEnabled;
///
- /// A list of connection strings available for this CosmosDB account.
+ /// Capabilities enabled on this Cosmos DB account.
///
+ public readonly ImmutableArray Capabilities;
public readonly ImmutableArray ConnectionStrings;
public readonly ImmutableArray ConsistencyPolicies;
- ///
- /// If automatic failover is enabled for this CosmosDB Account.
- ///
public readonly bool EnableAutomaticFailover;
- ///
- /// If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
- ///
public readonly bool EnableFreeTier;
- ///
- /// If multiple write locations are enabled for this Cosmos DB account.
- ///
public readonly bool EnableMultipleWriteLocations;
///
/// The endpoint used to connect to the CosmosDB account.
///
public readonly string Endpoint;
+ ///
+ /// If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
+ ///
+ public readonly bool FreeTierEnabled;
public readonly ImmutableArray GeoLocations;
///
/// The provider-assigned unique ID for this managed resource.
@@ -169,6 +165,10 @@ public sealed class GetAccountResult
/// The name of the Azure region hosting replicated data.
///
public readonly string Location;
+ ///
+ /// If multiple write locations are enabled for this Cosmos DB account.
+ ///
+ public readonly bool MultipleWriteLocationsEnabled;
public readonly string Name;
///
/// The Offer Type to used by this CosmosDB Account.
@@ -242,6 +242,8 @@ public sealed class GetAccountResult
[OutputConstructor]
private GetAccountResult(
+ bool automaticFailoverEnabled,
+
ImmutableArray capabilities,
ImmutableArray connectionStrings,
@@ -256,6 +258,8 @@ private GetAccountResult(
string endpoint,
+ bool freeTierEnabled,
+
ImmutableArray geoLocations,
string id,
@@ -270,6 +274,8 @@ private GetAccountResult(
string location,
+ bool multipleWriteLocationsEnabled,
+
string name,
string offerType,
@@ -308,6 +314,7 @@ private GetAccountResult(
ImmutableArray writeEndpoints)
{
+ AutomaticFailoverEnabled = automaticFailoverEnabled;
Capabilities = capabilities;
ConnectionStrings = connectionStrings;
ConsistencyPolicies = consistencyPolicies;
@@ -315,6 +322,7 @@ private GetAccountResult(
EnableFreeTier = enableFreeTier;
EnableMultipleWriteLocations = enableMultipleWriteLocations;
Endpoint = endpoint;
+ FreeTierEnabled = freeTierEnabled;
GeoLocations = geoLocations;
Id = id;
IpRangeFilter = ipRangeFilter;
@@ -322,6 +330,7 @@ private GetAccountResult(
KeyVaultKeyId = keyVaultKeyId;
Kind = kind;
Location = location;
+ MultipleWriteLocationsEnabled = multipleWriteLocationsEnabled;
Name = name;
OfferType = offerType;
PrimaryKey = primaryKey;
diff --git a/sdk/dotnet/KeyVault/Certifiate.cs b/sdk/dotnet/KeyVault/Certifiate.cs
index 3cb19c0d26..7fce4f7d17 100644
--- a/sdk/dotnet/KeyVault/Certifiate.cs
+++ b/sdk/dotnet/KeyVault/Certifiate.cs
@@ -12,11 +12,6 @@ namespace Pulumi.Azure.KeyVault
///
/// Manages a Key Vault Certificate.
///
- /// <<<<<<< HEAD
- /// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_certificates_on_destroy` for more information.
- ///
- /// =======
- /// > > > > > > > 8d78c87098 (Update-documentation)
/// ## Example Usage
///
/// ### Importing A PFX)
diff --git a/sdk/dotnet/KeyVault/Certificate.cs b/sdk/dotnet/KeyVault/Certificate.cs
index 27337f8b0f..aa2420ae49 100644
--- a/sdk/dotnet/KeyVault/Certificate.cs
+++ b/sdk/dotnet/KeyVault/Certificate.cs
@@ -12,11 +12,6 @@ namespace Pulumi.Azure.KeyVault
///
/// Manages a Key Vault Certificate.
///
- /// <<<<<<< HEAD
- /// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_certificates_on_destroy` for more information.
- ///
- /// =======
- /// > > > > > > > 8d78c87098 (Update-documentation)
/// ## Example Usage
///
/// ### Importing A PFX)
diff --git a/sdk/dotnet/KeyVault/CertificateContacts.cs b/sdk/dotnet/KeyVault/CertificateContacts.cs
index 37870732dd..b02c59074a 100644
--- a/sdk/dotnet/KeyVault/CertificateContacts.cs
+++ b/sdk/dotnet/KeyVault/CertificateContacts.cs
@@ -14,6 +14,7 @@ namespace Pulumi.Azure.KeyVault
///
/// ## Disclaimers
///
+ /// <!-- TODO: Remove Note in 4.0 -->
/// > **Note:** It's possible to define Key Vault Certificate Contacts both within the `azure.keyvault.KeyVault` resource via the `contact` block and by using the `azure.keyvault.CertificateContacts` resource. However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.
///
/// ## Example Usage
@@ -98,6 +99,7 @@ public partial class CertificateContacts : global::Pulumi.CustomResource
{
///
/// One or more `contact` blocks as defined below.
+ /// -->
///
[Output("contacts")]
public Output> Contacts { get; private set; } = null!;
@@ -159,6 +161,7 @@ public sealed class CertificateContactsArgs : global::Pulumi.ResourceArgs
///
/// One or more `contact` blocks as defined below.
+ /// -->
///
public InputList Contacts
{
@@ -185,6 +188,7 @@ public sealed class CertificateContactsState : global::Pulumi.ResourceArgs
///
/// One or more `contact` blocks as defined below.
+ /// -->
///
public InputList Contacts
{
diff --git a/sdk/dotnet/KeyVault/KeyVault.cs b/sdk/dotnet/KeyVault/KeyVault.cs
index 8436f319fb..874faec06b 100644
--- a/sdk/dotnet/KeyVault/KeyVault.cs
+++ b/sdk/dotnet/KeyVault/KeyVault.cs
@@ -174,6 +174,8 @@ public partial class KeyVault : global::Pulumi.CustomResource
/// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
///
/// > **Note:** This field can only be configured one time and cannot be updated.
+ ///
+ /// <!-- TODO: Remove `contact` and Notes in 4.0 -->
///
[Output("softDeleteRetentionDays")]
public Output SoftDeleteRetentionDays { get; private set; } = null!;
@@ -266,6 +268,7 @@ public InputList AccessPolicies
///
/// > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
///
+ [Obsolete(@"As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `azure.keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.")]
public InputList Contacts
{
get => _contacts ?? (_contacts = new InputList());
@@ -344,6 +347,8 @@ public InputList Contacts
/// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
///
/// > **Note:** This field can only be configured one time and cannot be updated.
+ ///
+ /// <!-- TODO: Remove `contact` and Notes in 4.0 -->
///
[Input("softDeleteRetentionDays")]
public Input? SoftDeleteRetentionDays { get; set; }
@@ -398,6 +403,7 @@ public InputList AccessPolicies
///
/// > **Note:** This field can only be set when `public_network_access_enabled` is set to `true`. To manage the `contact` with `public_network_access_enabled` set to `false`, please use the `azure.keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `azure.keyvault.KeyVault`, this means you'll need to import the `azure.keyvault.CertificateContacts` manually.
///
+ [Obsolete(@"As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `azure.keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.")]
public InputList Contacts
{
get => _contacts ?? (_contacts = new InputList());
@@ -476,6 +482,8 @@ public InputList Contacts
/// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
///
/// > **Note:** This field can only be configured one time and cannot be updated.
+ ///
+ /// <!-- TODO: Remove `contact` and Notes in 4.0 -->
///
[Input("softDeleteRetentionDays")]
public Input? SoftDeleteRetentionDays { get; set; }
diff --git a/sdk/dotnet/KeyVault/Secret.cs b/sdk/dotnet/KeyVault/Secret.cs
index 3a09975263..ebf34c75f0 100644
--- a/sdk/dotnet/KeyVault/Secret.cs
+++ b/sdk/dotnet/KeyVault/Secret.cs
@@ -12,14 +12,6 @@ namespace Pulumi.Azure.KeyVault
///
/// Manages a Key Vault Secret.
///
- /// <<<<<<< HEAD
- /// > **Note:** All arguments including the secret value will be stored in the raw state as plain-text.
- /// [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).
- ///
- /// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See `purge_soft_deleted_secrets_on_destroy` for more information.
- ///
- /// =======
- /// > > > > > > > 8d78c87098 (Update-documentation)
/// ## Example Usage
///
/// <!--Start PulumiCodeChooser -->
diff --git a/sdk/dotnet/Network/GetPublicIpPrefix.cs b/sdk/dotnet/Network/GetPublicIpPrefix.cs
index fdd12dc6f2..e0c2cfa738 100644
--- a/sdk/dotnet/Network/GetPublicIpPrefix.cs
+++ b/sdk/dotnet/Network/GetPublicIpPrefix.cs
@@ -127,22 +127,19 @@ public sealed class GetPublicIpPrefixResult
/// The provider-assigned unique ID for this managed resource.
///
public readonly string Id;
+ ///
+ /// The Public IP address range, in CIDR notation.
+ ///
public readonly string IpPrefix;
///
/// The supported Azure location where the resource exists.
///
public readonly string Location;
- ///
- /// The name of the Public IP prefix resource.
- ///
public readonly string Name;
///
/// The number of bits of the prefix.
///
public readonly int PrefixLength;
- ///
- /// The name of the resource group in which to create the public IP.
- ///
public readonly string ResourceGroupName;
///
/// The SKU of the Public IP Prefix.
diff --git a/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationArgs.cs b/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationArgs.cs
index c31810af40..210d2e1308 100644
--- a/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationArgs.cs
+++ b/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationArgs.cs
@@ -27,7 +27,7 @@ public InputList Actions
}
///
- /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+ /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
///
[Input("name", required: true)]
public Input Name { get; set; } = null!;
diff --git a/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationGetArgs.cs b/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationGetArgs.cs
index 053aea925d..f4c053e045 100644
--- a/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationGetArgs.cs
+++ b/sdk/dotnet/Network/Inputs/SubnetDelegationServiceDelegationGetArgs.cs
@@ -27,7 +27,7 @@ public InputList Actions
}
///
- /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+ /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
///
[Input("name", required: true)]
public Input Name { get; set; } = null!;
diff --git a/sdk/dotnet/Network/Outputs/SubnetDelegationServiceDelegation.cs b/sdk/dotnet/Network/Outputs/SubnetDelegationServiceDelegation.cs
index 1f1b9a4dea..1e16878c67 100644
--- a/sdk/dotnet/Network/Outputs/SubnetDelegationServiceDelegation.cs
+++ b/sdk/dotnet/Network/Outputs/SubnetDelegationServiceDelegation.cs
@@ -20,7 +20,7 @@ public sealed class SubnetDelegationServiceDelegation
///
public readonly ImmutableArray Actions;
///
- /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+ /// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
///
public readonly string Name;
diff --git a/sdk/dotnet/Provider.cs b/sdk/dotnet/Provider.cs
index 1ce437db06..0eab5f3d56 100644
--- a/sdk/dotnet/Provider.cs
+++ b/sdk/dotnet/Provider.cs
@@ -64,7 +64,8 @@ public partial class Provider : global::Pulumi.ProviderResource
public Output ClientSecretFilePath { get; private set; } = null!;
///
- /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ /// used and should not be specified when `metadata_host` is specified.
///
[Output("environment")]
public Output Environment { get; private set; } = null!;
@@ -309,7 +310,8 @@ public Input? ClientSecretFilePath
public Input? DisableTerraformPartnerId { get; set; }
///
- /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ /// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ /// used and should not be specified when `metadata_host` is specified.
///
[Input("environment")]
public Input? Environment { get; set; }
diff --git a/sdk/dotnet/Redis/CacheAccessPolicyAssignment.cs b/sdk/dotnet/Redis/CacheAccessPolicyAssignment.cs
index 2b7f1c6dce..605d21836d 100644
--- a/sdk/dotnet/Redis/CacheAccessPolicyAssignment.cs
+++ b/sdk/dotnet/Redis/CacheAccessPolicyAssignment.cs
@@ -91,7 +91,7 @@ public partial class CacheAccessPolicyAssignment : global::Pulumi.CustomResource
public Output ObjectId { get; private set; } = null!;
///
- /// The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ /// The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
///
[Output("objectIdAlias")]
public Output ObjectIdAlias { get; private set; } = null!;
@@ -167,7 +167,7 @@ public sealed class CacheAccessPolicyAssignmentArgs : global::Pulumi.ResourceArg
public Input ObjectId { get; set; } = null!;
///
- /// The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ /// The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
///
[Input("objectIdAlias", required: true)]
public Input ObjectIdAlias { get; set; } = null!;
@@ -205,7 +205,7 @@ public sealed class CacheAccessPolicyAssignmentState : global::Pulumi.ResourceAr
public Input? ObjectId { get; set; }
///
- /// The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ /// The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
///
[Input("objectIdAlias")]
public Input? ObjectIdAlias { get; set; }
diff --git a/sdk/dotnet/SignalR/Inputs/ServiceSkuArgs.cs b/sdk/dotnet/SignalR/Inputs/ServiceSkuArgs.cs
index 0c2733a896..39f0e4d3a1 100644
--- a/sdk/dotnet/SignalR/Inputs/ServiceSkuArgs.cs
+++ b/sdk/dotnet/SignalR/Inputs/ServiceSkuArgs.cs
@@ -13,13 +13,15 @@ namespace Pulumi.Azure.SignalR.Inputs
public sealed class ServiceSkuArgs : global::Pulumi.ResourceArgs
{
///
- /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+ /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
[Input("capacity", required: true)]
public Input Capacity { get; set; } = null!;
///
- /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+ /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
[Input("name", required: true)]
public Input Name { get; set; } = null!;
diff --git a/sdk/dotnet/SignalR/Inputs/ServiceSkuGetArgs.cs b/sdk/dotnet/SignalR/Inputs/ServiceSkuGetArgs.cs
index 190eeca34d..39c004c343 100644
--- a/sdk/dotnet/SignalR/Inputs/ServiceSkuGetArgs.cs
+++ b/sdk/dotnet/SignalR/Inputs/ServiceSkuGetArgs.cs
@@ -13,13 +13,15 @@ namespace Pulumi.Azure.SignalR.Inputs
public sealed class ServiceSkuGetArgs : global::Pulumi.ResourceArgs
{
///
- /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+ /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
[Input("capacity", required: true)]
public Input Capacity { get; set; } = null!;
///
- /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+ /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
[Input("name", required: true)]
public Input Name { get; set; } = null!;
diff --git a/sdk/dotnet/SignalR/Outputs/ServiceSku.cs b/sdk/dotnet/SignalR/Outputs/ServiceSku.cs
index 0154af8bb2..ea7cfb56d4 100644
--- a/sdk/dotnet/SignalR/Outputs/ServiceSku.cs
+++ b/sdk/dotnet/SignalR/Outputs/ServiceSku.cs
@@ -14,11 +14,13 @@ namespace Pulumi.Azure.SignalR.Outputs
public sealed class ServiceSku
{
///
- /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+ /// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
public readonly int Capacity;
///
- /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+ /// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
public readonly string Name;
diff --git a/sdk/dotnet/Storage/Account.cs b/sdk/dotnet/Storage/Account.cs
index eb235fdc00..2beefe87dc 100644
--- a/sdk/dotnet/Storage/Account.cs
+++ b/sdk/dotnet/Storage/Account.cs
@@ -533,7 +533,7 @@ public partial class Account : global::Pulumi.CustomResource
///
/// A `queue_properties` block as defined below.
///
- /// > **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`
+ /// > **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.
///
[Output("queueProperties")]
public Output QueueProperties { get; private set; } = null!;
@@ -782,6 +782,8 @@ public partial class Account : global::Pulumi.CustomResource
///
/// A `share_properties` block as defined below.
+ ///
+ /// > **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.
///
[Output("shareProperties")]
public Output ShareProperties { get; private set; } = null!;
@@ -1053,7 +1055,7 @@ public sealed class AccountArgs : global::Pulumi.ResourceArgs
///
/// A `queue_properties` block as defined below.
///
- /// > **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`
+ /// > **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.
///
[Input("queueProperties")]
public Input? QueueProperties { get; set; }
@@ -1086,6 +1088,8 @@ public sealed class AccountArgs : global::Pulumi.ResourceArgs
///
/// A `share_properties` block as defined below.
