keyvault.azure.com/v1beta20210401preview
keyvault.azure.com/v1beta20210401preview
Package v1beta20210401preview contains API Schema definitions for the keyvault v1beta20210401preview API group
APIVersion
(string
alias)
Value | Description |
---|---|
"2021-04-01-preview" |
AccessPolicyEntry
(Appears on:VaultProperties)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/AccessPolicyEntry
Field | Description |
---|---|
applicationId string |
ApplicationId: Application ID of the client making request on behalf of a principal |
objectId string |
ObjectId: The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. |
permissions Permissions |
Permissions: Permissions the identity has for keys, secrets, certificates and storage. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
AccessPolicyEntryARM
(Appears on:VaultPropertiesARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/AccessPolicyEntry
Field | Description |
---|---|
applicationId string |
ApplicationId: Application ID of the client making request on behalf of a principal |
objectId string |
ObjectId: The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. |
permissions PermissionsARM |
Permissions: Permissions the identity has for keys, secrets, certificates and storage. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
AccessPolicyEntry_Status
(Appears on:VaultProperties_Status)
Field | Description |
---|---|
applicationId string |
ApplicationId: Application ID of the client making request on behalf of a principal |
objectId string |
ObjectId: The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. |
permissions Permissions_Status |
Permissions: Permissions the identity has for keys, secrets and certificates. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
AccessPolicyEntry_StatusARM
(Appears on:VaultProperties_StatusARM)
Field | Description |
---|---|
applicationId string |
ApplicationId: Application ID of the client making request on behalf of a principal |
objectId string |
ObjectId: The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. |
permissions Permissions_StatusARM |
Permissions: Permissions the identity has for keys, secrets and certificates. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
IPRule
(Appears on:NetworkRuleSet)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/IPRule
Field | Description |
---|---|
value string |
Value: An IPv4 address range in CIDR notation, such as ‘124.56.78.91’ (simple IP address) or ‘124.56.78.0/24’ (all addresses that start with 124.56.78). |
IPRuleARM
(Appears on:NetworkRuleSetARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/IPRule
Field | Description |
---|---|
value string |
Value: An IPv4 address range in CIDR notation, such as ‘124.56.78.91’ (simple IP address) or ‘124.56.78.0/24’ (all addresses that start with 124.56.78). |
IPRule_Status
(Appears on:NetworkRuleSet_Status)
Field | Description |
---|---|
value string |
Value: An IPv4 address range in CIDR notation, such as ‘124.56.78.91’ (simple IP address) or ‘124.56.78.0/24’ (all addresses that start with 124.56.78). |
IPRule_StatusARM
(Appears on:NetworkRuleSet_StatusARM)
Field | Description |
---|---|
value string |
Value: An IPv4 address range in CIDR notation, such as ‘124.56.78.91’ (simple IP address) or ‘124.56.78.0/24’ (all addresses that start with 124.56.78). |
IdentityType_Status
(string
alias)
(Appears on:SystemData_Status, SystemData_StatusARM)
Value | Description |
---|---|
"Application" |
|
"Key" |
|
"ManagedIdentity" |
|
"User" |
NetworkRuleSet
(Appears on:VaultProperties)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/NetworkRuleSet
Field | Description |
---|---|
bypass NetworkRuleSetBypass |
Bypass: Tells what traffic can bypass network rules. This can be ‘AzureServices’ or ‘None’. If not specified the default is ‘AzureServices’. |
defaultAction NetworkRuleSetDefaultAction |
DefaultAction: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated. |
ipRules []IPRule |
IpRules: The list of IP address rules. |
virtualNetworkRules []VirtualNetworkRule |
VirtualNetworkRules: The list of virtual network rules. |
NetworkRuleSetARM
