Microsoft.KeyVault managedHSMs 2020-04-01-preview
Bicep resource definition
The managedHSMs resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.KeyVault/managedHSMs resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.KeyVault/managedHSMs@2020-04-01-preview' = {
location: 'string'
name: 'string'
properties: {
createMode: 'string'
enablePurgeProtection: bool
enableSoftDelete: bool
initialAdminObjectIds: [
'string'
]
softDeleteRetentionInDays: int
tenantId: 'string'
}
sku: {
family: 'string'
name: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property values
ManagedHsmProperties
| Name | Description | Value |
|---|---|---|
| createMode | The create mode to indicate whether the resource is being created or is being recovered from a deleted resource. | 'default' 'recover' |
| enablePurgeProtection | Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible. | bool |
| enableSoftDelete | Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable. | bool |
| initialAdminObjectIds | Array of initial administrators object ids for this managed hsm pool. | string[] |
| softDeleteRetentionInDays | Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90. | int |
| tenantId | The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
ManagedHsmResourceTags
| Name | Description | Value |
|---|
ManagedHsmSku
| Name | Description | Value |
|---|---|---|
| family | SKU Family of the managed HSM Pool | 'B' (required) |
| name | SKU of the managed HSM Pool | 'Custom_B32' 'Standard_B1' (required) |
Microsoft.KeyVault/managedHSMs
| Name | Description | Value |
|---|---|---|
| location | The supported Azure location where the managed HSM Pool should be created. | string |
| name | The resource name | string (required) |
| properties | Properties of the managed HSM | ManagedHsmProperties |
| sku | SKU details | ManagedHsmSku |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
Quickstart samples
The following quickstart samples deploy this resource type.
| Bicep File | Description |
|---|---|
| Create an Azure Key Vault Managed HSM | This template creates an Azure Key Vault Managed HSM. |
ARM template resource definition
The managedHSMs resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.KeyVault/managedHSMs resource, add the following JSON to your template.
{
"type": "Microsoft.KeyVault/managedHSMs",
"apiVersion": "2020-04-01-preview",
"name": "string",
"location": "string",
"properties": {
"createMode": "string",
"enablePurgeProtection": "bool",
"enableSoftDelete": "bool",
"initialAdminObjectIds": [ "string" ],
"softDeleteRetentionInDays": "int",
"tenantId": "string"
},
"sku": {
"family": "string",
"name": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property values
ManagedHsmProperties
| Name | Description | Value |
|---|---|---|
| createMode | The create mode to indicate whether the resource is being created or is being recovered from a deleted resource. | 'default' 'recover' |
| enablePurgeProtection | Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible. | bool |
| enableSoftDelete | Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable. | bool |
| initialAdminObjectIds | Array of initial administrators object ids for this managed hsm pool. | string[] |
| softDeleteRetentionInDays | Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90. | int |
| tenantId | The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
ManagedHsmResourceTags
| Name | Description | Value |
|---|
ManagedHsmSku
| Name | Description | Value |
|---|---|---|
| family | SKU Family of the managed HSM Pool | 'B' (required) |
| name | SKU of the managed HSM Pool | 'Custom_B32' 'Standard_B1' (required) |
Microsoft.KeyVault/managedHSMs
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2020-04-01-preview' |
| location | The supported Azure location where the managed HSM Pool should be created. | string |
| name | The resource name | string (required) |
| properties | Properties of the managed HSM | ManagedHsmProperties |
| sku | SKU details | ManagedHsmSku |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.KeyVault/managedHSMs' |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create an Azure Key Vault Managed HSM |
This template creates an Azure Key Vault Managed HSM. |
Terraform (AzAPI provider) resource definition
The managedHSMs resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.KeyVault/managedHSMs resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.KeyVault/managedHSMs@2020-04-01-preview"
name = "string"
location = "string"
sku = {
family = "string"
name = "string"
}
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
createMode = "string"
enablePurgeProtection = bool
enableSoftDelete = bool
initialAdminObjectIds = [
"string"
]
softDeleteRetentionInDays = int
tenantId = "string"
}
})
}
Property values
ManagedHsmProperties
| Name | Description | Value |
|---|---|---|
| createMode | The create mode to indicate whether the resource is being created or is being recovered from a deleted resource. | 'default' 'recover' |
| enablePurgeProtection | Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible. | bool |
| enableSoftDelete | Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable. | bool |
| initialAdminObjectIds | Array of initial administrators object ids for this managed hsm pool. | string[] |
| softDeleteRetentionInDays | Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90. | int |
| tenantId | The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ |
ManagedHsmResourceTags
| Name | Description | Value |
|---|
ManagedHsmSku
| Name | Description | Value |
|---|---|---|
| family | SKU Family of the managed HSM Pool | 'B' (required) |
| name | SKU of the managed HSM Pool | 'Custom_B32' 'Standard_B1' (required) |
Microsoft.KeyVault/managedHSMs
| Name | Description | Value |
|---|---|---|
| location | The supported Azure location where the managed HSM Pool should be created. | string |
| name | The resource name | string (required) |
| properties | Properties of the managed HSM | ManagedHsmProperties |
| sku | SKU details | ManagedHsmSku |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.KeyVault/managedHSMs@2020-04-01-preview" |