azure_key_vault

create_mode

Type: STRING
Provider name: properties.createMode
Description: The vault’s create mode to indicate whether the vault need to be recovered or not.

diagnostic_settings

Type: UNORDERED_LIST_STRUCT
Provider name: DiagnosticSettingsResource

  • event_hub_authorization_rule_id
    Type: STRING
    Provider name: properties.eventHubAuthorizationRuleId
    Description: The resource Id for the event hub authorization rule.
  • event_hub_name
    Type: STRING
    Provider name: properties.eventHubName
    Description: The name of the event hub. If none is specified, the default event hub will be selected.
  • id
    Type: STRING
    Provider name: id
    Description: Azure resource Id
  • log_analytics_destination_type
    Type: STRING
    Provider name: properties.logAnalyticsDestinationType
    Description: A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: _. Possible values are: Dedicated and null (null is default.)
  • logs
    Type: UNORDERED_LIST_STRUCT
    Provider name: properties.logs
    Description: The list of logs settings.
    • category
      Type: STRING
      Provider name: category
      Description: Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation.
    • enabled
      Type: BOOLEAN
      Provider name: enabled
      Description: a value indicating whether this log is enabled.
    • retention_policy
      Type: STRUCT
      Provider name: retentionPolicy
      Description: the retention policy for this log.
      • days
        Type: INT32
        Provider name: days
        Description: the number of days for the retention in days. A value of 0 will retain the events indefinitely.
      • enabled
        Type: BOOLEAN
        Provider name: enabled
        Description: a value indicating whether the retention policy is enabled.
  • metrics
    Type: UNORDERED_LIST_STRUCT
    Provider name: properties.metrics
    Description: The list of metric settings.
    • category
      Type: STRING
      Provider name: category
      Description: Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation.
    • enabled
      Type: BOOLEAN
      Provider name: enabled
      Description: a value indicating whether this category is enabled.
    • retention_policy
      Type: STRUCT
      Provider name: retentionPolicy
      Description: the retention policy for this category.
      • days
        Type: INT32
        Provider name: days
        Description: the number of days for the retention in days. A value of 0 will retain the events indefinitely.
      • enabled
        Type: BOOLEAN
        Provider name: enabled
        Description: a value indicating whether the retention policy is enabled.
    • time_grain
      Type: STRING
      Provider name: timeGrain
      Description: the timegrain of the metric in ISO8601 format.
  • name
    Type: STRING
    Provider name: name
    Description: Azure resource name
  • service_bus_rule_id
    Type: STRING
    Provider name: properties.serviceBusRuleId
    Description: The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility.
  • storage_account_id
    Type: STRING
    Provider name: properties.storageAccountId
    Description: The resource ID of the storage account to which you would like to send Diagnostic Logs.
  • type
    Type: STRING
    Provider name: type
    Description: Azure resource type
  • workspace_id
    Type: STRING
    Provider name: properties.workspaceId
    Description: The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2

enable_purge_protection

Type: BOOLEAN
Provider name: properties.enablePurgeProtection
Description: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enable_rbac_authorization

Type: BOOLEAN
Provider name: properties.enableRbacAuthorization
Description: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.

enable_soft_delete

Type: BOOLEAN
Provider name: properties.enableSoftDelete
Description: Property to specify whether the ‘soft delete’ functionality is enabled for this key vault. If it’s not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.

enabled_for_deployment

Type: BOOLEAN
Provider name: properties.enabledForDeployment
Description: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabled_for_disk_encryption

Type: BOOLEAN
Provider name: properties.enabledForDiskEncryption
Description: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabled_for_template_deployment

Type: BOOLEAN
Provider name: properties.enabledForTemplateDeployment
Description: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

id

Type: STRING
Provider name: id
Description: Fully qualified identifier of the key vault resource.

location

Type: STRING
Provider name: location
Description: Azure location of the key vault resource.

name

Type: STRING
Provider name: name
Description: Name of the key vault resource.

provisioning_state

Type: STRING
Provider name: properties.provisioningState
Description: Provisioning state of the vault.

resource_group

Type: STRING

sku

Type: STRUCT
Provider name: properties.sku
Description: SKU details

  • family
    Type: STRING
    Provider name: family
    Description: SKU family name
  • name
    Type: STRING
    Provider name: name
    Description: SKU name to specify whether the key vault is a standard vault or a premium vault.

soft_delete_retention_in_days

Type: INT64
Provider name: properties.softDeleteRetentionInDays
Description: softDelete data retention days. It accepts >=7 and <=90.

subscription_id

Type: STRING

subscription_name

Type: STRING

tags

Type: UNORDERED_LIST_STRING

tenant_id

Type: STRING
Provider name: properties.tenantId
Description: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

type

Type: STRING
Provider name: type
Description: Resource type of the key vault resource.

vault_uri

Type: STRING
Provider name: properties.vaultUri
Description: The URI of the vault for performing operations on keys and secrets. This property is readonly

PREVIEWING: esther/docs-9518-update-example-control-sensitive-log-data