Microsoft.RecoveryServices vaults
- Latest
- 2024-10-01
- 2024-04-30-preview
- 2024-04-01
- 2024-02-01
- 2024-01-01
- 2023-08-01
- 2023-06-01
- 2023-04-01
- 2023-02-01
- 2023-01-01
- 2022-10-01
- 2022-09-30-preview
- 2022-09-10
- 2022-08-01
- 2022-05-01
- 2022-04-01
- 2022-03-01
- 2022-02-01
- 2022-01-31-preview
- 2022-01-01
- 2021-12-01
- 2021-11-01-preview
- 2021-08-01
- 2021-07-01
- 2021-06-01
- 2021-04-01
- 2021-03-01
- 2021-02-10
- 2021-01-01
- 2020-10-01
- 2020-02-02
- 2016-06-01
Bicep resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.RecoveryServices/vaults@2024-10-01' = {
etag: 'string'
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
location: 'string'
name: 'string'
properties: {
encryption: {
infrastructureEncryption: 'string'
kekIdentity: {
userAssignedIdentity: 'string'
useSystemAssignedIdentity: bool
}
keyVaultProperties: {
keyUri: 'string'
}
}
monitoringSettings: {
azureMonitorAlertSettings: {
alertsForAllFailoverIssues: 'string'
alertsForAllJobFailures: 'string'
alertsForAllReplicationIssues: 'string'
}
classicAlertSettings: {
alertsForCriticalOperations: 'string'
emailNotificationsForSiteRecovery: 'string'
}
}
moveDetails: {}
publicNetworkAccess: 'string'
redundancySettings: {
crossRegionRestore: 'string'
standardTierStorageRedundancy: 'string'
}
resourceGuardOperationRequests: [
'string'
]
restoreSettings: {
crossSubscriptionRestoreSettings: {
crossSubscriptionRestoreState: 'string'
}
}
securitySettings: {
immutabilitySettings: {
state: 'string'
}
softDeleteSettings: {
enhancedSecurityState: 'string'
softDeleteRetentionPeriodInDays: int
softDeleteState: 'string'
}
}
upgradeDetails: {}
}
sku: {
capacity: 'string'
family: 'string'
name: 'string'
size: 'string'
tier: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property values
AzureMonitorAlertSettings
Name | Description | Value |
---|---|---|
alertsForAllFailoverIssues | 'Disabled' 'Enabled' |
|
alertsForAllJobFailures | 'Disabled' 'Enabled' |
|
alertsForAllReplicationIssues | 'Disabled' 'Enabled' |
ClassicAlertSettings
Name | Description | Value |
---|---|---|
alertsForCriticalOperations | 'Disabled' 'Enabled' |
|
emailNotificationsForSiteRecovery | 'Disabled' 'Enabled' |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
CrossSubscriptionRestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreState | 'Disabled' 'Enabled' 'PermanentlyDisabled' |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityDataUserAssignedIdentities |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|
ImmutabilitySettings
Name | Description | Value |
---|---|---|
state | 'Disabled' 'Locked' 'Unlocked' |
Microsoft.RecoveryServices/vaults
Name | Description | Value |
---|---|---|
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
location | Resource location. | string (required) |
name | The resource name | string (required) |
properties | Properties of the vault. | VaultProperties |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
MonitoringSettings
Name | Description | Value |
---|---|---|
azureMonitorAlertSettings | Settings for Azure Monitor based alerts | AzureMonitorAlertSettings |
classicAlertSettings | Settings for classic alerts | ClassicAlertSettings |
RestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreSettings | Settings for CrossSubscriptionRestore | CrossSubscriptionRestoreSettings |
SecuritySettings
Name | Description | Value |
---|---|---|
immutabilitySettings | Immutability Settings of a vault | ImmutabilitySettings |
softDeleteSettings | Soft delete Settings of a vault | SoftDeleteSettings |
Sku
Name | Description | Value |
---|---|---|
capacity | The sku capacity | string |
family | The sku family | string |
name | Name of SKU is RS0 (Recovery Services 0th version) and the tier is standard tier. They do not have affect on backend storage redundancy or any other vault settings. To manage storage redundancy, use the backupstorageconfig | 'RS0' 'Standard' (required) |
size | The sku size | string |
tier | The Sku tier. | string |
SoftDeleteSettings
Name | Description | Value |
---|---|---|
enhancedSecurityState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
|
softDeleteRetentionPeriodInDays | Soft delete retention period in days | int |
softDeleteState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
TrackedResourceTags
Name | Description | Value |
---|
UpgradeDetails
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
monitoringSettings | Monitoring Settings of the vault | MonitoringSettings |