+ ///
+ /// > **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.
///
[Input("shareProperties")]
public Input? ShareProperties { get; set; }
@@ -1562,7 +1566,7 @@ public Input? PrimaryConnectionString
///
/// A `queue_properties` block as defined below.
///
- /// > **NOTE:** `queue_properties` cannot be set when the `account_kind` is set to `BlobStorage`
+ /// > **NOTE:** `queue_properties` can only be configured when `account_tier` is set to `Standard` and `account_kind` is set to either `Storage` or `StorageV2`.
///
[Input("queueProperties")]
public Input? QueueProperties { get; set; }
@@ -1841,6 +1845,8 @@ public Input? SecondaryConnectionString
///
/// A `share_properties` block as defined below.
+ ///
+ /// > **NOTE:** `share_properties` can only be configured when either `account_tier` is `Standard` and `account_kind` is either `Storage` or `StorageV2` - or when `account_tier` is `Premium` and `account_kind` is `FileStorage`.
///
[Input("shareProperties")]
public Input? ShareProperties { get; set; }
diff --git a/sdk/dotnet/Storage/Blob.cs b/sdk/dotnet/Storage/Blob.cs
index f858a55f04..50a6ad369b 100644
--- a/sdk/dotnet/Storage/Blob.cs
+++ b/sdk/dotnet/Storage/Blob.cs
@@ -93,6 +93,12 @@ public partial class Blob : global::Pulumi.CustomResource
[Output("contentType")]
public Output ContentType { get; private set; } = null!;
+ ///
+ /// The encryption scope to use for this blob.
+ ///
+ [Output("encryptionScope")]
+ public Output EncryptionScope { get; private set; } = null!;
+
///
/// A map of custom blob metadata.
///
@@ -233,6 +239,12 @@ public sealed class BlobArgs : global::Pulumi.ResourceArgs
[Input("contentType")]
public Input? ContentType { get; set; }
+ ///
+ /// The encryption scope to use for this blob.
+ ///
+ [Input("encryptionScope")]
+ public Input? EncryptionScope { get; set; }
+
[Input("metadata")]
private InputMap? _metadata;
@@ -335,6 +347,12 @@ public sealed class BlobState : global::Pulumi.ResourceArgs
[Input("contentType")]
public Input? ContentType { get; set; }
+ ///
+ /// The encryption scope to use for this blob.
+ ///
+ [Input("encryptionScope")]
+ public Input? EncryptionScope { get; set; }
+
[Input("metadata")]
private InputMap? _metadata;
diff --git a/sdk/dotnet/Storage/Container.cs b/sdk/dotnet/Storage/Container.cs
index deeadde112..bdf5464728 100644
--- a/sdk/dotnet/Storage/Container.cs
+++ b/sdk/dotnet/Storage/Container.cs
@@ -72,6 +72,18 @@ public partial class Container : global::Pulumi.CustomResource
[Output("containerAccessType")]
public Output ContainerAccessType { get; private set; } = null!;
+ ///
+ /// The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ ///
+ [Output("defaultEncryptionScope")]
+ public Output DefaultEncryptionScope { get; private set; } = null!;
+
+ ///
+ /// Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.
+ ///
+ [Output("encryptionScopeOverrideEnabled")]
+ public Output EncryptionScopeOverrideEnabled { get; private set; } = null!;
+
///
/// Is there an Immutability Policy configured on this Storage Container?
///
@@ -162,6 +174,18 @@ public sealed class ContainerArgs : global::Pulumi.ResourceArgs
[Input("containerAccessType")]
public Input? ContainerAccessType { get; set; }
+ ///
+ /// The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ ///
+ [Input("defaultEncryptionScope")]
+ public Input? DefaultEncryptionScope { get; set; }
+
+ ///
+ /// Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.
+ ///
+ [Input("encryptionScopeOverrideEnabled")]
+ public Input? EncryptionScopeOverrideEnabled { get; set; }
+
[Input("metadata")]
private InputMap? _metadata;
@@ -202,6 +226,18 @@ public sealed class ContainerState : global::Pulumi.ResourceArgs
[Input("containerAccessType")]
public Input? ContainerAccessType { get; set; }
+ ///
+ /// The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ ///
+ [Input("defaultEncryptionScope")]
+ public Input? DefaultEncryptionScope { get; set; }
+
+ ///
+ /// Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `default_encryption_scope`. Defaults to `true`. Changing this forces a new resource to be created.
+ ///
+ [Input("encryptionScopeOverrideEnabled")]
+ public Input? EncryptionScopeOverrideEnabled { get; set; }
+
///
/// Is there an Immutability Policy configured on this Storage Container?
///
diff --git a/sdk/dotnet/Storage/DataLakeGen2Filesystem.cs b/sdk/dotnet/Storage/DataLakeGen2Filesystem.cs
index 69df9f181a..7c1851d6a4 100644
--- a/sdk/dotnet/Storage/DataLakeGen2Filesystem.cs
+++ b/sdk/dotnet/Storage/DataLakeGen2Filesystem.cs
@@ -73,6 +73,12 @@ public partial class DataLakeGen2Filesystem : global::Pulumi.CustomResource
[Output("aces")]
public Output> Aces { get; private set; } = null!;
+ ///
+ /// The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ ///
+ [Output("defaultEncryptionScope")]
+ public Output DefaultEncryptionScope { get; private set; } = null!;
+
///
/// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
///
@@ -163,6 +169,12 @@ public InputList Aces
set => _aces = value;
}
+ ///
+ /// The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ ///
+ [Input("defaultEncryptionScope")]
+ public Input? DefaultEncryptionScope { get; set; }
+
///
/// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
///
@@ -221,6 +233,12 @@ public InputList Aces
set => _aces = value;
}
+ ///
+ /// The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ ///
+ [Input("defaultEncryptionScope")]
+ public Input? DefaultEncryptionScope { get; set; }
+
///
/// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
///
diff --git a/sdk/dotnet/Storage/GetBlob.cs b/sdk/dotnet/Storage/GetBlob.cs
index 1861f8deca..0bb80b73c5 100644
--- a/sdk/dotnet/Storage/GetBlob.cs
+++ b/sdk/dotnet/Storage/GetBlob.cs
@@ -162,6 +162,10 @@ public sealed class GetBlobResult
///
public readonly string ContentType;
///
+ /// The encryption scope for this blob.
+ ///
+ public readonly string EncryptionScope;
+ ///
/// The provider-assigned unique ID for this managed resource.
///
public readonly string Id;
@@ -189,6 +193,8 @@ private GetBlobResult(
string contentType,
+ string encryptionScope,
+
string id,
ImmutableDictionary metadata,
@@ -206,6 +212,7 @@ private GetBlobResult(
AccessTier = accessTier;
ContentMd5 = contentMd5;
ContentType = contentType;
+ EncryptionScope = encryptionScope;
Id = id;
Metadata = metadata;
Name = name;
diff --git a/sdk/dotnet/Storage/GetStorageContainer.cs b/sdk/dotnet/Storage/GetStorageContainer.cs
index 93ea7df713..fa0e974c79 100644
--- a/sdk/dotnet/Storage/GetStorageContainer.cs
+++ b/sdk/dotnet/Storage/GetStorageContainer.cs
@@ -140,6 +140,14 @@ public sealed class GetStorageContainerResult
///
public readonly string ContainerAccessType;
///
+ /// The default encryption scope in use for blobs uploaded to this container.
+ ///
+ public readonly string DefaultEncryptionScope;
+ ///
+ /// Whether blobs are allowed to override the default encryption scope for this container.
+ ///
+ public readonly bool EncryptionScopeOverrideEnabled;
+ ///
/// Is there an Immutability Policy configured on this Storage Container?
///
public readonly bool HasImmutabilityPolicy;
@@ -166,6 +174,10 @@ public sealed class GetStorageContainerResult
private GetStorageContainerResult(
string containerAccessType,
+ string defaultEncryptionScope,
+
+ bool encryptionScopeOverrideEnabled,
+
bool hasImmutabilityPolicy,
bool hasLegalHold,
@@ -181,6 +193,8 @@ private GetStorageContainerResult(
string storageAccountName)
{
ContainerAccessType = containerAccessType;
+ DefaultEncryptionScope = defaultEncryptionScope;
+ EncryptionScopeOverrideEnabled = encryptionScopeOverrideEnabled;
HasImmutabilityPolicy = hasImmutabilityPolicy;
HasLegalHold = hasLegalHold;
Id = id;
diff --git a/sdk/dotnet/Storage/ZipBlob.cs b/sdk/dotnet/Storage/ZipBlob.cs
index e4fd6de6cf..848493c506 100644
--- a/sdk/dotnet/Storage/ZipBlob.cs
+++ b/sdk/dotnet/Storage/ZipBlob.cs
@@ -28,6 +28,9 @@ public partial class ZipBlob : global::Pulumi.CustomResource
[Output("contentType")]
public Output ContentType { get; private set; } = null!;
+ [Output("encryptionScope")]
+ public Output EncryptionScope { get; private set; } = null!;
+
[Output("metadata")]
public Output> Metadata { get; private set; } = null!;
@@ -119,6 +122,9 @@ public sealed class ZipBlobArgs : global::Pulumi.ResourceArgs
[Input("contentType")]
public Input? ContentType { get; set; }
+ [Input("encryptionScope")]
+ public Input? EncryptionScope { get; set; }
+
[Input("metadata")]
private InputMap? _metadata;
public InputMap Metadata
@@ -174,6 +180,9 @@ public sealed class ZipBlobState : global::Pulumi.ResourceArgs
[Input("contentType")]
public Input? ContentType { get; set; }
+ [Input("encryptionScope")]
+ public Input? EncryptionScope { get; set; }
+
[Input("metadata")]
private InputMap? _metadata;
public InputMap Metadata
diff --git a/sdk/dotnet/WebPubSub/Service.cs b/sdk/dotnet/WebPubSub/Service.cs
index 9bbec15294..1cb99a95fa 100644
--- a/sdk/dotnet/WebPubSub/Service.cs
+++ b/sdk/dotnet/WebPubSub/Service.cs
@@ -71,7 +71,9 @@ public partial class Service : global::Pulumi.CustomResource
public Output AadAuthEnabled { get; private set; } = null!;
///
- /// Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ /// Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
[Output("capacity")]
public Output Capacity { get; private set; } = null!;
@@ -167,7 +169,7 @@ public partial class Service : global::Pulumi.CustomResource
public Output ServerPort { get; private set; } = null!;
///
- /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
[Output("sku")]
public Output Sku { get; private set; } = null!;
@@ -247,7 +249,9 @@ public sealed class ServiceArgs : global::Pulumi.ResourceArgs
public Input? AadAuthEnabled { get; set; }
///
- /// Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ /// Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
[Input("capacity")]
public Input? Capacity { get; set; }
@@ -295,7 +299,7 @@ public sealed class ServiceArgs : global::Pulumi.ResourceArgs
public Input ResourceGroupName { get; set; } = null!;
///
- /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
[Input("sku", required: true)]
public Input Sku { get; set; } = null!;
@@ -333,7 +337,9 @@ public sealed class ServiceState : global::Pulumi.ResourceArgs
public Input? AadAuthEnabled { get; set; }
///
- /// Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ /// Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ ///
+ /// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
///
[Input("capacity")]
public Input? Capacity { get; set; }
@@ -469,7 +475,7 @@ public Input? SecondaryConnectionString
public Input? ServerPort { get; set; }
///
- /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ /// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
///
[Input("sku")]
public Input? Sku { get; set; }
diff --git a/sdk/go/azure/appservice/pulumiTypes.go b/sdk/go/azure/appservice/pulumiTypes.go
index 24e01e2fb7..9bd3e25644 100644
--- a/sdk/go/azure/appservice/pulumiTypes.go
+++ b/sdk/go/azure/appservice/pulumiTypes.go
@@ -33729,7 +33729,7 @@ func (o LinuxWebAppLogsApplicationLogsAzureBlobStoragePtrOutput) SasUrl() pulumi
}
type LinuxWebAppLogsHttpLogs struct {
- // A `azureBlobStorageHttp` block as defined below.
+ // A `azureBlobStorageHttp` block as defined above.
AzureBlobStorage *LinuxWebAppLogsHttpLogsAzureBlobStorage `pulumi:"azureBlobStorage"`
// A `fileSystem` block as defined above.
FileSystem *LinuxWebAppLogsHttpLogsFileSystem `pulumi:"fileSystem"`
@@ -33747,7 +33747,7 @@ type LinuxWebAppLogsHttpLogsInput interface {
}
type LinuxWebAppLogsHttpLogsArgs struct {
- // A `azureBlobStorageHttp` block as defined below.
+ // A `azureBlobStorageHttp` block as defined above.
AzureBlobStorage LinuxWebAppLogsHttpLogsAzureBlobStoragePtrInput `pulumi:"azureBlobStorage"`
// A `fileSystem` block as defined above.
FileSystem LinuxWebAppLogsHttpLogsFileSystemPtrInput `pulumi:"fileSystem"`
@@ -33830,7 +33830,7 @@ func (o LinuxWebAppLogsHttpLogsOutput) ToLinuxWebAppLogsHttpLogsPtrOutputWithCon
}).(LinuxWebAppLogsHttpLogsPtrOutput)
}
-// A `azureBlobStorageHttp` block as defined below.
+// A `azureBlobStorageHttp` block as defined above.
func (o LinuxWebAppLogsHttpLogsOutput) AzureBlobStorage() LinuxWebAppLogsHttpLogsAzureBlobStoragePtrOutput {
return o.ApplyT(func(v LinuxWebAppLogsHttpLogs) *LinuxWebAppLogsHttpLogsAzureBlobStorage { return v.AzureBlobStorage }).(LinuxWebAppLogsHttpLogsAzureBlobStoragePtrOutput)
}
@@ -33864,7 +33864,7 @@ func (o LinuxWebAppLogsHttpLogsPtrOutput) Elem() LinuxWebAppLogsHttpLogsOutput {
}).(LinuxWebAppLogsHttpLogsOutput)
}
-// A `azureBlobStorageHttp` block as defined below.
+// A `azureBlobStorageHttp` block as defined above.
func (o LinuxWebAppLogsHttpLogsPtrOutput) AzureBlobStorage() LinuxWebAppLogsHttpLogsAzureBlobStoragePtrOutput {
return o.ApplyT(func(v *LinuxWebAppLogsHttpLogs) *LinuxWebAppLogsHttpLogsAzureBlobStorage {
if v == nil {
@@ -34980,6 +34980,8 @@ type LinuxWebAppSiteConfigApplicationStack struct {
// The Version of Java to use. Possible values include `8`, `11`, and `17`.
//
// > **NOTE:** The valid version combinations for `javaVersion`, `javaServer` and `javaServerVersion` can be checked from the command line via `az webapp list-runtimes --linux`.
+ //
+ // > **NOTE:** `javaServer`, `javaServerVersion`, and `javaVersion` must all be specified if building a java app
JavaVersion *string `pulumi:"javaVersion"`
// The version of Node to run. Possible values include `12-lts`, `14-lts`, `16-lts`, `18-lts` and `20-lts`. This property conflicts with `javaVersion`.
//
@@ -35034,6 +35036,8 @@ type LinuxWebAppSiteConfigApplicationStackArgs struct {
// The Version of Java to use. Possible values include `8`, `11`, and `17`.
//
// > **NOTE:** The valid version combinations for `javaVersion`, `javaServer` and `javaServerVersion` can be checked from the command line via `az webapp list-runtimes --linux`.
+ //
+ // > **NOTE:** `javaServer`, `javaServerVersion`, and `javaVersion` must all be specified if building a java app
JavaVersion pulumi.StringPtrInput `pulumi:"javaVersion"`
// The version of Node to run. Possible values include `12-lts`, `14-lts`, `16-lts`, `18-lts` and `20-lts`. This property conflicts with `javaVersion`.
//
@@ -35183,6 +35187,8 @@ func (o LinuxWebAppSiteConfigApplicationStackOutput) JavaServerVersion() pulumi.
// The Version of Java to use. Possible values include `8`, `11`, and `17`.
//
// > **NOTE:** The valid version combinations for `javaVersion`, `javaServer` and `javaServerVersion` can be checked from the command line via `az webapp list-runtimes --linux`.