(Appears on:VaultPropertiesARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/NetworkRuleSet
Field | Description |
---|---|
bypass NetworkRuleSetBypass |
Bypass: Tells what traffic can bypass network rules. This can be ‘AzureServices’ or ‘None’. If not specified the default is ‘AzureServices’. |
defaultAction NetworkRuleSetDefaultAction |
DefaultAction: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated. |
ipRules []IPRuleARM |
IpRules: The list of IP address rules. |
virtualNetworkRules []VirtualNetworkRuleARM |
VirtualNetworkRules: The list of virtual network rules. |
NetworkRuleSetBypass
(string
alias)
(Appears on:NetworkRuleSet, NetworkRuleSetARM)
Value | Description |
---|---|
"AzureServices" |
|
"None" |
NetworkRuleSetDefaultAction
(string
alias)
(Appears on:NetworkRuleSet, NetworkRuleSetARM)
Value | Description |
---|---|
"Allow" |
|
"Deny" |
NetworkRuleSetStatusBypass
(string
alias)
(Appears on:NetworkRuleSet_Status, NetworkRuleSet_StatusARM)
Value | Description |
---|---|
"AzureServices" |
|
"None" |
NetworkRuleSetStatusDefaultAction
(string
alias)
(Appears on:NetworkRuleSet_Status, NetworkRuleSet_StatusARM)
Value | Description |
---|---|
"Allow" |
|
"Deny" |
NetworkRuleSet_Status
(Appears on:VaultProperties_Status)
Field | Description |
---|---|
bypass NetworkRuleSetStatusBypass |
Bypass: Tells what traffic can bypass network rules. This can be ‘AzureServices’ or ‘None’. If not specified the default is ‘AzureServices’. |
defaultAction NetworkRuleSetStatusDefaultAction |
DefaultAction: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated. |
ipRules []IPRule_Status |
IpRules: The list of IP address rules. |
virtualNetworkRules []VirtualNetworkRule_Status |
VirtualNetworkRules: The list of virtual network rules. |
NetworkRuleSet_StatusARM
(Appears on:VaultProperties_StatusARM)
Field | Description |
---|---|
bypass NetworkRuleSetStatusBypass |
Bypass: Tells what traffic can bypass network rules. This can be ‘AzureServices’ or ‘None’. If not specified the default is ‘AzureServices’. |
defaultAction NetworkRuleSetStatusDefaultAction |
DefaultAction: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated. |
ipRules []IPRule_StatusARM |
IpRules: The list of IP address rules. |
virtualNetworkRules []VirtualNetworkRule_StatusARM |
VirtualNetworkRules: The list of virtual network rules. |
Permissions
(Appears on:AccessPolicyEntry)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/Permissions
Field | Description |
---|---|
certificates []PermissionsCertificates |
Certificates: Permissions to certificates |
keys []PermissionsKeys |
Keys: Permissions to keys |
secrets []PermissionsSecrets |
Secrets: Permissions to secrets |
storage []PermissionsStorage |
Storage: Permissions to storage accounts |
PermissionsARM
(Appears on:AccessPolicyEntryARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/Permissions
Field | Description |
---|---|
certificates []PermissionsCertificates |
Certificates: Permissions to certificates |
keys []PermissionsKeys |
Keys: Permissions to keys |
secrets []PermissionsSecrets |
Secrets: Permissions to secrets |
storage []PermissionsStorage |
Storage: Permissions to storage accounts |
PermissionsCertificates
(string
alias)
(Appears on:Permissions, PermissionsARM)
Value | Description |
---|---|
"backup" |
|
"create" |
|
"delete" |
|
"deleteissuers" |
|
"get" |
|
"getissuers" |
|
"import" |
|
"list" |
|
"listissuers" |
|
"managecontacts" |
|
"manageissuers" |
|
"purge" |
|
"recover" |
|
"restore" |
|
"setissuers" |
|
"update" |
PermissionsKeys
(string
alias)
(Appears on:Permissions, PermissionsARM)
Value | Description |
---|---|
"backup" |
|
"create" |
|
"decrypt" |
|
"delete" |
|
"encrypt" |
|
"get" |
|
"import" |
|
"list" |
|
"purge" |
|
"recover" |
|
"release" |
|
"restore" |
|
"sign" |
|
"unwrapKey" |
|
"update" |
|
"verify" |
|
"wrapKey" |
PermissionsSecrets
(string
alias)
(Appears on:Permissions, PermissionsARM)
Value | Description |
---|---|
"backup" |
|
"delete" |
|
"get" |
|
"list" |
|
"purge" |
|
"recover" |
|
"restore" |
|
"set" |
PermissionsStatusCertificates
(string
alias)
(Appears on:Permissions_Status, Permissions_StatusARM)
