Docs Home
We recommend using Azure Native.
Azure v6.21.0 published on Friday, Mar 7, 2025 by Pulumi
azure.dataprotection.BackupVaultCustomerManagedKey
Explore with Pulumi AI
Manages a Backup Vault Customer Managed Key.
!> Note: It is not possible to remove the Customer Managed Key from the Backup Vault once it’s been added. To remove the Customer Managed Key, the parent Data Protection Backup Vault must be deleted and recreated.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleBackupVault = new azure.dataprotection.BackupVault("example", {
name: "example-backup-vault",
resourceGroupName: example.name,
location: example.location,
datastoreType: "VaultStore",
redundancy: "LocallyRedundant",
identity: {
type: "SystemAssigned",
},
});
const current = azure.core.getClientConfig({});
const exampleKeyVault = new azure.keyvault.KeyVault("example", {
name: "example-key-vault",
location: example.location,
resourceGroupName: example.name,
enabledForDiskEncryption: true,
tenantId: current.then(current => current.tenantId),
softDeleteRetentionDays: 7,
purgeProtectionEnabled: true,
skuName: "standard",
accessPolicies: [
{
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
keyPermissions: [
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
],
secretPermissions: ["Set"],
},
{
tenantId: exampleBackupVault.identity.apply(identity => identity?.tenantId),
objectId: exampleBackupVault.identity.apply(identity => identity?.principalId),
keyPermissions: [
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
],
secretPermissions: ["Set"],
},
],
});
const exampleKey = new azure.keyvault.Key("example", {
name: "example-key",
keyVaultId: exampleKeyVault.id,
keyType: "RSA",
keySize: 2048,
keyOpts: [
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
],
});
const exampleBackupVaultCustomerManagedKey = new azure.dataprotection.BackupVaultCustomerManagedKey("example", {
dataProtectionBackupVaultId: exampleBackupVault.id,
keyVaultKeyId: exampleKey.id,
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_backup_vault = azure.dataprotection.BackupVault("example",
name="example-backup-vault",
resource_group_name=example.name,
location=example.location,
datastore_type="VaultStore",
redundancy="LocallyRedundant",
identity={
"type": "SystemAssigned",
})
current = azure.core.get_client_config()
example_key_vault = azure.keyvault.KeyVault("example",
name="example-key-vault",
location=example.location,
resource_group_name=example.name,
enabled_for_disk_encryption=True,
tenant_id=current.tenant_id,
soft_delete_retention_days=7,
purge_protection_enabled=True,
sku_name="standard",
access_policies=[
{
"tenant_id": current.tenant_id,
"object_id": current.object_id,
"key_permissions": [
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
],
"secret_permissions": ["Set"],
},
{
"tenant_id": example_backup_vault.identity.tenant_id,
"object_id": example_backup_vault.identity.principal_id,
"key_permissions": [
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
],
"secret_permissions": ["Set"],
},
])
example_key = azure.keyvault.Key("example",
name="example-key",
key_vault_id=example_key_vault.id,
key_type="RSA",
key_size=2048,
key_opts=[
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
])
example_backup_vault_customer_managed_key = azure.dataprotection.BackupVaultCustomerManagedKey("example",
data_protection_backup_vault_id=example_backup_vault.id,
key_vault_key_id=example_key.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/dataprotection"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleBackupVault, err := dataprotection.NewBackupVault(ctx, "example", &dataprotection.BackupVaultArgs{
Name: pulumi.String("example-backup-vault"),
ResourceGroupName: example.Name,
Location: example.Location,
DatastoreType: pulumi.String("VaultStore"),
Redundancy: pulumi.String("LocallyRedundant"),
Identity: &dataprotection.BackupVaultIdentityArgs{
Type: pulumi.String("SystemAssigned"),
},
})
if err != nil {
return err
}
current, err := core.GetClientConfig(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
Name: pulumi.String("example-key-vault"),
Location: example.Location,
ResourceGroupName: example.Name,
EnabledForDiskEncryption: pulumi.Bool(true),
TenantId: pulumi.String(current.TenantId),
SoftDeleteRetentionDays: pulumi.Int(7),
PurgeProtectionEnabled: pulumi.Bool(true),