+//
+// > **NOTE:** `javaServer`, `javaServerVersion`, and `javaVersion` must all be specified if building a java app
func (o LinuxWebAppSiteConfigApplicationStackOutput) JavaVersion() pulumi.StringPtrOutput {
return o.ApplyT(func(v LinuxWebAppSiteConfigApplicationStack) *string { return v.JavaVersion }).(pulumi.StringPtrOutput)
}
@@ -35342,6 +35348,8 @@ func (o LinuxWebAppSiteConfigApplicationStackPtrOutput) JavaServerVersion() pulu
// The Version of Java to use. Possible values include `8`, `11`, and `17`.
//
// > **NOTE:** The valid version combinations for `javaVersion`, `javaServer` and `javaServerVersion` can be checked from the command line via `az webapp list-runtimes --linux`.
+//
+// > **NOTE:** `javaServer`, `javaServerVersion`, and `javaVersion` must all be specified if building a java app
func (o LinuxWebAppSiteConfigApplicationStackPtrOutput) JavaVersion() pulumi.StringPtrOutput {
return o.ApplyT(func(v *LinuxWebAppSiteConfigApplicationStack) *string {
if v == nil {
@@ -73659,7 +73667,7 @@ func (o WindowsWebAppLogsApplicationLogsAzureBlobStoragePtrOutput) SasUrl() pulu
}
type WindowsWebAppLogsHttpLogs struct {
- // A `azureBlobStorageHttp` block as defined above.
+ // A `azureBlobStorageHttp` block as defined below.
AzureBlobStorage *WindowsWebAppLogsHttpLogsAzureBlobStorage `pulumi:"azureBlobStorage"`
// A `fileSystem` block as defined above.
FileSystem *WindowsWebAppLogsHttpLogsFileSystem `pulumi:"fileSystem"`
@@ -73677,7 +73685,7 @@ type WindowsWebAppLogsHttpLogsInput interface {
}
type WindowsWebAppLogsHttpLogsArgs struct {
- // A `azureBlobStorageHttp` block as defined above.
+ // A `azureBlobStorageHttp` block as defined below.
AzureBlobStorage WindowsWebAppLogsHttpLogsAzureBlobStoragePtrInput `pulumi:"azureBlobStorage"`
// A `fileSystem` block as defined above.
FileSystem WindowsWebAppLogsHttpLogsFileSystemPtrInput `pulumi:"fileSystem"`
@@ -73760,7 +73768,7 @@ func (o WindowsWebAppLogsHttpLogsOutput) ToWindowsWebAppLogsHttpLogsPtrOutputWit
}).(WindowsWebAppLogsHttpLogsPtrOutput)
}
-// A `azureBlobStorageHttp` block as defined above.
+// A `azureBlobStorageHttp` block as defined below.
func (o WindowsWebAppLogsHttpLogsOutput) AzureBlobStorage() WindowsWebAppLogsHttpLogsAzureBlobStoragePtrOutput {
return o.ApplyT(func(v WindowsWebAppLogsHttpLogs) *WindowsWebAppLogsHttpLogsAzureBlobStorage {
return v.AzureBlobStorage
@@ -73796,7 +73804,7 @@ func (o WindowsWebAppLogsHttpLogsPtrOutput) Elem() WindowsWebAppLogsHttpLogsOutp
}).(WindowsWebAppLogsHttpLogsOutput)
}
-// A `azureBlobStorageHttp` block as defined above.
+// A `azureBlobStorageHttp` block as defined below.
func (o WindowsWebAppLogsHttpLogsPtrOutput) AzureBlobStorage() WindowsWebAppLogsHttpLogsAzureBlobStoragePtrOutput {
return o.ApplyT(func(v *WindowsWebAppLogsHttpLogs) *WindowsWebAppLogsHttpLogsAzureBlobStorage {
if v == nil {
diff --git a/sdk/go/azure/bot/serviceAzureBot.go b/sdk/go/azure/bot/serviceAzureBot.go
index fc6da64890..345046fffe 100644
--- a/sdk/go/azure/bot/serviceAzureBot.go
+++ b/sdk/go/azure/bot/serviceAzureBot.go
@@ -132,7 +132,7 @@ type ServiceAzureBot struct {
MicrosoftAppType pulumi.StringPtrOutput `pulumi:"microsoftAppType"`
// The name which should be used for this Azure Bot Service. Changing this forces a new resource to be created.
Name pulumi.StringOutput `pulumi:"name"`
- // Whether public network access is allowed for this server. Defaults to `true`.
+ // Whether public network access is enabled. Defaults to `true`.
PublicNetworkAccessEnabled pulumi.BoolPtrOutput `pulumi:"publicNetworkAccessEnabled"`
// The name of the Resource Group where the Azure Bot Service should exist. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringOutput `pulumi:"resourceGroupName"`
@@ -228,7 +228,7 @@ type serviceAzureBotState struct {
MicrosoftAppType *string `pulumi:"microsoftAppType"`
// The name which should be used for this Azure Bot Service. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
- // Whether public network access is allowed for this server. Defaults to `true`.
+ // Whether public network access is enabled. Defaults to `true`.
PublicNetworkAccessEnabled *bool `pulumi:"publicNetworkAccessEnabled"`
// The name of the Resource Group where the Azure Bot Service should exist. Changing this forces a new resource to be created.
ResourceGroupName *string `pulumi:"resourceGroupName"`
@@ -275,7 +275,7 @@ type ServiceAzureBotState struct {
MicrosoftAppType pulumi.StringPtrInput
// The name which should be used for this Azure Bot Service. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
- // Whether public network access is allowed for this server. Defaults to `true`.
+ // Whether public network access is enabled. Defaults to `true`.
PublicNetworkAccessEnabled pulumi.BoolPtrInput
// The name of the Resource Group where the Azure Bot Service should exist. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringPtrInput
@@ -326,7 +326,7 @@ type serviceAzureBotArgs struct {
MicrosoftAppType *string `pulumi:"microsoftAppType"`
// The name which should be used for this Azure Bot Service. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
- // Whether public network access is allowed for this server. Defaults to `true`.
+ // Whether public network access is enabled. Defaults to `true`.
PublicNetworkAccessEnabled *bool `pulumi:"publicNetworkAccessEnabled"`
// The name of the Resource Group where the Azure Bot Service should exist. Changing this forces a new resource to be created.
ResourceGroupName string `pulumi:"resourceGroupName"`
@@ -374,7 +374,7 @@ type ServiceAzureBotArgs struct {
MicrosoftAppType pulumi.StringPtrInput
// The name which should be used for this Azure Bot Service. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
- // Whether public network access is allowed for this server. Defaults to `true`.
+ // Whether public network access is enabled. Defaults to `true`.
PublicNetworkAccessEnabled pulumi.BoolPtrInput
// The name of the Resource Group where the Azure Bot Service should exist. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringInput
@@ -555,7 +555,7 @@ func (o ServiceAzureBotOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v *ServiceAzureBot) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}
-// Whether public network access is allowed for this server. Defaults to `true`.
+// Whether public network access is enabled. Defaults to `true`.
func (o ServiceAzureBotOutput) PublicNetworkAccessEnabled() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *ServiceAzureBot) pulumi.BoolPtrOutput { return v.PublicNetworkAccessEnabled }).(pulumi.BoolPtrOutput)
}
diff --git a/sdk/go/azure/chaosstudio/target.go b/sdk/go/azure/chaosstudio/target.go
index 6b362fe103..fff0818718 100644
--- a/sdk/go/azure/chaosstudio/target.go
+++ b/sdk/go/azure/chaosstudio/target.go
@@ -16,6 +16,65 @@ import (
//
// Manages a Chaos Studio Target.
//
+// ## Example Usage
+//
+//
+// ```go
+// package main
+//
+// import (
+//
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/chaosstudio"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
+// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+//
+// )
+//
+// func main() {
+// pulumi.Run(func(ctx *pulumi.Context) error {
+// exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
+// Name: pulumi.String("example-resources"),
+// Location: pulumi.String("West Europe"),
+// })
+// if err != nil {
+// return err
+// }
+// example, err := containerservice.NewKubernetesCluster(ctx, "example", &containerservice.KubernetesClusterArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// DnsPrefix: pulumi.String("acctestaksexample"),
+// DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
+// Name: pulumi.String("example-value"),
+// NodeCount: pulumi.Int("example-value"),
+// VmSize: pulumi.String("example-value"),
+// UpgradeSettings: &containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{
+// MaxSurge: pulumi.String("example-value"),
+// },
+// },
+// Identity: &containerservice.KubernetesClusterIdentityArgs{
+// Type: pulumi.String("example-value"),
+// },
+// })
+// if err != nil {
+// return err
+// }
+// _, err = chaosstudio.NewTarget(ctx, "example", &chaosstudio.TargetArgs{
+// Location: exampleResourceGroup.Location,
+// TargetResourceId: example.ID(),
+// TargetType: pulumi.String("example-value"),
+// })
+// if err != nil {
+// return err
+// }
+// return nil
+// })
+// }
+//
+// ```
+//
+//
// ## Import
//
// An existing Chaos Studio Target can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/go/azure/compute/snapshot.go b/sdk/go/azure/compute/snapshot.go
index 2c48592770..38303cf1e6 100644
--- a/sdk/go/azure/compute/snapshot.go
+++ b/sdk/go/azure/compute/snapshot.go
@@ -91,6 +91,10 @@ type Snapshot struct {
Location pulumi.StringOutput `pulumi:"location"`
// Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.
Name pulumi.StringOutput `pulumi:"name"`
+ // Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ NetworkAccessPolicy pulumi.StringPtrOutput `pulumi:"networkAccessPolicy"`
+ // Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ PublicNetworkAccessEnabled pulumi.BoolPtrOutput `pulumi:"publicNetworkAccessEnabled"`
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringOutput `pulumi:"resourceGroupName"`
// Specifies a reference to an existing snapshot, when `createOption` is `Copy`. Changing this forces a new resource to be created.
@@ -157,6 +161,10 @@ type snapshotState struct {
Location *string `pulumi:"location"`
// Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
+ // Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ NetworkAccessPolicy *string `pulumi:"networkAccessPolicy"`
+ // Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ PublicNetworkAccessEnabled *bool `pulumi:"publicNetworkAccessEnabled"`
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
ResourceGroupName *string `pulumi:"resourceGroupName"`
// Specifies a reference to an existing snapshot, when `createOption` is `Copy`. Changing this forces a new resource to be created.
@@ -188,6 +196,10 @@ type SnapshotState struct {
Location pulumi.StringPtrInput
// Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
+ // Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ NetworkAccessPolicy pulumi.StringPtrInput
+ // Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ PublicNetworkAccessEnabled pulumi.BoolPtrInput
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringPtrInput
// Specifies a reference to an existing snapshot, when `createOption` is `Copy`. Changing this forces a new resource to be created.
@@ -223,6 +235,10 @@ type snapshotArgs struct {
Location *string `pulumi:"location"`
// Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
+ // Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ NetworkAccessPolicy *string `pulumi:"networkAccessPolicy"`
+ // Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ PublicNetworkAccessEnabled *bool `pulumi:"publicNetworkAccessEnabled"`
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
ResourceGroupName string `pulumi:"resourceGroupName"`
// Specifies a reference to an existing snapshot, when `createOption` is `Copy`. Changing this forces a new resource to be created.
@@ -253,6 +269,10 @@ type SnapshotArgs struct {
Location pulumi.StringPtrInput
// Specifies the name of the Snapshot resource. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
+ // Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+ NetworkAccessPolicy pulumi.StringPtrInput
+ // Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+ PublicNetworkAccessEnabled pulumi.BoolPtrInput
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringInput
// Specifies a reference to an existing snapshot, when `createOption` is `Copy`. Changing this forces a new resource to be created.
@@ -386,6 +406,16 @@ func (o SnapshotOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v *Snapshot) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}
+// Policy for accessing the disk via network. Possible values are `AllowAll`, `AllowPrivate`, or `DenyAll`. Defaults to `AllowAll`.
+func (o SnapshotOutput) NetworkAccessPolicy() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *Snapshot) pulumi.StringPtrOutput { return v.NetworkAccessPolicy }).(pulumi.StringPtrOutput)
+}
+
+// Policy for controlling export on the disk. Possible values are `true` or `false`. Defaults to `true`.
+func (o SnapshotOutput) PublicNetworkAccessEnabled() pulumi.BoolPtrOutput {
+ return o.ApplyT(func(v *Snapshot) pulumi.BoolPtrOutput { return v.PublicNetworkAccessEnabled }).(pulumi.BoolPtrOutput)
+}
+
// The name of the resource group in which to create the Snapshot. Changing this forces a new resource to be created.
func (o SnapshotOutput) ResourceGroupName() pulumi.StringOutput {
return o.ApplyT(func(v *Snapshot) pulumi.StringOutput { return v.ResourceGroupName }).(pulumi.StringOutput)
diff --git a/sdk/go/azure/config/config.go b/sdk/go/azure/config/config.go
index f96384e405..e9fb6ca542 100644
--- a/sdk/go/azure/config/config.go
+++ b/sdk/go/azure/config/config.go
@@ -61,7 +61,8 @@ func GetDisableTerraformPartnerId(ctx *pulumi.Context) bool {
return config.GetBool(ctx, "azure:disableTerraformPartnerId")
}
-// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+// used and should not be specified when `metadataHost` is specified.
func GetEnvironment(ctx *pulumi.Context) string {
v, err := config.Try(ctx, "azure:environment")
if err == nil {
diff --git a/sdk/go/azure/containerservice/clusterTrustedAccessRoleBinding.go b/sdk/go/azure/containerservice/clusterTrustedAccessRoleBinding.go
index 7559252c1e..03859a08b8 100644
--- a/sdk/go/azure/containerservice/clusterTrustedAccessRoleBinding.go
+++ b/sdk/go/azure/containerservice/clusterTrustedAccessRoleBinding.go
@@ -18,6 +18,126 @@ import (
// > **Note:** This Resource is in **Preview** to use this you must be opted into the Preview. You can do this by running `az feature register --namespace Microsoft.ContainerService --name TrustedAccessPreview` and then `az provider register -n Microsoft.ContainerService`
// .
//
+// ## Example Usage
+//
+//
+// ```go
+// package main
+//
+// import (
+//
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appinsights"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/machinelearning"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
+// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+//
+// )
+//
+// func main() {
+// pulumi.Run(func(ctx *pulumi.Context) error {
+// exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
+// Name: pulumi.String("example-resources"),
+// Location: pulumi.String("West Europe"),
+// })
+// if err != nil {
+// return err
+// }
+// example, err := appinsights.NewInsights(ctx, "example", &appinsights.InsightsArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// ApplicationType: pulumi.String("example-value"),
+// })
+// if err != nil {
+// return err
+// }
+// _, err = core.GetClientConfig(ctx, nil, nil)
+// if err != nil {
+// return err
+// }
+// exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// TenantId: pulumi.Any(exampleAzurermClientConfig.TenantId),
+// SkuName: pulumi.String("example-value"),
+// SoftDeleteRetentionDays: pulumi.Int("example-value"),
+// })
+// if err != nil {
+// return err
+// }
+// _, err = keyvault.NewAccessPolicy(ctx, "example", &keyvault.AccessPolicyArgs{
+// KeyVaultId: exampleKeyVault.ID(),
+// TenantId: pulumi.Any(exampleAzurermClientConfig.TenantId),
+// ObjectId: pulumi.Any(exampleAzurermClientConfig.ObjectId),
+// KeyPermissions: pulumi.StringArray("example-value"),
+// })
+// if err != nil {
+// return err
+// }
+// exampleKubernetesCluster, err := containerservice.NewKubernetesCluster(ctx, "example", &containerservice.KubernetesClusterArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// DnsPrefix: pulumi.String("acctestaksexample"),
+// DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
+// Name: pulumi.String("example-value"),
+// NodeCount: pulumi.Int("example-value"),
+// VmSize: pulumi.String("example-value"),
+// UpgradeSettings: &containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{
+// MaxSurge: pulumi.String("example-value"),
+// },
+// },
+// Identity: &containerservice.KubernetesClusterIdentityArgs{
+// Type: pulumi.String("example-value"),
+// },
+// })
+// if err != nil {
+// return err
+// }
+// exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// AccountTier: pulumi.String("example-value"),
+// AccountReplicationType: pulumi.String("example-value"),
+// })
+// if err != nil {
+// return err
+// }
+// exampleWorkspace, err := machinelearning.NewWorkspace(ctx, "example", &machinelearning.WorkspaceArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// KeyVaultId: exampleKeyVault.ID(),
+// StorageAccountId: exampleAccount.ID(),
+// ApplicationInsightsId: example.ID(),
+// Identity: &machinelearning.WorkspaceIdentityArgs{
+// Type: pulumi.String("example-value"),
+// },
+// })
+// if err != nil {
+// return err
+// }
+// _, err = containerservice.NewClusterTrustedAccessRoleBinding(ctx, "example", &containerservice.ClusterTrustedAccessRoleBindingArgs{
+// KubernetesClusterId: exampleKubernetesCluster.ID(),
+// Name: pulumi.String("example"),
+// Roles: pulumi.StringArray("example-value"),
+// SourceResourceId: exampleWorkspace.ID(),
+// })
+// if err != nil {
+// return err
+// }
+// return nil
+// })
+// }
+//
+// ```
+//
+//
// ## Import
//
// An existing Kubernetes Cluster Trusted Access Role Binding can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/go/azure/containerservice/fleetMember.go b/sdk/go/azure/containerservice/fleetMember.go
index 767bbf04a9..b0ec108a1e 100644
--- a/sdk/go/azure/containerservice/fleetMember.go
+++ b/sdk/go/azure/containerservice/fleetMember.go
@@ -16,6 +16,72 @@ import (
//
// Manages a Kubernetes Fleet Member.
