Microsoft.RecoveryServices vaults 2021-03-01
- Latest
- 2024-04-30-preview
- 2024-04-01
- 2024-02-01
- 2024-01-01
- 2023-08-01
- 2023-06-01
- 2023-04-01
- 2023-02-01
- 2023-01-01
- 2022-10-01
- 2022-09-30-preview
- 2022-09-10
- 2022-08-01
- 2022-05-01
- 2022-04-01
- 2022-03-01
- 2022-02-01
- 2022-01-31-preview
- 2022-01-01
- 2021-12-01
- 2021-11-01-preview
- 2021-08-01
- 2021-07-01
- 2021-06-01
- 2021-04-01
- 2021-03-01
- 2021-02-10
- 2021-01-01
- 2020-10-01
- 2020-02-02
- 2016-06-01
Bicep resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.RecoveryServices/vaults@2021-03-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
tier: 'string'
}
etag: 'string'
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
properties: {
encryption: {
infrastructureEncryption: 'string'
kekIdentity: {
userAssignedIdentity: 'string'
useSystemAssignedIdentity: bool
}
keyVaultProperties: {
keyUri: 'string'
}
}
upgradeDetails: {}
}
}
Property values
vaults
Name | Description | Value |
---|---|---|
name | The resource name | string (required) Character limit: 2-50 Valid characters: Alphanumerics and hyphens. Start with letter. |
location | Resource location. | string (required) |
tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
properties | Properties of the vault. | VaultProperties |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityDataUserAssignedIdentities |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|---|---|
{customized property} | UserIdentity |
UserIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | 'Disabled' 'Enabled' |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
UpgradeDetails
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
Name | Description | Value |
---|---|---|
name | The Sku name. | 'RS0' 'Standard' (required) |
tier | The Sku tier. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
IBM Cloud Pak for Data on Azure |
This template deploys an Openshift cluster on Azure with all the required resources, infrastructure and then deploys IBM Cloud Pak for Data along with the add-ons that user chooses. |
Openshift Container Platform 4.3 |
Openshift Container Platform 4.3 |
Backup existing File Share using Recovery Services (Daily) |
This template configures protection for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup existing File Share using Recovery Services (hourly) |
This template configures protection with hourly frequency for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup Resource Manager VMs using Recovery Services vault |
This template will use existing recovery services vault and existing backup policy, and configures backup of multiple Resource Manager VMs that belong to same resource group |
Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
Deploy a Windows VM and enable backup using Azure Backup |
This template allows you to deploy a Windows VM and Recovery Services Vault configured with the DefaultPolicy for Protection. |
Create Daily Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Create Recovery Services Vault with default options |
Simple template that creates a Recovery Services Vault. |
Create a Recovery Services vault with advanced options |
This template creates a Recovery Services vault that will be used further for Backup and Site Recovery. |
Azure Backup for Workload in Azure Virtual Machines |
This template creates a Recovery Services Vault and a Workload specific Backup Policy. Registers VM with Backup service and Configures Protection |
Create Weekly Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
ARM template resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following JSON to your template.
{
"type": "Microsoft.RecoveryServices/vaults",
"apiVersion": "2021-03-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string",
"tier": "string"
},
"etag": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {}
}
},
"properties": {
"encryption": {
"infrastructureEncryption": "string",
"kekIdentity": {
"userAssignedIdentity": "string",
"useSystemAssignedIdentity": "bool"
},
"keyVaultProperties": {
"keyUri": "string"
}
},
"upgradeDetails": {}
}
}
Property values
vaults
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.RecoveryServices/vaults' |
apiVersion | The resource api version | '2021-03-01' |
name | The resource name | string (required) Character limit: 2-50 Valid characters: Alphanumerics and hyphens. Start with letter. |
location | Resource location. | string (required) |
tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
properties | Properties of the vault. | VaultProperties |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityDataUserAssignedIdentities |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|---|---|
{customized property} | UserIdentity |
UserIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | 'Disabled' 'Enabled' |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
UpgradeDetails
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
Name | Description | Value |
---|---|---|
name | The Sku name. | 'RS0' 'Standard' (required) |
tier | The Sku tier. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
IBM Cloud Pak for Data on Azure |
This template deploys an Openshift cluster on Azure with all the required resources, infrastructure and then deploys IBM Cloud Pak for Data along with the add-ons that user chooses. |
Openshift Container Platform 4.3 |
Openshift Container Platform 4.3 |
Backup existing File Share using Recovery Services (Daily) |
This template configures protection for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup existing File Share using Recovery Services (hourly) |
This template configures protection with hourly frequency for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup Resource Manager VMs using Recovery Services vault |
This template will use existing recovery services vault and existing backup policy, and configures backup of multiple Resource Manager VMs that belong to same resource group |
Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
Deploy a Windows VM and enable backup using Azure Backup |
This template allows you to deploy a Windows VM and Recovery Services Vault configured with the DefaultPolicy for Protection. |
Create Daily Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Create Recovery Services Vault with default options |
Simple template that creates a Recovery Services Vault. |
Create a Recovery Services vault with advanced options |
This template creates a Recovery Services vault that will be used further for Backup and Site Recovery. |
Azure Backup for Workload in Azure Virtual Machines |
This template creates a Recovery Services Vault and a Workload specific Backup Policy. Registers VM with Backup service and Configures Protection |
Create Weekly Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Terraform (AzAPI provider) resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.RecoveryServices/vaults@2021-03-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
identity {
type = "string"
identity_ids = []
}
body = jsonencode({
properties = {
encryption = {
infrastructureEncryption = "string"
kekIdentity = {
userAssignedIdentity = "string"
useSystemAssignedIdentity = bool
}
keyVaultProperties = {
keyUri = "string"
}
}
upgradeDetails = {}
}
sku = {
name = "string"
tier = "string"
}
etag = "string"
})
}
Property values
vaults
Name | Description | Value |
---|---|---|
type | The resource type | "Microsoft.RecoveryServices/vaults@2021-03-01" |
name | The resource name | string (required) Character limit: 2-50 Valid characters: Alphanumerics and hyphens. Start with letter. |
location | Resource location. | string (required) |
parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
tags | Resource tags. | Dictionary of tag names and values. |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
properties | Properties of the vault. | VaultProperties |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | "SystemAssigned" "SystemAssigned, UserAssigned" "UserAssigned" (required) |
identity_ids | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | Array of user identity IDs. |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|---|---|
{customized property} | UserIdentity |
UserIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | "Disabled" "Enabled" |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
UpgradeDetails
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
Name | Description | Value |
---|---|---|
name | The Sku name. | "RS0" "Standard" (required) |
tier | The Sku tier. | string |