Value | Description |
---|---|
"backup" |
|
"create" |
|
"delete" |
|
"deleteissuers" |
|
"get" |
|
"getissuers" |
|
"import" |
|
"list" |
|
"listissuers" |
|
"managecontacts" |
|
"manageissuers" |
|
"purge" |
|
"recover" |
|
"restore" |
|
"setissuers" |
|
"update" |
PermissionsStatusKeys
(string
alias)
(Appears on:Permissions_Status, Permissions_StatusARM)
Value | Description |
---|---|
"backup" |
|
"create" |
|
"decrypt" |
|
"delete" |
|
"encrypt" |
|
"get" |
|
"import" |
|
"list" |
|
"purge" |
|
"recover" |
|
"release" |
|
"restore" |
|
"sign" |
|
"unwrapKey" |
|
"update" |
|
"verify" |
|
"wrapKey" |
PermissionsStatusSecrets
(string
alias)
(Appears on:Permissions_Status, Permissions_StatusARM)
Value | Description |
---|---|
"backup" |
|
"delete" |
|
"get" |
|
"list" |
|
"purge" |
|
"recover" |
|
"restore" |
|
"set" |
PermissionsStatusStorage
(string
alias)
(Appears on:Permissions_Status, Permissions_StatusARM)
Value | Description |
---|---|
"backup" |
|
"delete" |
|
"deletesas" |
|
"get" |
|
"getsas" |
|
"list" |
|
"listsas" |
|
"purge" |
|
"recover" |
|
"regeneratekey" |
|
"restore" |
|
"set" |
|
"setsas" |
|
"update" |
PermissionsStorage
(string
alias)
(Appears on:Permissions, PermissionsARM)
Value | Description |
---|---|
"backup" |
|
"delete" |
|
"deletesas" |
|
"get" |
|
"getsas" |
|
"list" |
|
"listsas" |
|
"purge" |
|
"recover" |
|
"regeneratekey" |
|
"restore" |
|
"set" |
|
"setsas" |
|
"update" |
Permissions_Status
(Appears on:AccessPolicyEntry_Status)
Field | Description |
---|---|
certificates []PermissionsStatusCertificates |
Certificates: Permissions to certificates |
keys []PermissionsStatusKeys |
Keys: Permissions to keys |
secrets []PermissionsStatusSecrets |
Secrets: Permissions to secrets |
storage []PermissionsStatusStorage |
Storage: Permissions to storage accounts |
Permissions_StatusARM
(Appears on:AccessPolicyEntry_StatusARM)
Field | Description |
---|---|
certificates []PermissionsStatusCertificates |
Certificates: Permissions to certificates |
keys []PermissionsStatusKeys |
Keys: Permissions to keys |
secrets []PermissionsStatusSecrets |
Secrets: Permissions to secrets |
storage []PermissionsStatusStorage |
Storage: Permissions to storage accounts |
PrivateEndpointConnectionItem_Status
(Appears on:VaultProperties_Status)
Field | Description |
---|---|
etag string |
Etag: Modified whenever there is a change in the state of private endpoint connection. |
id string |
Id: Id of private endpoint connection. |
privateEndpoint PrivateEndpoint_Status |
PrivateEndpoint: Properties of the private endpoint object. |
privateLinkServiceConnectionState PrivateLinkServiceConnectionState_Status |
PrivateLinkServiceConnectionState: Approval state of the private link connection. |
provisioningState PrivateEndpointConnectionProvisioningState_Status |
ProvisioningState: Provisioning state of the private endpoint connection. |
PrivateEndpointConnectionItem_StatusARM
(Appears on:VaultProperties_StatusARM)
Field | Description |
---|---|
etag string |
Etag: Modified whenever there is a change in the state of private endpoint connection. |
id string |
Id: Id of private endpoint connection. |
properties PrivateEndpointConnectionProperties_StatusARM |
Properties: Private endpoint connection properties. |
PrivateEndpointConnectionProperties_StatusARM
(Appears on:PrivateEndpointConnectionItem_StatusARM)
Field | Description |
---|---|
privateEndpoint PrivateEndpoint_StatusARM |
PrivateEndpoint: Properties of the private endpoint object. |
privateLinkServiceConnectionState PrivateLinkServiceConnectionState_StatusARM |
PrivateLinkServiceConnectionState: Approval state of the private link connection. |
provisioningState PrivateEndpointConnectionProvisioningState_Status |
ProvisioningState: Provisioning state of the private endpoint connection. |
PrivateEndpointConnectionProvisioningState_Status
(string
alias)
(Appears on:PrivateEndpointConnectionItem_Status, PrivateEndpointConnectionProperties_StatusARM)
Value | Description |
---|---|
"Creating" |
|
"Deleting" |
|
"Disconnected" |
|
"Failed" |
|
"Succeeded" |
|
"Updating" |