//
+// ## Example Usage
+//
+//
+// ```go
+// package main
+//
+// import (
+//
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/containerservice"
+// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
+// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+//
+// )
+//
+// func main() {
+// pulumi.Run(func(ctx *pulumi.Context) error {
+// exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
+// Name: pulumi.String("example-resources"),
+// Location: pulumi.String("West Europe"),
+// })
+// if err != nil {
+// return err
+// }
+// example, err := containerservice.NewKubernetesCluster(ctx, "example", &containerservice.KubernetesClusterArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// DnsPrefix: pulumi.String("acctestaksexample"),
+// DefaultNodePool: &containerservice.KubernetesClusterDefaultNodePoolArgs{
+// Name: pulumi.String("example-value"),
+// NodeCount: pulumi.Int("example-value"),
+// VmSize: pulumi.String("example-value"),
+// UpgradeSettings: &containerservice.KubernetesClusterDefaultNodePoolUpgradeSettingsArgs{
+// MaxSurge: pulumi.String("example-value"),
+// },
+// },
+// Identity: &containerservice.KubernetesClusterIdentityArgs{
+// Type: pulumi.String("example-value"),
+// },
+// })
+// if err != nil {
+// return err
+// }
+// exampleKubernetesFleetManager, err := containerservice.NewKubernetesFleetManager(ctx, "example", &containerservice.KubernetesFleetManagerArgs{
+// Name: pulumi.String("example"),
+// Location: exampleResourceGroup.Location,
+// ResourceGroupName: exampleResourceGroup.Name,
+// })
+// if err != nil {
+// return err
+// }
+// _, err = containerservice.NewFleetMember(ctx, "example", &containerservice.FleetMemberArgs{
+// KubernetesClusterId: example.ID(),
+// KubernetesFleetId: exampleKubernetesFleetManager.ID(),
+// Name: pulumi.String("example"),
+// })
+// if err != nil {
+// return err
+// }
+// return nil
+// })
+// }
+//
+// ```
+//
+//
// ## Import
//
// An existing Kubernetes Fleet Member can be imported into Terraform using the `resource id`, e.g.
diff --git a/sdk/go/azure/cosmosdb/account.go b/sdk/go/azure/cosmosdb/account.go
index 5443b391b1..5b2b5221e5 100644
--- a/sdk/go/azure/cosmosdb/account.go
+++ b/sdk/go/azure/cosmosdb/account.go
@@ -183,13 +183,15 @@ type Account struct {
AnalyticalStorage AccountAnalyticalStorageOutput `pulumi:"analyticalStorage"`
// Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.
AnalyticalStorageEnabled pulumi.BoolPtrOutput `pulumi:"analyticalStorageEnabled"`
+ // Enable automatic failover for this Cosmos DB account.
+ AutomaticFailoverEnabled pulumi.BoolOutput `pulumi:"automaticFailoverEnabled"`
// A `backup` block as defined below.
Backup AccountBackupOutput `pulumi:"backup"`
// The capabilities which should be enabled for this Cosmos DB account. Value is a `capabilities` block as defined below.
Capabilities AccountCapabilityArrayOutput `pulumi:"capabilities"`
// A `capacity` block as defined below.
Capacity AccountCapacityOutput `pulumi:"capacity"`
- // A list of connection strings available for this CosmosDB account.
+ // Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
ConnectionStrings pulumi.StringArrayOutput `pulumi:"connectionStrings"`
// Specifies one `consistencyPolicy` block as defined below, used to define the consistency policy for this CosmosDB account.
ConsistencyPolicy AccountConsistencyPolicyOutput `pulumi:"consistencyPolicy"`
@@ -201,14 +203,16 @@ type Account struct {
CreateMode pulumi.StringOutput `pulumi:"createMode"`
// The default identity for accessing Key Vault. Possible values are `FirstPartyIdentity`, `SystemAssignedIdentity` or `UserAssignedIdentity`. Defaults to `FirstPartyIdentity`.
DefaultIdentityType pulumi.StringPtrOutput `pulumi:"defaultIdentityType"`
- // Enable automatic failover for this Cosmos DB account.
- EnableAutomaticFailover pulumi.BoolPtrOutput `pulumi:"enableAutomaticFailover"`
- // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
- EnableFreeTier pulumi.BoolPtrOutput `pulumi:"enableFreeTier"`
- // Enable multiple write locations for this Cosmos DB account.
- EnableMultipleWriteLocations pulumi.BoolPtrOutput `pulumi:"enableMultipleWriteLocations"`
+ // Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
+ EnableAutomaticFailover pulumi.BoolOutput `pulumi:"enableAutomaticFailover"`
+ // Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
+ EnableFreeTier pulumi.BoolOutput `pulumi:"enableFreeTier"`
+ // Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
+ EnableMultipleWriteLocations pulumi.BoolOutput `pulumi:"enableMultipleWriteLocations"`
// The endpoint used to connect to the CosmosDB account.
Endpoint pulumi.StringOutput `pulumi:"endpoint"`
+ // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ FreeTierEnabled pulumi.BoolOutput `pulumi:"freeTierEnabled"`
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
GeoLocations AccountGeoLocationArrayOutput `pulumi:"geoLocations"`
// An `identity` block as defined below.
@@ -237,6 +241,8 @@ type Account struct {
MinimalTlsVersion pulumi.StringOutput `pulumi:"minimalTlsVersion"`
// The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.
MongoServerVersion pulumi.StringOutput `pulumi:"mongoServerVersion"`
+ // Enable multiple write locations for this Cosmos DB account.
+ MultipleWriteLocationsEnabled pulumi.BoolOutput `pulumi:"multipleWriteLocationsEnabled"`
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
Name pulumi.StringOutput `pulumi:"name"`
// If Azure services can bypass ACLs. Defaults to `false`.
@@ -353,13 +359,15 @@ type accountState struct {
AnalyticalStorage *AccountAnalyticalStorage `pulumi:"analyticalStorage"`
// Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.
AnalyticalStorageEnabled *bool `pulumi:"analyticalStorageEnabled"`
+ // Enable automatic failover for this Cosmos DB account.
+ AutomaticFailoverEnabled *bool `pulumi:"automaticFailoverEnabled"`
// A `backup` block as defined below.
Backup *AccountBackup `pulumi:"backup"`
// The capabilities which should be enabled for this Cosmos DB account. Value is a `capabilities` block as defined below.
Capabilities []AccountCapability `pulumi:"capabilities"`
// A `capacity` block as defined below.
Capacity *AccountCapacity `pulumi:"capacity"`
- // A list of connection strings available for this CosmosDB account.
+ // Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
ConnectionStrings []string `pulumi:"connectionStrings"`
// Specifies one `consistencyPolicy` block as defined below, used to define the consistency policy for this CosmosDB account.
ConsistencyPolicy *AccountConsistencyPolicy `pulumi:"consistencyPolicy"`
@@ -371,14 +379,16 @@ type accountState struct {
CreateMode *string `pulumi:"createMode"`
// The default identity for accessing Key Vault. Possible values are `FirstPartyIdentity`, `SystemAssignedIdentity` or `UserAssignedIdentity`. Defaults to `FirstPartyIdentity`.
DefaultIdentityType *string `pulumi:"defaultIdentityType"`
- // Enable automatic failover for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableAutomaticFailover *bool `pulumi:"enableAutomaticFailover"`
- // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ // Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableFreeTier *bool `pulumi:"enableFreeTier"`
- // Enable multiple write locations for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableMultipleWriteLocations *bool `pulumi:"enableMultipleWriteLocations"`
// The endpoint used to connect to the CosmosDB account.
Endpoint *string `pulumi:"endpoint"`
+ // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ FreeTierEnabled *bool `pulumi:"freeTierEnabled"`
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
GeoLocations []AccountGeoLocation `pulumi:"geoLocations"`
// An `identity` block as defined below.
@@ -407,6 +417,8 @@ type accountState struct {
MinimalTlsVersion *string `pulumi:"minimalTlsVersion"`
// The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.
MongoServerVersion *string `pulumi:"mongoServerVersion"`
+ // Enable multiple write locations for this Cosmos DB account.
+ MultipleWriteLocationsEnabled *bool `pulumi:"multipleWriteLocationsEnabled"`
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
// If Azure services can bypass ACLs. Defaults to `false`.
@@ -466,13 +478,15 @@ type AccountState struct {
AnalyticalStorage AccountAnalyticalStoragePtrInput
// Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.
AnalyticalStorageEnabled pulumi.BoolPtrInput
+ // Enable automatic failover for this Cosmos DB account.
+ AutomaticFailoverEnabled pulumi.BoolPtrInput
// A `backup` block as defined below.
Backup AccountBackupPtrInput
// The capabilities which should be enabled for this Cosmos DB account. Value is a `capabilities` block as defined below.
Capabilities AccountCapabilityArrayInput
// A `capacity` block as defined below.
Capacity AccountCapacityPtrInput
- // A list of connection strings available for this CosmosDB account.
+ // Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
ConnectionStrings pulumi.StringArrayInput
// Specifies one `consistencyPolicy` block as defined below, used to define the consistency policy for this CosmosDB account.
ConsistencyPolicy AccountConsistencyPolicyPtrInput
@@ -484,14 +498,16 @@ type AccountState struct {
CreateMode pulumi.StringPtrInput
// The default identity for accessing Key Vault. Possible values are `FirstPartyIdentity`, `SystemAssignedIdentity` or `UserAssignedIdentity`. Defaults to `FirstPartyIdentity`.
DefaultIdentityType pulumi.StringPtrInput
- // Enable automatic failover for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableAutomaticFailover pulumi.BoolPtrInput
- // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ // Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableFreeTier pulumi.BoolPtrInput
- // Enable multiple write locations for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableMultipleWriteLocations pulumi.BoolPtrInput
// The endpoint used to connect to the CosmosDB account.
Endpoint pulumi.StringPtrInput
+ // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ FreeTierEnabled pulumi.BoolPtrInput
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
GeoLocations AccountGeoLocationArrayInput
// An `identity` block as defined below.
@@ -520,6 +536,8 @@ type AccountState struct {
MinimalTlsVersion pulumi.StringPtrInput
// The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.
MongoServerVersion pulumi.StringPtrInput
+ // Enable multiple write locations for this Cosmos DB account.
+ MultipleWriteLocationsEnabled pulumi.BoolPtrInput
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
// If Azure services can bypass ACLs. Defaults to `false`.
@@ -583,6 +601,8 @@ type accountArgs struct {
AnalyticalStorage *AccountAnalyticalStorage `pulumi:"analyticalStorage"`
// Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.
AnalyticalStorageEnabled *bool `pulumi:"analyticalStorageEnabled"`
+ // Enable automatic failover for this Cosmos DB account.
+ AutomaticFailoverEnabled *bool `pulumi:"automaticFailoverEnabled"`
// A `backup` block as defined below.
Backup *AccountBackup `pulumi:"backup"`
// The capabilities which should be enabled for this Cosmos DB account. Value is a `capabilities` block as defined below.
@@ -599,12 +619,14 @@ type accountArgs struct {
CreateMode *string `pulumi:"createMode"`
// The default identity for accessing Key Vault. Possible values are `FirstPartyIdentity`, `SystemAssignedIdentity` or `UserAssignedIdentity`. Defaults to `FirstPartyIdentity`.
DefaultIdentityType *string `pulumi:"defaultIdentityType"`
- // Enable automatic failover for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableAutomaticFailover *bool `pulumi:"enableAutomaticFailover"`
- // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ // Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableFreeTier *bool `pulumi:"enableFreeTier"`
- // Enable multiple write locations for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableMultipleWriteLocations *bool `pulumi:"enableMultipleWriteLocations"`
+ // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ FreeTierEnabled *bool `pulumi:"freeTierEnabled"`
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
GeoLocations []AccountGeoLocation `pulumi:"geoLocations"`
// An `identity` block as defined below.
@@ -633,6 +655,8 @@ type accountArgs struct {
MinimalTlsVersion *string `pulumi:"minimalTlsVersion"`
// The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.
MongoServerVersion *string `pulumi:"mongoServerVersion"`
+ // Enable multiple write locations for this Cosmos DB account.
+ MultipleWriteLocationsEnabled *bool `pulumi:"multipleWriteLocationsEnabled"`
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
Name *string `pulumi:"name"`
// If Azure services can bypass ACLs. Defaults to `false`.
@@ -665,6 +689,8 @@ type AccountArgs struct {
AnalyticalStorage AccountAnalyticalStoragePtrInput
// Enable Analytical Storage option for this Cosmos DB account. Defaults to `false`. Enabling and then disabling analytical storage forces a new resource to be created.
AnalyticalStorageEnabled pulumi.BoolPtrInput
+ // Enable automatic failover for this Cosmos DB account.
+ AutomaticFailoverEnabled pulumi.BoolPtrInput
// A `backup` block as defined below.
Backup AccountBackupPtrInput
// The capabilities which should be enabled for this Cosmos DB account. Value is a `capabilities` block as defined below.
@@ -681,12 +707,14 @@ type AccountArgs struct {
CreateMode pulumi.StringPtrInput
// The default identity for accessing Key Vault. Possible values are `FirstPartyIdentity`, `SystemAssignedIdentity` or `UserAssignedIdentity`. Defaults to `FirstPartyIdentity`.
DefaultIdentityType pulumi.StringPtrInput
- // Enable automatic failover for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableAutomaticFailover pulumi.BoolPtrInput
- // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ // Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableFreeTier pulumi.BoolPtrInput
- // Enable multiple write locations for this Cosmos DB account.
+ // Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
EnableMultipleWriteLocations pulumi.BoolPtrInput
+ // Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+ FreeTierEnabled pulumi.BoolPtrInput
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
GeoLocations AccountGeoLocationArrayInput
// An `identity` block as defined below.
@@ -715,6 +743,8 @@ type AccountArgs struct {
MinimalTlsVersion pulumi.StringPtrInput
// The Server Version of a MongoDB account. Possible values are `4.2`, `4.0`, `3.6`, and `3.2`.
MongoServerVersion pulumi.StringPtrInput
+ // Enable multiple write locations for this Cosmos DB account.
+ MultipleWriteLocationsEnabled pulumi.BoolPtrInput
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
Name pulumi.StringPtrInput
// If Azure services can bypass ACLs. Defaults to `false`.
@@ -841,6 +871,11 @@ func (o AccountOutput) AnalyticalStorageEnabled() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Account) pulumi.BoolPtrOutput { return v.AnalyticalStorageEnabled }).(pulumi.BoolPtrOutput)
}
+// Enable automatic failover for this Cosmos DB account.
+func (o AccountOutput) AutomaticFailoverEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.AutomaticFailoverEnabled }).(pulumi.BoolOutput)
+}
+
// A `backup` block as defined below.
func (o AccountOutput) Backup() AccountBackupOutput {
return o.ApplyT(func(v *Account) AccountBackupOutput { return v.Backup }).(AccountBackupOutput)
@@ -856,7 +891,7 @@ func (o AccountOutput) Capacity() AccountCapacityOutput {
return o.ApplyT(func(v *Account) AccountCapacityOutput { return v.Capacity }).(AccountCapacityOutput)
}
-// A list of connection strings available for this CosmosDB account.
+// Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
func (o AccountOutput) ConnectionStrings() pulumi.StringArrayOutput {
return o.ApplyT(func(v *Account) pulumi.StringArrayOutput { return v.ConnectionStrings }).(pulumi.StringArrayOutput)
}
@@ -883,19 +918,19 @@ func (o AccountOutput) DefaultIdentityType() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Account) pulumi.StringPtrOutput { return v.DefaultIdentityType }).(pulumi.StringPtrOutput)
}
-// Enable automatic failover for this Cosmos DB account.
-func (o AccountOutput) EnableAutomaticFailover() pulumi.BoolPtrOutput {
- return o.ApplyT(func(v *Account) pulumi.BoolPtrOutput { return v.EnableAutomaticFailover }).(pulumi.BoolPtrOutput)
+// Deprecated: This property has been superseded by `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM Provider
+func (o AccountOutput) EnableAutomaticFailover() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.EnableAutomaticFailover }).(pulumi.BoolOutput)
}
-// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
-func (o AccountOutput) EnableFreeTier() pulumi.BoolPtrOutput {
- return o.ApplyT(func(v *Account) pulumi.BoolPtrOutput { return v.EnableFreeTier }).(pulumi.BoolPtrOutput)
+// Deprecated: This property has been superseded by `freeTierEnabled` and will be removed in v4.0 of the AzureRM Provider
+func (o AccountOutput) EnableFreeTier() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.EnableFreeTier }).(pulumi.BoolOutput)
}
-// Enable multiple write locations for this Cosmos DB account.
-func (o AccountOutput) EnableMultipleWriteLocations() pulumi.BoolPtrOutput {
- return o.ApplyT(func(v *Account) pulumi.BoolPtrOutput { return v.EnableMultipleWriteLocations }).(pulumi.BoolPtrOutput)
+// Deprecated: This property has been superseded by `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM Provider
+func (o AccountOutput) EnableMultipleWriteLocations() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.EnableMultipleWriteLocations }).(pulumi.BoolOutput)
}
// The endpoint used to connect to the CosmosDB account.
@@ -903,6 +938,11 @@ func (o AccountOutput) Endpoint() pulumi.StringOutput {
return o.ApplyT(func(v *Account) pulumi.StringOutput { return v.Endpoint }).(pulumi.StringOutput)
}
+// Enable the Free Tier pricing option for this Cosmos DB account. Defaults to `false`. Changing this forces a new resource to be created.
+func (o AccountOutput) FreeTierEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.FreeTierEnabled }).(pulumi.BoolOutput)
+}
+
// Specifies a `geoLocation` resource, used to define where data should be replicated with the `failoverPriority` 0 specifying the primary location. Value is a `geoLocation` block as defined below.
func (o AccountOutput) GeoLocations() AccountGeoLocationArrayOutput {
return o.ApplyT(func(v *Account) AccountGeoLocationArrayOutput { return v.GeoLocations }).(AccountGeoLocationArrayOutput)
@@ -961,6 +1001,11 @@ func (o AccountOutput) MongoServerVersion() pulumi.StringOutput {
return o.ApplyT(func(v *Account) pulumi.StringOutput { return v.MongoServerVersion }).(pulumi.StringOutput)
}
+// Enable multiple write locations for this Cosmos DB account.
+func (o AccountOutput) MultipleWriteLocationsEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v *Account) pulumi.BoolOutput { return v.MultipleWriteLocationsEnabled }).(pulumi.BoolOutput)
+}
+
// Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created.
func (o AccountOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v *Account) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
diff --git a/sdk/go/azure/cosmosdb/getAccount.go b/sdk/go/azure/cosmosdb/getAccount.go
index 3e9c63a751..8c9f1fe75e 100644
--- a/sdk/go/azure/cosmosdb/getAccount.go
+++ b/sdk/go/azure/cosmosdb/getAccount.go
@@ -62,20 +62,24 @@ type LookupAccountArgs struct {
// A collection of values returned by getAccount.
type LookupAccountResult struct {
+ // If automatic failover is enabled for this CosmosDB Account.
+ AutomaticFailoverEnabled bool `pulumi:"automaticFailoverEnabled"`
// Capabilities enabled on this Cosmos DB account.
Capabilities []GetAccountCapability `pulumi:"capabilities"`
- // A list of connection strings available for this CosmosDB account.
+ // Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
ConnectionStrings []string `pulumi:"connectionStrings"`
ConsistencyPolicies []GetAccountConsistencyPolicy `pulumi:"consistencyPolicies"`
- // If automatic failover is enabled for this CosmosDB Account.
+ // Deprecated: This property has been renamed to `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM provider
EnableAutomaticFailover bool `pulumi:"enableAutomaticFailover"`
- // If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
+ // Deprecated: This property has been renamed to `freeTierEnabled` and will be removed in v4.0 of the AzureRM provider
EnableFreeTier bool `pulumi:"enableFreeTier"`
- // If multiple write locations are enabled for this Cosmos DB account.
+ // Deprecated: This property has been renamed to `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM provider
EnableMultipleWriteLocations bool `pulumi:"enableMultipleWriteLocations"`
// The endpoint used to connect to the CosmosDB account.
- Endpoint string `pulumi:"endpoint"`
- GeoLocations []GetAccountGeoLocation `pulumi:"geoLocations"`
+ Endpoint string `pulumi:"endpoint"`
+ // If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
+ FreeTierEnabled bool `pulumi:"freeTierEnabled"`
+ GeoLocations []GetAccountGeoLocation `pulumi:"geoLocations"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// The current IP Filter for this CosmosDB account
@@ -88,7 +92,9 @@ type LookupAccountResult struct {
Kind string `pulumi:"kind"`
// The name of the Azure region hosting replicated data.
Location string `pulumi:"location"`
- Name string `pulumi:"name"`
+ // If multiple write locations are enabled for this Cosmos DB account.
+ MultipleWriteLocationsEnabled bool `pulumi:"multipleWriteLocationsEnabled"`
+ Name string `pulumi:"name"`
// The Offer Type to used by this CosmosDB Account.
OfferType string `pulumi:"offerType"`
// The primary key for the CosmosDB account.
@@ -166,12 +172,17 @@ func (o LookupAccountResultOutput) ToLookupAccountResultOutputWithContext(ctx co
return o
}
+// If automatic failover is enabled for this CosmosDB Account.
+func (o LookupAccountResultOutput) AutomaticFailoverEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupAccountResult) bool { return v.AutomaticFailoverEnabled }).(pulumi.BoolOutput)
+}
+
// Capabilities enabled on this Cosmos DB account.
func (o LookupAccountResultOutput) Capabilities() GetAccountCapabilityArrayOutput {
return o.ApplyT(func(v LookupAccountResult) []GetAccountCapability { return v.Capabilities }).(GetAccountCapabilityArrayOutput)
}
-// A list of connection strings available for this CosmosDB account.
+// Deprecated: This property has been superseded by the primary and secondary connection strings for sql, mongodb and readonly and will be removed in v4.0 of the AzureRM provider
func (o LookupAccountResultOutput) ConnectionStrings() pulumi.StringArrayOutput {
return o.ApplyT(func(v LookupAccountResult) []string { return v.ConnectionStrings }).(pulumi.StringArrayOutput)
}
@@ -180,17 +191,17 @@ func (o LookupAccountResultOutput) ConsistencyPolicies() GetAccountConsistencyPo
return o.ApplyT(func(v LookupAccountResult) []GetAccountConsistencyPolicy { return v.ConsistencyPolicies }).(GetAccountConsistencyPolicyArrayOutput)
}
-// If automatic failover is enabled for this CosmosDB Account.
+// Deprecated: This property has been renamed to `automaticFailoverEnabled` and will be removed in v4.0 of the AzureRM provider
func (o LookupAccountResultOutput) EnableAutomaticFailover() pulumi.BoolOutput {
return o.ApplyT(func(v LookupAccountResult) bool { return v.EnableAutomaticFailover }).(pulumi.BoolOutput)
}
-// If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
+// Deprecated: This property has been renamed to `freeTierEnabled` and will be removed in v4.0 of the AzureRM provider
func (o LookupAccountResultOutput) EnableFreeTier() pulumi.BoolOutput {
return o.ApplyT(func(v LookupAccountResult) bool { return v.EnableFreeTier }).(pulumi.BoolOutput)
}
-// If multiple write locations are enabled for this Cosmos DB account.
+// Deprecated: This property has been renamed to `multipleWriteLocationsEnabled` and will be removed in v4.0 of the AzureRM provider
func (o LookupAccountResultOutput) EnableMultipleWriteLocations() pulumi.BoolOutput {
return o.ApplyT(func(v LookupAccountResult) bool { return v.EnableMultipleWriteLocations }).(pulumi.BoolOutput)
}
@@ -200,6 +211,11 @@ func (o LookupAccountResultOutput) Endpoint() pulumi.StringOutput {
return o.ApplyT(func(v LookupAccountResult) string { return v.Endpoint }).(pulumi.StringOutput)
}
+// If Free Tier pricing option is enabled for this CosmosDB Account. You can have up to one free tier Azure Cosmos DB account per Azure subscription.
+func (o LookupAccountResultOutput) FreeTierEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupAccountResult) bool { return v.FreeTierEnabled }).(pulumi.BoolOutput)
+}
+
func (o LookupAccountResultOutput) GeoLocations() GetAccountGeoLocationArrayOutput {
return o.ApplyT(func(v LookupAccountResult) []GetAccountGeoLocation { return v.GeoLocations }).(GetAccountGeoLocationArrayOutput)
}
@@ -234,6 +250,11 @@ func (o LookupAccountResultOutput) Location() pulumi.StringOutput {
return o.ApplyT(func(v LookupAccountResult) string { return v.Location }).(pulumi.StringOutput)
}
+// If multiple write locations are enabled for this Cosmos DB account.
+func (o LookupAccountResultOutput) MultipleWriteLocationsEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v LookupAccountResult) bool { return v.MultipleWriteLocationsEnabled }).(pulumi.BoolOutput)
+}
+
func (o LookupAccountResultOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v LookupAccountResult) string { return v.Name }).(pulumi.StringOutput)
}
diff --git a/sdk/go/azure/keyvault/certifiate.go b/sdk/go/azure/keyvault/certifiate.go
index 33915b5990..188e72da86 100644
--- a/sdk/go/azure/keyvault/certifiate.go
+++ b/sdk/go/azure/keyvault/certifiate.go
@@ -14,11 +14,6 @@ import (
// Manages a Key Vault Certificate.
//
-// <<<<<<< HEAD
-// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purgeSoftDeletedCertificatesOnDestroy` for more information.
-//
-// =======
-// > > > > > > > 8d78c87098 (Update-documentation)
// ## Example Usage
//
// ### Importing A PFX)
diff --git a/sdk/go/azure/keyvault/certificate.go b/sdk/go/azure/keyvault/certificate.go
index f221e150f5..c1df73026c 100644
--- a/sdk/go/azure/keyvault/certificate.go
+++ b/sdk/go/azure/keyvault/certificate.go
@@ -14,11 +14,6 @@ import (
// Manages a Key Vault Certificate.
//
-// <<<<<<< HEAD
-// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Certificate resource on destroy, rather than the default soft-delete. See `purgeSoftDeletedCertificatesOnDestroy` for more information.
-//
-// =======
-// > > > > > > > 8d78c87098 (Update-documentation)
// ## Example Usage
//
// ### Importing A PFX)
diff --git a/sdk/go/azure/keyvault/certificateContacts.go b/sdk/go/azure/keyvault/certificateContacts.go
index 4ffe8ddfda..e41d50ac9c 100644
--- a/sdk/go/azure/keyvault/certificateContacts.go
+++ b/sdk/go/azure/keyvault/certificateContacts.go
@@ -16,6 +16,7 @@ import (
//
// ## Disclaimers
//
+//
// > **Note:** It's possible to define Key Vault Certificate Contacts both within the `keyvault.KeyVault` resource via the `contact` block and by using the `keyvault.CertificateContacts` resource. However it's not possible to use both methods to manage Certificate Contacts within a KeyVault, since there'll be conflicts.
//
// ## Example Usage
@@ -106,6 +107,7 @@ type CertificateContacts struct {
pulumi.CustomResourceState
// One or more `contact` blocks as defined below.
+ // -->
Contacts CertificateContactsContactArrayOutput `pulumi:"contacts"`
// The ID of the Key Vault. Changing this forces a new resource to be created.
KeyVaultId pulumi.StringOutput `pulumi:"keyVaultId"`
@@ -148,6 +150,7 @@ func GetCertificateContacts(ctx *pulumi.Context,
// Input properties used for looking up and filtering CertificateContacts resources.
type certificateContactsState struct {
// One or more `contact` blocks as defined below.
+ // -->
Contacts []CertificateContactsContact `pulumi:"contacts"`
// The ID of the Key Vault. Changing this forces a new resource to be created.
KeyVaultId *string `pulumi:"keyVaultId"`
@@ -155,6 +158,7 @@ type certificateContactsState struct {
type CertificateContactsState struct {
// One or more `contact` blocks as defined below.
+ // -->
Contacts CertificateContactsContactArrayInput
// The ID of the Key Vault. Changing this forces a new resource to be created.
KeyVaultId pulumi.StringPtrInput
@@ -166,6 +170,7 @@ func (CertificateContactsState) ElementType() reflect.Type {
type certificateContactsArgs struct {
// One or more `contact` blocks as defined below.
+ // -->
Contacts []CertificateContactsContact `pulumi:"contacts"`
// The ID of the Key Vault. Changing this forces a new resource to be created.
KeyVaultId string `pulumi:"keyVaultId"`
@@ -174,6 +179,7 @@ type certificateContactsArgs struct {
// The set of arguments for constructing a CertificateContacts resource.
type CertificateContactsArgs struct {
// One or more `contact` blocks as defined below.
+ // -->
Contacts CertificateContactsContactArrayInput
// The ID of the Key Vault. Changing this forces a new resource to be created.
KeyVaultId pulumi.StringInput
@@ -267,6 +273,7 @@ func (o CertificateContactsOutput) ToCertificateContactsOutputWithContext(ctx co
}
// One or more `contact` blocks as defined below.
+// -->
func (o CertificateContactsOutput) Contacts() CertificateContactsContactArrayOutput {
return o.ApplyT(func(v *CertificateContacts) CertificateContactsContactArrayOutput { return v.Contacts }).(CertificateContactsContactArrayOutput)
}
diff --git a/sdk/go/azure/keyvault/keyVault.go b/sdk/go/azure/keyvault/keyVault.go
index 29747ed00b..6db29a258a 100644
--- a/sdk/go/azure/keyvault/keyVault.go
+++ b/sdk/go/azure/keyvault/keyVault.go
@@ -101,6 +101,8 @@ type KeyVault struct {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+ //
+ // Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
Contacts KeyVaultContactArrayOutput `pulumi:"contacts"`
// Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
EnableRbacAuthorization pulumi.BoolPtrOutput `pulumi:"enableRbacAuthorization"`
@@ -129,6 +131,8 @@ type KeyVault struct {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+ //
+ //
SoftDeleteRetentionDays pulumi.IntPtrOutput `pulumi:"softDeleteRetentionDays"`
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapOutput `pulumi:"tags"`
@@ -186,6 +190,8 @@ type keyVaultState struct {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+ //
+ // Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
Contacts []KeyVaultContact `pulumi:"contacts"`
// Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
EnableRbacAuthorization *bool `pulumi:"enableRbacAuthorization"`
@@ -214,6 +220,8 @@ type keyVaultState struct {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+ //
+ //
SoftDeleteRetentionDays *int `pulumi:"softDeleteRetentionDays"`
// A mapping of tags to assign to the resource.
Tags map[string]string `pulumi:"tags"`
@@ -233,6 +241,8 @@ type KeyVaultState struct {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+ //
+ // Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
Contacts KeyVaultContactArrayInput
// Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
EnableRbacAuthorization pulumi.BoolPtrInput
@@ -261,6 +271,8 @@ type KeyVaultState struct {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+ //
+ //
SoftDeleteRetentionDays pulumi.IntPtrInput
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapInput
@@ -284,6 +296,8 @@ type keyVaultArgs struct {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+ //
+ // Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
Contacts []KeyVaultContact `pulumi:"contacts"`
// Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
EnableRbacAuthorization *bool `pulumi:"enableRbacAuthorization"`
@@ -312,6 +326,8 @@ type keyVaultArgs struct {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+ //
+ //
SoftDeleteRetentionDays *int `pulumi:"softDeleteRetentionDays"`
// A mapping of tags to assign to the resource.