SkuName: pulumi.String("standard"),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.String(current.TenantId),
ObjectId: pulumi.String(current.ObjectId),
KeyPermissions: pulumi.StringArray{
pulumi.String("Create"),
pulumi.String("Decrypt"),
pulumi.String("Encrypt"),
pulumi.String("Delete"),
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Purge"),
pulumi.String("UnwrapKey"),
pulumi.String("WrapKey"),
pulumi.String("Verify"),
pulumi.String("GetRotationPolicy"),
},
SecretPermissions: pulumi.StringArray{
pulumi.String("Set"),
},
},
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
return &identity.TenantId, nil
}).(pulumi.StringPtrOutput),
ObjectId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
return &identity.PrincipalId, nil
}).(pulumi.StringPtrOutput),
KeyPermissions: pulumi.StringArray{
pulumi.String("Create"),
pulumi.String("Decrypt"),
pulumi.String("Encrypt"),
pulumi.String("Delete"),
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Purge"),
pulumi.String("UnwrapKey"),
pulumi.String("WrapKey"),
pulumi.String("Verify"),
pulumi.String("GetRotationPolicy"),
},
SecretPermissions: pulumi.StringArray{
pulumi.String("Set"),
},
},
},
})
if err != nil {
return err
}
exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
Name: pulumi.String("example-key"),
KeyVaultId: exampleKeyVault.ID(),
KeyType: pulumi.String("RSA"),
KeySize: pulumi.Int(2048),
KeyOpts: pulumi.StringArray{
pulumi.String("decrypt"),
pulumi.String("encrypt"),
pulumi.String("sign"),
pulumi.String("unwrapKey"),
pulumi.String("verify"),
pulumi.String("wrapKey"),
},
})
if err != nil {
return err
}
_, err = dataprotection.NewBackupVaultCustomerManagedKey(ctx, "example", &dataprotection.BackupVaultCustomerManagedKeyArgs{
DataProtectionBackupVaultId: exampleBackupVault.ID(),
KeyVaultKeyId: exampleKey.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleBackupVault = new Azure.DataProtection.BackupVault("example", new()
{
Name = "example-backup-vault",
ResourceGroupName = example.Name,
Location = example.Location,
DatastoreType = "VaultStore",
Redundancy = "LocallyRedundant",
Identity = new Azure.DataProtection.Inputs.BackupVaultIdentityArgs
{
Type = "SystemAssigned",
},
});
var current = Azure.Core.GetClientConfig.Invoke();
var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
{
Name = "example-key-vault",
Location = example.Location,
ResourceGroupName = example.Name,
EnabledForDiskEncryption = true,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
SoftDeleteRetentionDays = 7,
PurgeProtectionEnabled = true,
SkuName = "standard",
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
KeyPermissions = new[]
{
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
},
SecretPermissions = new[]
{
"Set",
},
},
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = exampleBackupVault.Identity.Apply(identity => identity?.TenantId),
ObjectId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
KeyPermissions = new[]
{
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy",
},
SecretPermissions = new[]
{
"Set",
},
},
},
});
var exampleKey = new Azure.KeyVault.Key("example", new()
{
Name = "example-key",
KeyVaultId = exampleKeyVault.Id,
KeyType = "RSA",
KeySize = 2048,
KeyOpts = new[]
{
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
},
});
var exampleBackupVaultCustomerManagedKey = new Azure.DataProtection.BackupVaultCustomerManagedKey("example", new()
{
DataProtectionBackupVaultId = exampleBackupVault.Id,
KeyVaultKeyId = exampleKey.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.dataprotection.BackupVault;
import com.pulumi.azure.dataprotection.BackupVaultArgs;
import com.pulumi.azure.dataprotection.inputs.BackupVaultIdentityArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.dataprotection.BackupVaultCustomerManagedKey;
import com.pulumi.azure.dataprotection.BackupVaultCustomerManagedKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleBackupVault = new BackupVault("exampleBackupVault", BackupVaultArgs.builder()
.name("example-backup-vault")
.resourceGroupName(example.name())
.location(example.location())
.datastoreType("VaultStore")
.redundancy("LocallyRedundant")
.identity(BackupVaultIdentityArgs.builder()
.type("SystemAssigned")
.build())
.build());
final var current = CoreFunctions.getClientConfig();
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("example-key-vault")