PrivateEndpointServiceConnectionStatus_Status
(string
alias)
(Appears on:PrivateLinkServiceConnectionState_Status, PrivateLinkServiceConnectionState_StatusARM)
Value | Description |
---|---|
"Approved" |
|
"Disconnected" |
|
"Pending" |
|
"Rejected" |
PrivateEndpoint_Status
(Appears on:PrivateEndpointConnectionItem_Status)
Field | Description |
---|---|
id string |
Id: Full identifier of the private endpoint resource. |
PrivateEndpoint_StatusARM
(Appears on:PrivateEndpointConnectionProperties_StatusARM)
Field | Description |
---|---|
id string |
Id: Full identifier of the private endpoint resource. |
PrivateLinkServiceConnectionStateStatusActionsRequired
(string
alias)
(Appears on:PrivateLinkServiceConnectionState_Status, PrivateLinkServiceConnectionState_StatusARM)
Value | Description |
---|---|
"None" |
PrivateLinkServiceConnectionState_Status
(Appears on:PrivateEndpointConnectionItem_Status)
Field | Description |
---|---|
actionsRequired PrivateLinkServiceConnectionStateStatusActionsRequired |
ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer. |
description string |
Description: The reason for approval or rejection. |
status PrivateEndpointServiceConnectionStatus_Status |
Status: Indicates whether the connection has been approved, rejected or removed by the key vault owner. |
PrivateLinkServiceConnectionState_StatusARM
(Appears on:PrivateEndpointConnectionProperties_StatusARM)
Field | Description |
---|---|
actionsRequired PrivateLinkServiceConnectionStateStatusActionsRequired |
ActionsRequired: A message indicating if changes on the service provider require any updates on the consumer. |
description string |
Description: The reason for approval or rejection. |
status PrivateEndpointServiceConnectionStatus_Status |
Status: Indicates whether the connection has been approved, rejected or removed by the key vault owner. |
Sku
(Appears on:VaultProperties)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/Sku
Field | Description |
---|---|
family SkuFamily |
Family: SKU family name |
name SkuName |
Name: SKU name to specify whether the key vault is a standard vault or a premium vault. |
SkuARM
(Appears on:VaultPropertiesARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/Sku
Field | Description |
---|---|
family SkuFamily |
Family: SKU family name |
name SkuName |
Name: SKU name to specify whether the key vault is a standard vault or a premium vault. |
SkuFamily
(string
alias)
Value | Description |
---|---|
"A" |
SkuName
(string
alias)
Value | Description |
---|---|
"premium" |
|
"standard" |
SkuStatusFamily
(string
alias)
(Appears on:Sku_Status, Sku_StatusARM)
Value | Description |
---|---|
"A" |
SkuStatusName
(string
alias)
(Appears on:Sku_Status, Sku_StatusARM)
Value | Description |
---|---|
"premium" |
|
"standard" |
Sku_Status
(Appears on:VaultProperties_Status)
Field | Description |
---|---|
family SkuStatusFamily |
Family: SKU family name |
name SkuStatusName |
Name: SKU name to specify whether the key vault is a standard vault or a premium vault. |
Sku_StatusARM
(Appears on:VaultProperties_StatusARM)
Field | Description |
---|---|
family SkuStatusFamily |
Family: SKU family name |
name SkuStatusName |
Name: SKU name to specify whether the key vault is a standard vault or a premium vault. |
SystemData_Status
(Appears on:Vault_Status)
Field | Description |
---|---|
createdAt string |
CreatedAt: The timestamp of the key vault resource creation (UTC). |
createdBy string |
CreatedBy: The identity that created the key vault resource. |
createdByType IdentityType_Status |
CreatedByType: The type of identity that created the key vault resource. |
lastModifiedAt string |
LastModifiedAt: The timestamp of the key vault resource last modification (UTC). |
lastModifiedBy string |
LastModifiedBy: The identity that last modified the key vault resource. |
lastModifiedByType IdentityType_Status |
LastModifiedByType: The type of identity that last modified the key vault resource. |
SystemData_StatusARM
(Appears on:Vault_StatusARM)
Field | Description |
---|---|
createdAt string |
CreatedAt: The timestamp of the key vault resource creation (UTC). |
createdBy string |