Tags map[string]string `pulumi:"tags"`
@@ -330,6 +346,8 @@ type KeyVaultArgs struct {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+ //
+ // Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
Contacts KeyVaultContactArrayInput
// Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions.
EnableRbacAuthorization pulumi.BoolPtrInput
@@ -358,6 +376,8 @@ type KeyVaultArgs struct {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+ //
+ //
SoftDeleteRetentionDays pulumi.IntPtrInput
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapInput
@@ -464,6 +484,8 @@ func (o KeyVaultOutput) AccessPolicies() KeyVaultAccessPolicyArrayOutput {
// > **Note:** This field can only be set once user has `managecontacts` certificate permission.
//
// > **Note:** This field can only be set when `publicNetworkAccessEnabled` is set to `true`. To manage the `contact` with `publicNetworkAccessEnabled` set to `false`, please use the `keyvault.CertificateContacts` resource instead of this property, and remove this property from the configuration. Especially for existing `keyvault.KeyVault`, this means you'll need to import the `keyvault.CertificateContacts` manually.
+//
+// Deprecated: As the `contact` property requires reaching out to the dataplane, to better support private endpoints and keyvaults with public network access disabled, `contact` will be removed in favour of the `keyvault.CertificateContacts` resource in version 4.0 of the AzureRM Provider.
func (o KeyVaultOutput) Contacts() KeyVaultContactArrayOutput {
return o.ApplyT(func(v *KeyVault) KeyVaultContactArrayOutput { return v.Contacts }).(KeyVaultContactArrayOutput)
}
@@ -528,6 +550,8 @@ func (o KeyVaultOutput) SkuName() pulumi.StringOutput {
// The number of days that items should be retained for once soft-deleted. This value can be between `7` and `90` (the default) days.
//
// > **Note:** This field can only be configured one time and cannot be updated.
+//
+//
func (o KeyVaultOutput) SoftDeleteRetentionDays() pulumi.IntPtrOutput {
return o.ApplyT(func(v *KeyVault) pulumi.IntPtrOutput { return v.SoftDeleteRetentionDays }).(pulumi.IntPtrOutput)
}
diff --git a/sdk/go/azure/keyvault/secret.go b/sdk/go/azure/keyvault/secret.go
index 5ee3cd627c..35646ea517 100644
--- a/sdk/go/azure/keyvault/secret.go
+++ b/sdk/go/azure/keyvault/secret.go
@@ -14,14 +14,6 @@ import (
// Manages a Key Vault Secret.
//
-// <<<<<<< HEAD
-// > **Note:** All arguments including the secret value will be stored in the raw state as plain-text.
-// [Read more about sensitive data in state](https://www.terraform.io/docs/state/sensitive-data.html).
-//
-// > **Note:** The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete. See `purgeSoftDeletedSecretsOnDestroy` for more information.
-//
-// =======
-// > > > > > > > 8d78c87098 (Update-documentation)
// ## Example Usage
//
//
diff --git a/sdk/go/azure/network/getPublicIpPrefix.go b/sdk/go/azure/network/getPublicIpPrefix.go
index a875c62ab8..55a5b9dda2 100644
--- a/sdk/go/azure/network/getPublicIpPrefix.go
+++ b/sdk/go/azure/network/getPublicIpPrefix.go
@@ -65,15 +65,14 @@ type LookupPublicIpPrefixArgs struct {
// A collection of values returned by getPublicIpPrefix.
type LookupPublicIpPrefixResult struct {
// The provider-assigned unique ID for this managed resource.
- Id string `pulumi:"id"`
+ Id string `pulumi:"id"`
+ // The Public IP address range, in CIDR notation.
IpPrefix string `pulumi:"ipPrefix"`
// The supported Azure location where the resource exists.
Location string `pulumi:"location"`
- // The name of the Public IP prefix resource.
- Name string `pulumi:"name"`
+ Name string `pulumi:"name"`
// The number of bits of the prefix.
- PrefixLength int `pulumi:"prefixLength"`
- // The name of the resource group in which to create the public IP.
+ PrefixLength int `pulumi:"prefixLength"`
ResourceGroupName string `pulumi:"resourceGroupName"`
// The SKU of the Public IP Prefix.
Sku string `pulumi:"sku"`
@@ -128,6 +127,7 @@ func (o LookupPublicIpPrefixResultOutput) Id() pulumi.StringOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) string { return v.Id }).(pulumi.StringOutput)
}
+// The Public IP address range, in CIDR notation.
func (o LookupPublicIpPrefixResultOutput) IpPrefix() pulumi.StringOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) string { return v.IpPrefix }).(pulumi.StringOutput)
}
@@ -137,7 +137,6 @@ func (o LookupPublicIpPrefixResultOutput) Location() pulumi.StringOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) string { return v.Location }).(pulumi.StringOutput)
}
-// The name of the Public IP prefix resource.
func (o LookupPublicIpPrefixResultOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) string { return v.Name }).(pulumi.StringOutput)
}
@@ -147,7 +146,6 @@ func (o LookupPublicIpPrefixResultOutput) PrefixLength() pulumi.IntOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) int { return v.PrefixLength }).(pulumi.IntOutput)
}
-// The name of the resource group in which to create the public IP.
func (o LookupPublicIpPrefixResultOutput) ResourceGroupName() pulumi.StringOutput {
return o.ApplyT(func(v LookupPublicIpPrefixResult) string { return v.ResourceGroupName }).(pulumi.StringOutput)
}
diff --git a/sdk/go/azure/network/pulumiTypes.go b/sdk/go/azure/network/pulumiTypes.go
index c3023d22ac..b3f8c343ae 100644
--- a/sdk/go/azure/network/pulumiTypes.go
+++ b/sdk/go/azure/network/pulumiTypes.go
@@ -17592,7 +17592,7 @@ type SubnetDelegationServiceDelegation struct {
//
// > **NOTE:** Azure may add default actions depending on the service delegation name and they can't be changed.
Actions []string `pulumi:"actions"`
- // The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+ // The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
Name string `pulumi:"name"`
}
@@ -17612,7 +17612,7 @@ type SubnetDelegationServiceDelegationArgs struct {
//
// > **NOTE:** Azure may add default actions depending on the service delegation name and they can't be changed.
Actions pulumi.StringArrayInput `pulumi:"actions"`
- // The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+ // The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
Name pulumi.StringInput `pulumi:"name"`
}
@@ -17649,7 +17649,7 @@ func (o SubnetDelegationServiceDelegationOutput) Actions() pulumi.StringArrayOut
return o.ApplyT(func(v SubnetDelegationServiceDelegation) []string { return v.Actions }).(pulumi.StringArrayOutput)
}
-// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls` and `Qumulo.Storage/fileSystems`.
+// The name of service to delegate to. Possible values are `GitHub.Network/networkSettings`, `Microsoft.ApiManagement/service`, `Microsoft.Apollo/npu`, `Microsoft.App/environments`, `Microsoft.App/testClients`, `Microsoft.AVS/PrivateClouds`, `Microsoft.AzureCosmosDB/clusters`, `Microsoft.BareMetal/AzureHostedService`, `Microsoft.BareMetal/AzureHPC`, `Microsoft.BareMetal/AzurePaymentHSM`, `Microsoft.BareMetal/AzureVMware`, `Microsoft.BareMetal/CrayServers`, `Microsoft.BareMetal/MonitoringServers`, `Microsoft.Batch/batchAccounts`, `Microsoft.CloudTest/hostedpools`, `Microsoft.CloudTest/images`, `Microsoft.CloudTest/pools`, `Microsoft.Codespaces/plans`, `Microsoft.ContainerInstance/containerGroups`, `Microsoft.ContainerService/managedClusters`, `Microsoft.ContainerService/TestClients`, `Microsoft.Databricks/workspaces`, `Microsoft.DBforMySQL/flexibleServers`, `Microsoft.DBforMySQL/servers`, `Microsoft.DBforMySQL/serversv2`, `Microsoft.DBforPostgreSQL/flexibleServers`, `Microsoft.DBforPostgreSQL/serversv2`, `Microsoft.DBforPostgreSQL/singleServers`, `Microsoft.DelegatedNetwork/controller`, `Microsoft.DevCenter/networkConnection`, `Microsoft.DocumentDB/cassandraClusters`, `Microsoft.Fidalgo/networkSettings`, `Microsoft.HardwareSecurityModules/dedicatedHSMs`, `Microsoft.Kusto/clusters`, `Microsoft.LabServices/labplans`, `Microsoft.Logic/integrationServiceEnvironments`, `Microsoft.MachineLearningServices/workspaces`, `Microsoft.Netapp/volumes`, `Microsoft.Network/dnsResolvers`, `Microsoft.Network/managedResolvers`, `Microsoft.Network/fpgaNetworkInterfaces`, `Microsoft.Network/networkWatchers.`, `Microsoft.Network/virtualNetworkGateways`, `Microsoft.Orbital/orbitalGateways`, `Microsoft.PowerPlatform/enterprisePolicies`, `Microsoft.PowerPlatform/vnetaccesslinks`, `Microsoft.ServiceFabricMesh/networks`, `Microsoft.ServiceNetworking/trafficControllers`, `Microsoft.Singularity/accounts/networks`, `Microsoft.Singularity/accounts/npu`, `Microsoft.Sql/managedInstances`, `Microsoft.Sql/managedInstancesOnebox`, `Microsoft.Sql/managedInstancesStage`, `Microsoft.Sql/managedInstancesTest`, `Microsoft.Sql/servers`, `Microsoft.StoragePool/diskPools`, `Microsoft.StreamAnalytics/streamingJobs`, `Microsoft.Synapse/workspaces`, `Microsoft.Web/hostingEnvironments`, `Microsoft.Web/serverFarms`, `NGINX.NGINXPLUS/nginxDeployments`, `PaloAltoNetworks.Cloudngfw/firewalls`, `Qumulo.Storage/fileSystems`, and `Oracle.Database/networkAttachments`.
func (o SubnetDelegationServiceDelegationOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v SubnetDelegationServiceDelegation) string { return v.Name }).(pulumi.StringOutput)
}
diff --git a/sdk/go/azure/provider.go b/sdk/go/azure/provider.go
index 5fef4055b9..6f695927f1 100644
--- a/sdk/go/azure/provider.go
+++ b/sdk/go/azure/provider.go
@@ -35,7 +35,8 @@ type Provider struct {
// The path to a file containing the Client Secret which should be used. For use When authenticating as a Service Principal
// using a Client Secret.
ClientSecretFilePath pulumi.StringPtrOutput `pulumi:"clientSecretFilePath"`
- // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ // used and should not be specified when `metadata_host` is specified.
Environment pulumi.StringPtrOutput `pulumi:"environment"`
// The Hostname which should be used for the Azure Metadata Service.
MetadataHost pulumi.StringPtrOutput `pulumi:"metadataHost"`
@@ -178,7 +179,8 @@ type providerArgs struct {
DisableCorrelationRequestId *bool `pulumi:"disableCorrelationRequestId"`
// This will disable the Terraform Partner ID which is used if a custom `partner_id` isn't specified.
DisableTerraformPartnerId *bool `pulumi:"disableTerraformPartnerId"`
- // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ // used and should not be specified when `metadata_host` is specified.
Environment *string `pulumi:"environment"`
Features *ProviderFeatures `pulumi:"features"`
// The Hostname which should be used for the Azure Metadata Service.
@@ -241,7 +243,8 @@ type ProviderArgs struct {
DisableCorrelationRequestId pulumi.BoolPtrInput
// This will disable the Terraform Partner ID which is used if a custom `partner_id` isn't specified.
DisableTerraformPartnerId pulumi.BoolPtrInput
- // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ // The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ // used and should not be specified when `metadata_host` is specified.
Environment pulumi.StringPtrInput
Features ProviderFeaturesPtrInput
// The Hostname which should be used for the Azure Metadata Service.
@@ -355,7 +358,8 @@ func (o ProviderOutput) ClientSecretFilePath() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.ClientSecretFilePath }).(pulumi.StringPtrOutput)
}
-// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+// The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+// used and should not be specified when `metadata_host` is specified.
func (o ProviderOutput) Environment() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.Environment }).(pulumi.StringPtrOutput)
}
diff --git a/sdk/go/azure/redis/cacheAccessPolicyAssignment.go b/sdk/go/azure/redis/cacheAccessPolicyAssignment.go
index 744efba1a7..d97355fe60 100644
--- a/sdk/go/azure/redis/cacheAccessPolicyAssignment.go
+++ b/sdk/go/azure/redis/cacheAccessPolicyAssignment.go
@@ -91,7 +91,7 @@ type CacheAccessPolicyAssignment struct {
Name pulumi.StringOutput `pulumi:"name"`
// The principal ID to be assigned the Access Policy. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectId pulumi.StringOutput `pulumi:"objectId"`
- // The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ // The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectIdAlias pulumi.StringOutput `pulumi:"objectIdAlias"`
// The ID of the Redis Cache. Changing this forces a new Redis Cache Access Policy Assignment to be created.
RedisCacheId pulumi.StringOutput `pulumi:"redisCacheId"`
@@ -145,7 +145,7 @@ type cacheAccessPolicyAssignmentState struct {
Name *string `pulumi:"name"`
// The principal ID to be assigned the Access Policy. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectId *string `pulumi:"objectId"`
- // The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ // The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectIdAlias *string `pulumi:"objectIdAlias"`
// The ID of the Redis Cache. Changing this forces a new Redis Cache Access Policy Assignment to be created.
RedisCacheId *string `pulumi:"redisCacheId"`
@@ -158,7 +158,7 @@ type CacheAccessPolicyAssignmentState struct {
Name pulumi.StringPtrInput
// The principal ID to be assigned the Access Policy. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectId pulumi.StringPtrInput
- // The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ // The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectIdAlias pulumi.StringPtrInput
// The ID of the Redis Cache. Changing this forces a new Redis Cache Access Policy Assignment to be created.
RedisCacheId pulumi.StringPtrInput
@@ -175,7 +175,7 @@ type cacheAccessPolicyAssignmentArgs struct {
Name *string `pulumi:"name"`
// The principal ID to be assigned the Access Policy. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectId string `pulumi:"objectId"`
- // The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ // The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectIdAlias string `pulumi:"objectIdAlias"`
// The ID of the Redis Cache. Changing this forces a new Redis Cache Access Policy Assignment to be created.
RedisCacheId string `pulumi:"redisCacheId"`
@@ -189,7 +189,7 @@ type CacheAccessPolicyAssignmentArgs struct {
Name pulumi.StringPtrInput
// The principal ID to be assigned the Access Policy. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectId pulumi.StringInput
- // The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+ // The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
ObjectIdAlias pulumi.StringInput
// The ID of the Redis Cache. Changing this forces a new Redis Cache Access Policy Assignment to be created.
RedisCacheId pulumi.StringInput
@@ -297,7 +297,7 @@ func (o CacheAccessPolicyAssignmentOutput) ObjectId() pulumi.StringOutput {
return o.ApplyT(func(v *CacheAccessPolicyAssignment) pulumi.StringOutput { return v.ObjectId }).(pulumi.StringOutput)
}
-// The alias of the principal ID. Possible values are `ServicePrincipal` and `UserMSI`. Changing this forces a new Redis Cache Access Policy Assignment to be created.
+// The alias of the principal ID. User-friendly name for object ID. Also represents username for token based authentication. Changing this forces a new Redis Cache Access Policy Assignment to be created.
func (o CacheAccessPolicyAssignmentOutput) ObjectIdAlias() pulumi.StringOutput {
return o.ApplyT(func(v *CacheAccessPolicyAssignment) pulumi.StringOutput { return v.ObjectIdAlias }).(pulumi.StringOutput)
}
diff --git a/sdk/go/azure/signalr/pulumiTypes.go b/sdk/go/azure/signalr/pulumiTypes.go
index 75e9d313da..9949ce6520 100644
--- a/sdk/go/azure/signalr/pulumiTypes.go
+++ b/sdk/go/azure/signalr/pulumiTypes.go
@@ -812,9 +812,11 @@ func (o ServiceNetworkAclPublicNetworkPtrOutput) DeniedRequestTypes() pulumi.Str
}
type ServiceSku struct {
- // Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+ // Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity int `pulumi:"capacity"`
- // Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+ // Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Name string `pulumi:"name"`
}
@@ -830,9 +832,11 @@ type ServiceSkuInput interface {
}
type ServiceSkuArgs struct {
- // Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+ // Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity pulumi.IntInput `pulumi:"capacity"`
- // Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+ // Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Name pulumi.StringInput `pulumi:"name"`
}
@@ -913,12 +917,14 @@ func (o ServiceSkuOutput) ToServiceSkuPtrOutputWithContext(ctx context.Context)
}).(ServiceSkuPtrOutput)
}
-// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+//
+// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
func (o ServiceSkuOutput) Capacity() pulumi.IntOutput {
return o.ApplyT(func(v ServiceSku) int { return v.Capacity }).(pulumi.IntOutput)
}
-// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
func (o ServiceSkuOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v ServiceSku) string { return v.Name }).(pulumi.StringOutput)
}
@@ -947,7 +953,9 @@ func (o ServiceSkuPtrOutput) Elem() ServiceSkuOutput {
}).(ServiceSkuOutput)
}
-// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90` and `100`.