.location(example.location())
.resourceGroupName(example.name())
.enabledForDiskEncryption(true)
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.softDeleteRetentionDays(7)
.purgeProtectionEnabled(true)
.skuName("standard")
.accessPolicies(
KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy")
.secretPermissions("Set")
.build(),
KeyVaultAccessPolicyArgs.builder()
.tenantId(exampleBackupVault.identity().applyValue(identity -> identity.tenantId()))
.objectId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
.keyPermissions(
"Create",
"Decrypt",
"Encrypt",
"Delete",
"Get",
"List",
"Purge",
"UnwrapKey",
"WrapKey",
"Verify",
"GetRotationPolicy")
.secretPermissions("Set")
.build())
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.name("example-key")
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey")
.build());
var exampleBackupVaultCustomerManagedKey = new BackupVaultCustomerManagedKey("exampleBackupVaultCustomerManagedKey", BackupVaultCustomerManagedKeyArgs.builder()
.dataProtectionBackupVaultId(exampleBackupVault.id())
.keyVaultKeyId(exampleKey.id())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleBackupVault:
type: azure:dataprotection:BackupVault
name: example
properties:
name: example-backup-vault
resourceGroupName: ${example.name}
location: ${example.location}
datastoreType: VaultStore
redundancy: LocallyRedundant
identity:
type: SystemAssigned
exampleKeyVault:
type: azure:keyvault:KeyVault
name: example
properties:
name: example-key-vault
location: ${example.location}
resourceGroupName: ${example.name}
enabledForDiskEncryption: true
tenantId: ${current.tenantId}
softDeleteRetentionDays: 7
purgeProtectionEnabled: true
skuName: standard
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
keyPermissions:
- Create
- Decrypt
- Encrypt
- Delete
- Get
- List
- Purge
- UnwrapKey
- WrapKey
- Verify
- GetRotationPolicy
secretPermissions:
- Set
- tenantId: ${exampleBackupVault.identity.tenantId}
objectId: ${exampleBackupVault.identity.principalId}
keyPermissions:
- Create
- Decrypt
- Encrypt
- Delete
- Get
- List
- Purge
- UnwrapKey
- WrapKey
- Verify
- GetRotationPolicy
secretPermissions:
- Set
exampleKey:
type: azure:keyvault:Key
name: example
properties:
name: example-key
keyVaultId: ${exampleKeyVault.id}
keyType: RSA
keySize: 2048
keyOpts:
- decrypt
- encrypt
- sign
- unwrapKey
- verify
- wrapKey
exampleBackupVaultCustomerManagedKey:
type: azure:dataprotection:BackupVaultCustomerManagedKey
name: example
properties:
dataProtectionBackupVaultId: ${exampleBackupVault.id}
keyVaultKeyId: ${exampleKey.id}
variables:
current:
fn::invoke:
function: azure:core:getClientConfig
arguments: {}
Create BackupVaultCustomerManagedKey Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new BackupVaultCustomerManagedKey(name: string, args: BackupVaultCustomerManagedKeyArgs, opts?: CustomResourceOptions);@overload
def BackupVaultCustomerManagedKey(resource_name: str,
args: BackupVaultCustomerManagedKeyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def BackupVaultCustomerManagedKey(resource_name: str,
opts: Optional[ResourceOptions] = None,
data_protection_backup_vault_id: Optional[str] = None,
key_vault_key_id: Optional[str] = None)func NewBackupVaultCustomerManagedKey(ctx *Context, name string, args BackupVaultCustomerManagedKeyArgs, opts ...ResourceOption) (*BackupVaultCustomerManagedKey, error)public BackupVaultCustomerManagedKey(string name, BackupVaultCustomerManagedKeyArgs args, CustomResourceOptions? opts = null)
public BackupVaultCustomerManagedKey(String name, BackupVaultCustomerManagedKeyArgs args)
public BackupVaultCustomerManagedKey(String name, BackupVaultCustomerManagedKeyArgs args, CustomResourceOptions options)
type: azure:dataprotection:BackupVaultCustomerManagedKey
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args BackupVaultCustomerManagedKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BackupVaultCustomerManagedKeyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BackupVaultCustomerManagedKeyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BackupVaultCustomerManagedKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BackupVaultCustomerManagedKeyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var backupVaultCustomerManagedKeyResource = new Azure.DataProtection.BackupVaultCustomerManagedKey("backupVaultCustomerManagedKeyResource", new()