CreatedBy: The identity that created the key vault resource. |
createdByType IdentityType_Status |
CreatedByType: The type of identity that created the key vault resource. |
lastModifiedAt string |
LastModifiedAt: The timestamp of the key vault resource last modification (UTC). |
lastModifiedBy string |
LastModifiedBy: The identity that last modified the key vault resource. |
lastModifiedByType IdentityType_Status |
LastModifiedByType: The type of identity that last modified the key vault resource. |
Vault
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/resourceDefinitions/vaults
Field | Description | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
metadata Kubernetes meta/v1.ObjectMeta |
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||
spec Vaults_Spec |
|
||||||||||
status Vault_Status |
VaultProperties
(Appears on:Vaults_Spec)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/VaultProperties
Field | Description |
---|---|
accessPolicies []AccessPolicyEntry |
AccessPolicies: An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use
the same tenant ID as the key vault’s tenant ID. When |
createMode VaultPropertiesCreateMode |
CreateMode: The vault’s create mode to indicate whether the vault need to be recovered or not. |
enablePurgeProtection bool |
EnablePurgeProtection: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value. |
enableRbacAuthorization bool |
EnableRbacAuthorization: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. |
enableSoftDelete bool |
EnableSoftDelete: Property to specify whether the ‘soft delete’ functionality is enabled for this key vault. If it’s not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
enabledForDeployment bool |
EnabledForDeployment: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
enabledForDiskEncryption bool |
EnabledForDiskEncryption: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
enabledForTemplateDeployment bool |
EnabledForTemplateDeployment: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
networkAcls NetworkRuleSet |
NetworkAcls: A set of rules governing the network accessibility of a vault. |
provisioningState VaultPropertiesProvisioningState |
ProvisioningState: Provisioning state of the vault. |
sku Sku |
Sku: SKU details |
softDeleteRetentionInDays int |
SoftDeleteRetentionInDays: softDelete data retention days. It accepts >=7 and <=90. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
vaultUri string |
VaultUri: The URI of the vault for performing operations on keys and secrets. |
VaultPropertiesARM
(Appears on:Vaults_SpecARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/VaultProperties
Field | Description |
---|---|
accessPolicies []AccessPolicyEntryARM |
AccessPolicies: An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use
the same tenant ID as the key vault’s tenant ID. When |
createMode VaultPropertiesCreateMode |
CreateMode: The vault’s create mode to indicate whether the vault need to be recovered or not. |
enablePurgeProtection bool |
EnablePurgeProtection: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value. |
enableRbacAuthorization bool |
EnableRbacAuthorization: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. |
enableSoftDelete bool |
EnableSoftDelete: Property to specify whether the ‘soft delete’ functionality is enabled for this key vault. If it’s not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
enabledForDeployment bool |
EnabledForDeployment: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
enabledForDiskEncryption bool |
EnabledForDiskEncryption: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
enabledForTemplateDeployment bool |
EnabledForTemplateDeployment: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
networkAcls NetworkRuleSetARM |
NetworkAcls: A set of rules governing the network accessibility of a vault. |
provisioningState VaultPropertiesProvisioningState |
ProvisioningState: Provisioning state of the vault. |
sku SkuARM |
Sku: SKU details |
softDeleteRetentionInDays int |
SoftDeleteRetentionInDays: softDelete data retention days. It accepts >=7 and <=90. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