+// Specifies the number of units associated with this SignalR service. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+//
+// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
func (o ServiceSkuPtrOutput) Capacity() pulumi.IntPtrOutput {
return o.ApplyT(func(v *ServiceSku) *int {
if v == nil {
@@ -957,7 +965,7 @@ func (o ServiceSkuPtrOutput) Capacity() pulumi.IntPtrOutput {
}).(pulumi.IntPtrOutput)
}
-// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1` and `Premium_P1`.
+// Specifies which tier to use. Valid values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
func (o ServiceSkuPtrOutput) Name() pulumi.StringPtrOutput {
return o.ApplyT(func(v *ServiceSku) *string {
if v == nil {
diff --git a/sdk/go/azure/storage/account.go b/sdk/go/azure/storage/account.go
index 66377561ca..cfa6f56b45 100644
--- a/sdk/go/azure/storage/account.go
+++ b/sdk/go/azure/storage/account.go
@@ -292,7 +292,7 @@ type Account struct {
QueueEncryptionKeyType pulumi.StringPtrOutput `pulumi:"queueEncryptionKeyType"`
// A `queueProperties` block as defined below.
//
- // > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+ // > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
QueueProperties AccountQueuePropertiesOutput `pulumi:"queueProperties"`
// The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringOutput `pulumi:"resourceGroupName"`
@@ -377,6 +377,8 @@ type Account struct {
// > **NOTE:** SFTP support requires `isHnsEnabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false`
SftpEnabled pulumi.BoolPtrOutput `pulumi:"sftpEnabled"`
// A `shareProperties` block as defined below.
+ //
+ // > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
ShareProperties AccountSharePropertiesOutput `pulumi:"shareProperties"`
SharedAccessKeyEnabled pulumi.BoolPtrOutput `pulumi:"sharedAccessKeyEnabled"`
// A `staticWebsite` block as defined below.
@@ -585,7 +587,7 @@ type accountState struct {
QueueEncryptionKeyType *string `pulumi:"queueEncryptionKeyType"`
// A `queueProperties` block as defined below.
//
- // > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+ // > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
QueueProperties *AccountQueueProperties `pulumi:"queueProperties"`
// The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
ResourceGroupName *string `pulumi:"resourceGroupName"`
@@ -670,6 +672,8 @@ type accountState struct {
// > **NOTE:** SFTP support requires `isHnsEnabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false`
SftpEnabled *bool `pulumi:"sftpEnabled"`
// A `shareProperties` block as defined below.
+ //
+ // > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
ShareProperties *AccountShareProperties `pulumi:"shareProperties"`
SharedAccessKeyEnabled *bool `pulumi:"sharedAccessKeyEnabled"`
// A `staticWebsite` block as defined below.
@@ -831,7 +835,7 @@ type AccountState struct {
QueueEncryptionKeyType pulumi.StringPtrInput
// A `queueProperties` block as defined below.
//
- // > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+ // > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
QueueProperties AccountQueuePropertiesPtrInput
// The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringPtrInput
@@ -916,6 +920,8 @@ type AccountState struct {
// > **NOTE:** SFTP support requires `isHnsEnabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false`
SftpEnabled pulumi.BoolPtrInput
// A `shareProperties` block as defined below.
+ //
+ // > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
ShareProperties AccountSharePropertiesPtrInput
SharedAccessKeyEnabled pulumi.BoolPtrInput
// A `staticWebsite` block as defined below.
@@ -1009,7 +1015,7 @@ type accountArgs struct {
QueueEncryptionKeyType *string `pulumi:"queueEncryptionKeyType"`
// A `queueProperties` block as defined below.
//
- // > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+ // > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
QueueProperties *AccountQueueProperties `pulumi:"queueProperties"`
// The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
ResourceGroupName string `pulumi:"resourceGroupName"`
@@ -1022,6 +1028,8 @@ type accountArgs struct {
// > **NOTE:** SFTP support requires `isHnsEnabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false`
SftpEnabled *bool `pulumi:"sftpEnabled"`
// A `shareProperties` block as defined below.
+ //
+ // > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
ShareProperties *AccountShareProperties `pulumi:"shareProperties"`
SharedAccessKeyEnabled *bool `pulumi:"sharedAccessKeyEnabled"`
// A `staticWebsite` block as defined below.
@@ -1112,7 +1120,7 @@ type AccountArgs struct {
QueueEncryptionKeyType pulumi.StringPtrInput
// A `queueProperties` block as defined below.
//
- // > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+ // > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
QueueProperties AccountQueuePropertiesPtrInput
// The name of the resource group in which to create the storage account. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringInput
@@ -1125,6 +1133,8 @@ type AccountArgs struct {
// > **NOTE:** SFTP support requires `isHnsEnabled` set to `true`. [More information on SFTP support can be found here](https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support). Defaults to `false`
SftpEnabled pulumi.BoolPtrInput
// A `shareProperties` block as defined below.
+ //
+ // > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
ShareProperties AccountSharePropertiesPtrInput
SharedAccessKeyEnabled pulumi.BoolPtrInput
// A `staticWebsite` block as defined below.
@@ -1564,7 +1574,7 @@ func (o AccountOutput) QueueEncryptionKeyType() pulumi.StringPtrOutput {
// A `queueProperties` block as defined below.
//
-// > **NOTE:** `queueProperties` cannot be set when the `accountKind` is set to `BlobStorage`
+// > **NOTE:** `queueProperties` can only be configured when `accountTier` is set to `Standard` and `accountKind` is set to either `Storage` or `StorageV2`.
func (o AccountOutput) QueueProperties() AccountQueuePropertiesOutput {
return o.ApplyT(func(v *Account) AccountQueuePropertiesOutput { return v.QueueProperties }).(AccountQueuePropertiesOutput)
}
@@ -1772,6 +1782,8 @@ func (o AccountOutput) SftpEnabled() pulumi.BoolPtrOutput {
}
// A `shareProperties` block as defined below.
+//
+// > **NOTE:** `shareProperties` can only be configured when either `accountTier` is `Standard` and `accountKind` is either `Storage` or `StorageV2` - or when `accountTier` is `Premium` and `accountKind` is `FileStorage`.
func (o AccountOutput) ShareProperties() AccountSharePropertiesOutput {
return o.ApplyT(func(v *Account) AccountSharePropertiesOutput { return v.ShareProperties }).(AccountSharePropertiesOutput)
}
diff --git a/sdk/go/azure/storage/blob.go b/sdk/go/azure/storage/blob.go
index d22d4b27b7..444645a295 100644
--- a/sdk/go/azure/storage/blob.go
+++ b/sdk/go/azure/storage/blob.go
@@ -90,6 +90,8 @@ type Blob struct {
ContentMd5 pulumi.StringPtrOutput `pulumi:"contentMd5"`
// The content type of the storage blob. Cannot be defined if `sourceUri` is defined. Defaults to `application/octet-stream`.
ContentType pulumi.StringPtrOutput `pulumi:"contentType"`
+ // The encryption scope to use for this blob.
+ EncryptionScope pulumi.StringPtrOutput `pulumi:"encryptionScope"`
// A map of custom blob metadata.
Metadata pulumi.StringMapOutput `pulumi:"metadata"`
// The name of the storage blob. Must be unique within the storage container the blob is located. Changing this forces a new resource to be created.
@@ -165,6 +167,8 @@ type blobState struct {
ContentMd5 *string `pulumi:"contentMd5"`
// The content type of the storage blob. Cannot be defined if `sourceUri` is defined. Defaults to `application/octet-stream`.
ContentType *string `pulumi:"contentType"`
+ // The encryption scope to use for this blob.
+ EncryptionScope *string `pulumi:"encryptionScope"`
// A map of custom blob metadata.
Metadata map[string]string `pulumi:"metadata"`
// The name of the storage blob. Must be unique within the storage container the blob is located. Changing this forces a new resource to be created.
@@ -202,6 +206,8 @@ type BlobState struct {
ContentMd5 pulumi.StringPtrInput
// The content type of the storage blob. Cannot be defined if `sourceUri` is defined. Defaults to `application/octet-stream`.
ContentType pulumi.StringPtrInput
+ // The encryption scope to use for this blob.
+ EncryptionScope pulumi.StringPtrInput
// A map of custom blob metadata.
Metadata pulumi.StringMapInput
// The name of the storage blob. Must be unique within the storage container the blob is located. Changing this forces a new resource to be created.
@@ -243,6 +249,8 @@ type blobArgs struct {
ContentMd5 *string `pulumi:"contentMd5"`
// The content type of the storage blob. Cannot be defined if `sourceUri` is defined. Defaults to `application/octet-stream`.
ContentType *string `pulumi:"contentType"`
+ // The encryption scope to use for this blob.
+ EncryptionScope *string `pulumi:"encryptionScope"`
// A map of custom blob metadata.
Metadata map[string]string `pulumi:"metadata"`
// The name of the storage blob. Must be unique within the storage container the blob is located. Changing this forces a new resource to be created.
@@ -279,6 +287,8 @@ type BlobArgs struct {
ContentMd5 pulumi.StringPtrInput
// The content type of the storage blob. Cannot be defined if `sourceUri` is defined. Defaults to `application/octet-stream`.
ContentType pulumi.StringPtrInput
+ // The encryption scope to use for this blob.
+ EncryptionScope pulumi.StringPtrInput
// A map of custom blob metadata.
Metadata pulumi.StringMapInput
// The name of the storage blob. Must be unique within the storage container the blob is located. Changing this forces a new resource to be created.
@@ -412,6 +422,11 @@ func (o BlobOutput) ContentType() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Blob) pulumi.StringPtrOutput { return v.ContentType }).(pulumi.StringPtrOutput)
}
+// The encryption scope to use for this blob.
+func (o BlobOutput) EncryptionScope() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *Blob) pulumi.StringPtrOutput { return v.EncryptionScope }).(pulumi.StringPtrOutput)
+}
+
// A map of custom blob metadata.
func (o BlobOutput) Metadata() pulumi.StringMapOutput {
return o.ApplyT(func(v *Blob) pulumi.StringMapOutput { return v.Metadata }).(pulumi.StringMapOutput)
diff --git a/sdk/go/azure/storage/container.go b/sdk/go/azure/storage/container.go
index bac5e3c0ef..b7680c1dbe 100644
--- a/sdk/go/azure/storage/container.go
+++ b/sdk/go/azure/storage/container.go
@@ -79,6 +79,10 @@ type Container struct {
//
// > **Note** When updating `containerAccessType` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.
ContainerAccessType pulumi.StringPtrOutput `pulumi:"containerAccessType"`
+ // The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringOutput `pulumi:"defaultEncryptionScope"`
+ // Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+ EncryptionScopeOverrideEnabled pulumi.BoolPtrOutput `pulumi:"encryptionScopeOverrideEnabled"`
// Is there an Immutability Policy configured on this Storage Container?
HasImmutabilityPolicy pulumi.BoolOutput `pulumi:"hasImmutabilityPolicy"`
// Is there a Legal Hold configured on this Storage Container?
@@ -130,6 +134,10 @@ type containerState struct {
//
// > **Note** When updating `containerAccessType` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.
ContainerAccessType *string `pulumi:"containerAccessType"`
+ // The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ DefaultEncryptionScope *string `pulumi:"defaultEncryptionScope"`
+ // Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+ EncryptionScopeOverrideEnabled *bool `pulumi:"encryptionScopeOverrideEnabled"`
// Is there an Immutability Policy configured on this Storage Container?
HasImmutabilityPolicy *bool `pulumi:"hasImmutabilityPolicy"`
// Is there a Legal Hold configured on this Storage Container?
@@ -149,6 +157,10 @@ type ContainerState struct {
//
// > **Note** When updating `containerAccessType` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.
ContainerAccessType pulumi.StringPtrInput
+ // The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringPtrInput
+ // Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+ EncryptionScopeOverrideEnabled pulumi.BoolPtrInput
// Is there an Immutability Policy configured on this Storage Container?
HasImmutabilityPolicy pulumi.BoolPtrInput
// Is there a Legal Hold configured on this Storage Container?
@@ -172,6 +184,10 @@ type containerArgs struct {
//
// > **Note** When updating `containerAccessType` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.
ContainerAccessType *string `pulumi:"containerAccessType"`
+ // The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ DefaultEncryptionScope *string `pulumi:"defaultEncryptionScope"`
+ // Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+ EncryptionScopeOverrideEnabled *bool `pulumi:"encryptionScopeOverrideEnabled"`
// A mapping of MetaData for this Container. All metadata keys should be lowercase.
Metadata map[string]string `pulumi:"metadata"`
// The name of the Container which should be created within the Storage Account. Changing this forces a new resource to be created.
@@ -186,6 +202,10 @@ type ContainerArgs struct {
//
// > **Note** When updating `containerAccessType` for an existing storage container resource, Shared Key authentication will always be used, as AzureAD authentication is not supported.
ContainerAccessType pulumi.StringPtrInput
+ // The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringPtrInput
+ // Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+ EncryptionScopeOverrideEnabled pulumi.BoolPtrInput
// A mapping of MetaData for this Container. All metadata keys should be lowercase.
Metadata pulumi.StringMapInput
// The name of the Container which should be created within the Storage Account. Changing this forces a new resource to be created.
@@ -288,6 +308,16 @@ func (o ContainerOutput) ContainerAccessType() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Container) pulumi.StringPtrOutput { return v.ContainerAccessType }).(pulumi.StringPtrOutput)
}
+// The default encryption scope to use for blobs uploaded to this container. Changing this forces a new resource to be created.
+func (o ContainerOutput) DefaultEncryptionScope() pulumi.StringOutput {
+ return o.ApplyT(func(v *Container) pulumi.StringOutput { return v.DefaultEncryptionScope }).(pulumi.StringOutput)
+}
+
+// Whether to allow blobs to override the default encryption scope for this container. Can only be set when specifying `defaultEncryptionScope`. Defaults to `true`. Changing this forces a new resource to be created.
+func (o ContainerOutput) EncryptionScopeOverrideEnabled() pulumi.BoolPtrOutput {
+ return o.ApplyT(func(v *Container) pulumi.BoolPtrOutput { return v.EncryptionScopeOverrideEnabled }).(pulumi.BoolPtrOutput)
+}
+
// Is there an Immutability Policy configured on this Storage Container?
func (o ContainerOutput) HasImmutabilityPolicy() pulumi.BoolOutput {
return o.ApplyT(func(v *Container) pulumi.BoolOutput { return v.HasImmutabilityPolicy }).(pulumi.BoolOutput)
diff --git a/sdk/go/azure/storage/dataLakeGen2Filesystem.go b/sdk/go/azure/storage/dataLakeGen2Filesystem.go
index 8c3e31e9ff..87babfa611 100644
--- a/sdk/go/azure/storage/dataLakeGen2Filesystem.go
+++ b/sdk/go/azure/storage/dataLakeGen2Filesystem.go
@@ -80,6 +80,8 @@ type DataLakeGen2Filesystem struct {
// One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
Aces DataLakeGen2FilesystemAceArrayOutput `pulumi:"aces"`
+ // The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringOutput `pulumi:"defaultEncryptionScope"`
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
@@ -129,6 +131,8 @@ func GetDataLakeGen2Filesystem(ctx *pulumi.Context,
type dataLakeGen2FilesystemState struct {
// One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
Aces []DataLakeGen2FilesystemAce `pulumi:"aces"`
+ // The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ DefaultEncryptionScope *string `pulumi:"defaultEncryptionScope"`
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
@@ -146,6 +150,8 @@ type dataLakeGen2FilesystemState struct {
type DataLakeGen2FilesystemState struct {
// One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
Aces DataLakeGen2FilesystemAceArrayInput
+ // The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringPtrInput
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
@@ -167,6 +173,8 @@ func (DataLakeGen2FilesystemState) ElementType() reflect.Type {
type dataLakeGen2FilesystemArgs struct {
// One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
Aces []DataLakeGen2FilesystemAce `pulumi:"aces"`
+ // The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ DefaultEncryptionScope *string `pulumi:"defaultEncryptionScope"`
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
@@ -185,6 +193,8 @@ type dataLakeGen2FilesystemArgs struct {
type DataLakeGen2FilesystemArgs struct {
// One or more `ace` blocks as defined below to specify the entries for the ACL for the path.