{
DataProtectionBackupVaultId = "string",
KeyVaultKeyId = "string",
});
example, err := dataprotection.NewBackupVaultCustomerManagedKey(ctx, "backupVaultCustomerManagedKeyResource", &dataprotection.BackupVaultCustomerManagedKeyArgs{
DataProtectionBackupVaultId: pulumi.String("string"),
KeyVaultKeyId: pulumi.String("string"),
})
var backupVaultCustomerManagedKeyResource = new BackupVaultCustomerManagedKey("backupVaultCustomerManagedKeyResource", BackupVaultCustomerManagedKeyArgs.builder()
.dataProtectionBackupVaultId("string")
.keyVaultKeyId("string")
.build());
backup_vault_customer_managed_key_resource = azure.dataprotection.BackupVaultCustomerManagedKey("backupVaultCustomerManagedKeyResource",
data_protection_backup_vault_id="string",
key_vault_key_id="string")
const backupVaultCustomerManagedKeyResource = new azure.dataprotection.BackupVaultCustomerManagedKey("backupVaultCustomerManagedKeyResource", {
dataProtectionBackupVaultId: "string",
keyVaultKeyId: "string",
});
type: azure:dataprotection:BackupVaultCustomerManagedKey
properties:
dataProtectionBackupVaultId: string
keyVaultKeyId: string
BackupVaultCustomerManagedKey Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The BackupVaultCustomerManagedKey resource accepts the following input properties:
- Data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- Key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- Data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- Key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection StringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault StringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data_
protection_ strbackup_ vault_ id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key_
vault_ strkey_ id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection StringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault StringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
Outputs
All input properties are implicitly available as output properties. Additionally, the BackupVaultCustomerManagedKey resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing BackupVaultCustomerManagedKey Resource
Get an existing BackupVaultCustomerManagedKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: BackupVaultCustomerManagedKeyState, opts?: CustomResourceOptions): BackupVaultCustomerManagedKey@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
data_protection_backup_vault_id: Optional[str] = None,
key_vault_key_id: Optional[str] = None) -> BackupVaultCustomerManagedKeyfunc GetBackupVaultCustomerManagedKey(ctx *Context, name string, id IDInput, state *BackupVaultCustomerManagedKeyState, opts ...ResourceOption) (*BackupVaultCustomerManagedKey, error)public static BackupVaultCustomerManagedKey Get(string name, Input<string> id, BackupVaultCustomerManagedKeyState? state, CustomResourceOptions? opts = null)public static BackupVaultCustomerManagedKey get(String name, Output<String> id, BackupVaultCustomerManagedKeyState state, CustomResourceOptions options)resources: _: type: azure:dataprotection:BackupVaultCustomerManagedKey get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- Key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- Data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- Key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection StringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault StringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection stringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault stringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data_
protection_ strbackup_ vault_ id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key_
vault_ strkey_ id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
- data
Protection StringBackup Vault Id - The ID of the Backup Vault. Changing this forces a new resource to be created.
- key
Vault StringKey Id - The ID of the Key Vault Key which should be used to Encrypt the data in this Backup Vault.
Import
Backup Vault Customer Managed Keys can be imported using the resource id, e.g.
$ pulumi import azure:dataprotection/backupVaultCustomerManagedKey:BackupVaultCustomerManagedKey example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DataProtection/backupVaults/vault1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.