vaultUri string |
VaultUri: The URI of the vault for performing operations on keys and secrets. |
VaultPropertiesCreateMode
(string
alias)
(Appears on:VaultProperties, VaultPropertiesARM)
Value | Description |
---|---|
"default" |
|
"recover" |
VaultPropertiesProvisioningState
(string
alias)
(Appears on:VaultProperties, VaultPropertiesARM)
Value | Description |
---|---|
"RegisteringDns" |
|
"Succeeded" |
VaultPropertiesStatusCreateMode
(string
alias)
(Appears on:VaultProperties_Status, VaultProperties_StatusARM)
Value | Description |
---|---|
"default" |
|
"recover" |
VaultPropertiesStatusProvisioningState
(string
alias)
(Appears on:VaultProperties_Status, VaultProperties_StatusARM)
Value | Description |
---|---|
"RegisteringDns" |
|
"Succeeded" |
VaultProperties_Status
(Appears on:Vault_Status)
Field | Description |
---|---|
accessPolicies []AccessPolicyEntry_Status |
AccessPolicies: An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use
the same tenant ID as the key vault’s tenant ID. When |
createMode VaultPropertiesStatusCreateMode |
CreateMode: The vault’s create mode to indicate whether the vault need to be recovered or not. |
enablePurgeProtection bool |
EnablePurgeProtection: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value. |
enableRbacAuthorization bool |
EnableRbacAuthorization: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. |
enableSoftDelete bool |
EnableSoftDelete: Property to specify whether the ‘soft delete’ functionality is enabled for this key vault. If it’s not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
enabledForDeployment bool |
EnabledForDeployment: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
enabledForDiskEncryption bool |
EnabledForDiskEncryption: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
enabledForTemplateDeployment bool |
EnabledForTemplateDeployment: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
hsmPoolResourceId string |
HsmPoolResourceId: The resource id of HSM Pool. |
networkAcls NetworkRuleSet_Status |
NetworkAcls: Rules governing the accessibility of the key vault from specific network locations. |
privateEndpointConnections []PrivateEndpointConnectionItem_Status |
PrivateEndpointConnections: List of private endpoint connections associated with the key vault. |
provisioningState VaultPropertiesStatusProvisioningState |
ProvisioningState: Provisioning state of the vault. |
sku Sku_Status |
Sku: SKU details |
softDeleteRetentionInDays int |
SoftDeleteRetentionInDays: softDelete data retention days. It accepts >=7 and <=90. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
vaultUri string |
VaultUri: The URI of the vault for performing operations on keys and secrets. |
VaultProperties_StatusARM
(Appears on:Vault_StatusARM)
Field | Description |
---|---|
accessPolicies []AccessPolicyEntry_StatusARM |
AccessPolicies: An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use
the same tenant ID as the key vault’s tenant ID. When |
createMode VaultPropertiesStatusCreateMode |
CreateMode: The vault’s create mode to indicate whether the vault need to be recovered or not. |
enablePurgeProtection bool |
EnablePurgeProtection: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value. |
enableRbacAuthorization bool |
EnableRbacAuthorization: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. |
enableSoftDelete bool |
EnableSoftDelete: Property to specify whether the ‘soft delete’ functionality is enabled for this key vault. If it’s not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
enabledForDeployment bool |
EnabledForDeployment: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
enabledForDiskEncryption bool |
EnabledForDiskEncryption: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
enabledForTemplateDeployment bool |
EnabledForTemplateDeployment: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
hsmPoolResourceId string |
HsmPoolResourceId: The resource id of HSM Pool. |
networkAcls NetworkRuleSet_StatusARM |
NetworkAcls: Rules governing the accessibility of the key vault from specific network locations. |