Aces DataLakeGen2FilesystemAceArrayInput
+ // The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+ DefaultEncryptionScope pulumi.StringPtrInput
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
@@ -291,6 +301,11 @@ func (o DataLakeGen2FilesystemOutput) Aces() DataLakeGen2FilesystemAceArrayOutpu
return o.ApplyT(func(v *DataLakeGen2Filesystem) DataLakeGen2FilesystemAceArrayOutput { return v.Aces }).(DataLakeGen2FilesystemAceArrayOutput)
}
+// The default encryption scope to use for this filesystem. Changing this forces a new resource to be created.
+func (o DataLakeGen2FilesystemOutput) DefaultEncryptionScope() pulumi.StringOutput {
+ return o.ApplyT(func(v *DataLakeGen2Filesystem) pulumi.StringOutput { return v.DefaultEncryptionScope }).(pulumi.StringOutput)
+}
+
// Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. `/`). Possible values also include `$superuser`.
//
// > **NOTE:** The Storage Account requires `accountKind` to be either `StorageV2` or `BlobStorage`. In addition, `isHnsEnabled` has to be set to `true`.
diff --git a/sdk/go/azure/storage/getBlob.go b/sdk/go/azure/storage/getBlob.go
index 21d033f06a..0ceab494a9 100644
--- a/sdk/go/azure/storage/getBlob.go
+++ b/sdk/go/azure/storage/getBlob.go
@@ -72,6 +72,8 @@ type LookupBlobResult struct {
ContentMd5 string `pulumi:"contentMd5"`
// The content type of the storage blob.
ContentType string `pulumi:"contentType"`
+ // The encryption scope for this blob.
+ EncryptionScope string `pulumi:"encryptionScope"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// A map of custom blob metadata.
@@ -144,6 +146,11 @@ func (o LookupBlobResultOutput) ContentType() pulumi.StringOutput {
return o.ApplyT(func(v LookupBlobResult) string { return v.ContentType }).(pulumi.StringOutput)
}
+// The encryption scope for this blob.
+func (o LookupBlobResultOutput) EncryptionScope() pulumi.StringOutput {
+ return o.ApplyT(func(v LookupBlobResult) string { return v.EncryptionScope }).(pulumi.StringOutput)
+}
+
// The provider-assigned unique ID for this managed resource.
func (o LookupBlobResultOutput) Id() pulumi.StringOutput {
return o.ApplyT(func(v LookupBlobResult) string { return v.Id }).(pulumi.StringOutput)
diff --git a/sdk/go/azure/storage/getStorageContainer.go b/sdk/go/azure/storage/getStorageContainer.go
index 823dfee823..5a06790a7e 100644
--- a/sdk/go/azure/storage/getStorageContainer.go
+++ b/sdk/go/azure/storage/getStorageContainer.go
@@ -65,6 +65,10 @@ type GetStorageContainerArgs struct {
type GetStorageContainerResult struct {
// The Access Level configured for this Container.
ContainerAccessType string `pulumi:"containerAccessType"`
+ // The default encryption scope in use for blobs uploaded to this container.
+ DefaultEncryptionScope string `pulumi:"defaultEncryptionScope"`
+ // Whether blobs are allowed to override the default encryption scope for this container.
+ EncryptionScopeOverrideEnabled bool `pulumi:"encryptionScopeOverrideEnabled"`
// Is there an Immutability Policy configured on this Storage Container?
HasImmutabilityPolicy bool `pulumi:"hasImmutabilityPolicy"`
// Is there a Legal Hold configured on this Storage Container?
@@ -126,6 +130,16 @@ func (o GetStorageContainerResultOutput) ContainerAccessType() pulumi.StringOutp
return o.ApplyT(func(v GetStorageContainerResult) string { return v.ContainerAccessType }).(pulumi.StringOutput)
}
+// The default encryption scope in use for blobs uploaded to this container.
+func (o GetStorageContainerResultOutput) DefaultEncryptionScope() pulumi.StringOutput {
+ return o.ApplyT(func(v GetStorageContainerResult) string { return v.DefaultEncryptionScope }).(pulumi.StringOutput)
+}
+
+// Whether blobs are allowed to override the default encryption scope for this container.
+func (o GetStorageContainerResultOutput) EncryptionScopeOverrideEnabled() pulumi.BoolOutput {
+ return o.ApplyT(func(v GetStorageContainerResult) bool { return v.EncryptionScopeOverrideEnabled }).(pulumi.BoolOutput)
+}
+
// Is there an Immutability Policy configured on this Storage Container?
func (o GetStorageContainerResultOutput) HasImmutabilityPolicy() pulumi.BoolOutput {
return o.ApplyT(func(v GetStorageContainerResult) bool { return v.HasImmutabilityPolicy }).(pulumi.BoolOutput)
diff --git a/sdk/go/azure/storage/zipBlob.go b/sdk/go/azure/storage/zipBlob.go
index fe4df6fd22..75b2482940 100644
--- a/sdk/go/azure/storage/zipBlob.go
+++ b/sdk/go/azure/storage/zipBlob.go
@@ -21,6 +21,7 @@ type ZipBlob struct {
Content pulumi.ArchiveOutput `pulumi:"content"`
ContentMd5 pulumi.StringPtrOutput `pulumi:"contentMd5"`
ContentType pulumi.StringPtrOutput `pulumi:"contentType"`
+ EncryptionScope pulumi.StringPtrOutput `pulumi:"encryptionScope"`
Metadata pulumi.StringMapOutput `pulumi:"metadata"`
Name pulumi.StringOutput `pulumi:"name"`
Parallelism pulumi.IntPtrOutput `pulumi:"parallelism"`
@@ -77,6 +78,7 @@ type zipBlobState struct {
Content pulumi.Archive `pulumi:"content"`
ContentMd5 *string `pulumi:"contentMd5"`
ContentType *string `pulumi:"contentType"`
+ EncryptionScope *string `pulumi:"encryptionScope"`
Metadata map[string]string `pulumi:"metadata"`
Name *string `pulumi:"name"`
Parallelism *int `pulumi:"parallelism"`
@@ -95,6 +97,7 @@ type ZipBlobState struct {
Content pulumi.ArchiveInput
ContentMd5 pulumi.StringPtrInput
ContentType pulumi.StringPtrInput
+ EncryptionScope pulumi.StringPtrInput
Metadata pulumi.StringMapInput
Name pulumi.StringPtrInput
Parallelism pulumi.IntPtrInput
@@ -117,6 +120,7 @@ type zipBlobArgs struct {
Content pulumi.Archive `pulumi:"content"`
ContentMd5 *string `pulumi:"contentMd5"`
ContentType *string `pulumi:"contentType"`
+ EncryptionScope *string `pulumi:"encryptionScope"`
Metadata map[string]string `pulumi:"metadata"`
Name *string `pulumi:"name"`
Parallelism *int `pulumi:"parallelism"`
@@ -135,6 +139,7 @@ type ZipBlobArgs struct {
Content pulumi.ArchiveInput
ContentMd5 pulumi.StringPtrInput
ContentType pulumi.StringPtrInput
+ EncryptionScope pulumi.StringPtrInput
Metadata pulumi.StringMapInput
Name pulumi.StringPtrInput
Parallelism pulumi.IntPtrInput
@@ -253,6 +258,10 @@ func (o ZipBlobOutput) ContentType() pulumi.StringPtrOutput {
return o.ApplyT(func(v *ZipBlob) pulumi.StringPtrOutput { return v.ContentType }).(pulumi.StringPtrOutput)
}
+func (o ZipBlobOutput) EncryptionScope() pulumi.StringPtrOutput {
+ return o.ApplyT(func(v *ZipBlob) pulumi.StringPtrOutput { return v.EncryptionScope }).(pulumi.StringPtrOutput)
+}
+
func (o ZipBlobOutput) Metadata() pulumi.StringMapOutput {
return o.ApplyT(func(v *ZipBlob) pulumi.StringMapOutput { return v.Metadata }).(pulumi.StringMapOutput)
}
diff --git a/sdk/go/azure/webpubsub/service.go b/sdk/go/azure/webpubsub/service.go
index c6954d3165..eff28921fa 100644
--- a/sdk/go/azure/webpubsub/service.go
+++ b/sdk/go/azure/webpubsub/service.go
@@ -75,7 +75,9 @@ type Service struct {
// Whether to enable AAD auth? Defaults to `true`.
AadAuthEnabled pulumi.BoolPtrOutput `pulumi:"aadAuthEnabled"`
- // Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ // Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity pulumi.IntPtrOutput `pulumi:"capacity"`
// The publicly accessible IP of the Web PubSub service.
ExternalIp pulumi.StringOutput `pulumi:"externalIp"`
@@ -107,7 +109,7 @@ type Service struct {
SecondaryConnectionString pulumi.StringOutput `pulumi:"secondaryConnectionString"`
// The publicly accessible port of the Web PubSub service which is designed for customer server side use.
ServerPort pulumi.IntOutput `pulumi:"serverPort"`
- // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Sku pulumi.StringOutput `pulumi:"sku"`
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapOutput `pulumi:"tags"`
@@ -161,7 +163,9 @@ func GetService(ctx *pulumi.Context,
type serviceState struct {
// Whether to enable AAD auth? Defaults to `true`.
AadAuthEnabled *bool `pulumi:"aadAuthEnabled"`
- // Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ // Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity *int `pulumi:"capacity"`
// The publicly accessible IP of the Web PubSub service.
ExternalIp *string `pulumi:"externalIp"`
@@ -193,7 +197,7 @@ type serviceState struct {
SecondaryConnectionString *string `pulumi:"secondaryConnectionString"`
// The publicly accessible port of the Web PubSub service which is designed for customer server side use.
ServerPort *int `pulumi:"serverPort"`
- // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Sku *string `pulumi:"sku"`
// A mapping of tags to assign to the resource.
Tags map[string]string `pulumi:"tags"`
@@ -205,7 +209,9 @@ type serviceState struct {
type ServiceState struct {
// Whether to enable AAD auth? Defaults to `true`.
AadAuthEnabled pulumi.BoolPtrInput
- // Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ // Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity pulumi.IntPtrInput
// The publicly accessible IP of the Web PubSub service.
ExternalIp pulumi.StringPtrInput
@@ -237,7 +243,7 @@ type ServiceState struct {
SecondaryConnectionString pulumi.StringPtrInput
// The publicly accessible port of the Web PubSub service which is designed for customer server side use.
ServerPort pulumi.IntPtrInput
- // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Sku pulumi.StringPtrInput
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapInput
@@ -253,7 +259,9 @@ func (ServiceState) ElementType() reflect.Type {
type serviceArgs struct {
// Whether to enable AAD auth? Defaults to `true`.
AadAuthEnabled *bool `pulumi:"aadAuthEnabled"`
- // Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ // Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity *int `pulumi:"capacity"`
// An `identity` block as defined below.
Identity *ServiceIdentity `pulumi:"identity"`
@@ -269,7 +277,7 @@ type serviceArgs struct {
PublicNetworkAccessEnabled *bool `pulumi:"publicNetworkAccessEnabled"`
// The name of the resource group in which to create the Web PubSub service. Changing this forces a new resource to be created.
ResourceGroupName string `pulumi:"resourceGroupName"`
- // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Sku string `pulumi:"sku"`
// A mapping of tags to assign to the resource.
Tags map[string]string `pulumi:"tags"`
@@ -281,7 +289,9 @@ type serviceArgs struct {
type ServiceArgs struct {
// Whether to enable AAD auth? Defaults to `true`.
AadAuthEnabled pulumi.BoolPtrInput
- // Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+ // Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+ //
+ // > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
Capacity pulumi.IntPtrInput
// An `identity` block as defined below.
Identity ServiceIdentityPtrInput
@@ -297,7 +307,7 @@ type ServiceArgs struct {
PublicNetworkAccessEnabled pulumi.BoolPtrInput
// The name of the resource group in which to create the Web PubSub service. Changing this forces a new resource to be created.
ResourceGroupName pulumi.StringInput
- // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+ // Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
Sku pulumi.StringInput
// A mapping of tags to assign to the resource.
Tags pulumi.StringMapInput
@@ -397,7 +407,9 @@ func (o ServiceOutput) AadAuthEnabled() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Service) pulumi.BoolPtrOutput { return v.AadAuthEnabled }).(pulumi.BoolPtrOutput)
}
-// Specifies the number of units associated with this Web PubSub resource. Valid values are: Free: `1`, Standard: `1`, `2`, `5`, `10`, `20`, `50`, `100`.
+// Specifies the number of units associated with this Web PubSub resource. Valid values are `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8`, `9`, `10`, `20`, `30`, `40`, `50`, `60`, `70`, `80`, `90`, `100`, `200`, `300`, `400`, `500`, `600`, `700`, `800`, `900` and `1000`.
+//
+// > **NOTE:** The valid capacity range for sku `Free_F1` is `1`, for sku `Premium_P2` is from `100` to `1000`, and from `1` to `100` for sku `Standard_S1` and `Premium_P1`.
func (o ServiceOutput) Capacity() pulumi.IntPtrOutput {
return o.ApplyT(func(v *Service) pulumi.IntPtrOutput { return v.Capacity }).(pulumi.IntPtrOutput)
}
@@ -477,7 +489,7 @@ func (o ServiceOutput) ServerPort() pulumi.IntOutput {
return o.ApplyT(func(v *Service) pulumi.IntOutput { return v.ServerPort }).(pulumi.IntOutput)
}
-// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, and `Premium_P1`.
+// Specifies which SKU to use. Possible values are `Free_F1`, `Standard_S1`, `Premium_P1` and `Premium_P2`.
func (o ServiceOutput) Sku() pulumi.StringOutput {
return o.ApplyT(func(v *Service) pulumi.StringOutput { return v.Sku }).(pulumi.StringOutput)
}
diff --git a/sdk/java/src/main/java/com/pulumi/azure/Config.java b/sdk/java/src/main/java/com/pulumi/azure/Config.java
index d480de8d27..b5b5da5c05 100644
--- a/sdk/java/src/main/java/com/pulumi/azure/Config.java
+++ b/sdk/java/src/main/java/com/pulumi/azure/Config.java
@@ -80,7 +80,8 @@ public Optional disableTerraformPartnerId() {
return Codegen.booleanProp("disableTerraformPartnerId").config(config).get();
}
/**
- * The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ * The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ * used and should not be specified when `metadata_host` is specified.
*
*/
public String environment() {
diff --git a/sdk/java/src/main/java/com/pulumi/azure/Provider.java b/sdk/java/src/main/java/com/pulumi/azure/Provider.java
index 1089c1ecd2..92bd64b471 100644
--- a/sdk/java/src/main/java/com/pulumi/azure/Provider.java
+++ b/sdk/java/src/main/java/com/pulumi/azure/Provider.java
@@ -128,14 +128,16 @@ public Output> clientSecretFilePath() {
return Codegen.optional(this.clientSecretFilePath);
}
/**
- * The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ * The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ * used and should not be specified when `metadata_host` is specified.
*
*/
@Export(name="environment", refs={String.class}, tree="[0]")
private Output* @Nullable */ String> environment;
/**
- * @return The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public.
+ * @return The Cloud Environment which should be used. Possible values are public, usgovernment, and china. Defaults to public. Not
+ * used and should not be specified when `metadata_host` is specified.
*
*/
public Output> environment() {
diff --git a/sdk/java/src/main/java/com/pulumi/azure/ProviderArgs.java b/sdk/java/src/main/java/com/pulumi/azure/ProviderArgs.java
index f40622c0b3..ac60f8f66d 100644
--- a/sdk/java/src/main/java/com/pulumi/azure/ProviderArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/azure/ProviderArgs.java
@@ -168,14 +168,16 @@ public Optional