privateEndpointConnections []PrivateEndpointConnectionItem_StatusARM |
PrivateEndpointConnections: List of private endpoint connections associated with the key vault. |
provisioningState VaultPropertiesStatusProvisioningState |
ProvisioningState: Provisioning state of the vault. |
sku Sku_StatusARM |
Sku: SKU details |
softDeleteRetentionInDays int |
SoftDeleteRetentionInDays: softDelete data retention days. It accepts >=7 and <=90. |
tenantId string |
TenantId: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
vaultUri string |
VaultUri: The URI of the vault for performing operations on keys and secrets. |
Vault_Status
(Appears on:Vault)
Field | Description |
---|---|
conditions []genruntime/conditions.Condition |
Conditions: The observed state of the resource |
id string |
Id: Fully qualified identifier of the key vault resource. |
location string |
Location: Azure location of the key vault resource. |
name string |
Name: Name of the key vault resource. |
properties VaultProperties_Status |
Properties: Properties of the vault |
systemData SystemData_Status |
SystemData: System metadata for the key vault. |
tags map[string]string |
Tags: Tags assigned to the key vault resource. |
type string |
Type: Resource type of the key vault resource. |
Vault_StatusARM
Field | Description |
---|---|
id string |
Id: Fully qualified identifier of the key vault resource. |
location string |
Location: Azure location of the key vault resource. |
name string |
Name: Name of the key vault resource. |
properties VaultProperties_StatusARM |
Properties: Properties of the vault |
systemData SystemData_StatusARM |
SystemData: System metadata for the key vault. |
tags map[string]string |
Tags: Tags assigned to the key vault resource. |
type string |
Type: Resource type of the key vault resource. |
Vaults_Spec
(Appears on:Vault)
Field | Description |
---|---|
azureName string |
AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. |
location string |
Location: The supported Azure location where the key vault should be created. |
owner genruntime.KnownResourceReference |
Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource |
properties VaultProperties |
Properties: Properties of the vault |
tags map[string]string |
Tags: The tags that will be assigned to the key vault. |
Vaults_SpecARM
Field | Description |
---|---|
location string |
Location: The supported Azure location where the key vault should be created. |
name string |
Name: Name of the resource |
properties VaultPropertiesARM |
Properties: Properties of the vault |
tags map[string]string |
Tags: The tags that will be assigned to the key vault. |
VirtualNetworkRule
(Appears on:NetworkRuleSet)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/VirtualNetworkRule
Field | Description |
---|---|
ignoreMissingVnetServiceEndpoint bool |
IgnoreMissingVnetServiceEndpoint: Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured. |
reference genruntime.ResourceReference |
Reference: Full resource id of a vnet subnet, such as ‘/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1’.p> |
VirtualNetworkRuleARM
(Appears on:NetworkRuleSetARM)
Generated from: https://schema.management.azure.com/schemas/2021-04-01-preview/Microsoft.KeyVault.json#/definitions/VirtualNetworkRule
Field | Description |
---|---|
id string |
|
ignoreMissingVnetServiceEndpoint bool |
IgnoreMissingVnetServiceEndpoint: Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured. |
VirtualNetworkRule_Status
(Appears on:NetworkRuleSet_Status)
Field | Description |
---|---|
id string |
Id: Full resource id of a vnet subnet, such as ‘/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1’.p> |
ignoreMissingVnetServiceEndpoint bool |
IgnoreMissingVnetServiceEndpoint: Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured. |
VirtualNetworkRule_StatusARM
(Appears on:NetworkRuleSet_StatusARM)
Field | Description |
---|---|
id string |
Id: Full resource id of a vnet subnet, such as ‘/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1’.p> |
ignoreMissingVnetServiceEndpoint bool |
IgnoreMissingVnetServiceEndpoint: Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured. |