moveDetails | The details of the latest move operation performed on the Azure Resource | VaultPropertiesMoveDetails |
publicNetworkAccess | property to enable or disable resource provider inbound network traffic from public clients | 'Disabled' 'Enabled' |
redundancySettings | The redundancy Settings of a Vault | VaultPropertiesRedundancySettings |
resourceGuardOperationRequests | ResourceGuardOperationRequests on which LAC check will be performed | string[] |
restoreSettings | Restore Settings of the vault | RestoreSettings |
securitySettings | Security Settings of the vault | SecuritySettings |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | 'Disabled' 'Enabled' |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
VaultPropertiesMoveDetails
Name | Description | Value |
---|
VaultPropertiesRedundancySettings
Name | Description | Value |
---|---|---|
crossRegionRestore | Flag to show if Cross Region Restore is enabled on the Vault or not | 'Disabled' 'Enabled' |
standardTierStorageRedundancy | The storage redundancy setting of a vault | 'GeoRedundant' 'Invalid' 'LocallyRedundant' 'ZoneRedundant' |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Azure Backup for Workload in Azure Virtual Machines | This template creates a Recovery Services Vault and a Workload specific Backup Policy. Registers VM with Backup service and Configures Protection |
Backup existing File Share using Recovery Services (Daily) | This template configures protection for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup existing File Share using Recovery Services (hourly) | This template configures protection with hourly frequency for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup Resource Manager VMs using Recovery Services vault | This template will use existing recovery services vault and existing backup policy, and configures backup of multiple Resource Manager VMs that belong to same resource group |
Create a Recovery Services vault with advanced options | This template creates a Recovery Services vault that will be used further for Backup and Site Recovery. |
Create Daily Backup Policy for RS Vault to protect IaaSVMs | This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Create Recovery Services Vault and Enable Diagnostics | This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
Create Recovery Services Vault with backup policies | This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
Create Recovery Services Vault with default options | Simple template that creates a Recovery Services Vault. |
Create Weekly Backup Policy for RS Vault to protect IaaSVMs | This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Deploy a Windows VM and enable backup using Azure Backup | This template allows you to deploy a Windows VM and Recovery Services Vault configured with the DefaultPolicy for Protection. |
ARM template resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following JSON to your template.
{
"type": "Microsoft.RecoveryServices/vaults",
"apiVersion": "2024-10-01",
"name": "string",
"etag": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
}
}
},
"location": "string",
"properties": {
"encryption": {
"infrastructureEncryption": "string",
"kekIdentity": {
"userAssignedIdentity": "string",
"useSystemAssignedIdentity": "bool"
},
"keyVaultProperties": {
"keyUri": "string"
}
},
"monitoringSettings": {
"azureMonitorAlertSettings": {
"alertsForAllFailoverIssues": "string",
"alertsForAllJobFailures": "string",
"alertsForAllReplicationIssues": "string"
},
"classicAlertSettings": {
"alertsForCriticalOperations": "string",
"emailNotificationsForSiteRecovery": "string"
}
},
"moveDetails": {
},
"publicNetworkAccess": "string",
"redundancySettings": {
"crossRegionRestore": "string",
"standardTierStorageRedundancy": "string"
},
"resourceGuardOperationRequests": [ "string" ],
"restoreSettings": {
"crossSubscriptionRestoreSettings": {
"crossSubscriptionRestoreState": "string"
}
},
"securitySettings": {
"immutabilitySettings": {
"state": "string"
},
"softDeleteSettings": {
"enhancedSecurityState": "string",
"softDeleteRetentionPeriodInDays": "int",
"softDeleteState": "string"
}
},
"upgradeDetails": {
}
},
"sku": {
"capacity": "string",
"family": "string",
"name": "string",
"size": "string",
"tier": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property values
AzureMonitorAlertSettings
Name | Description | Value |
---|---|---|
alertsForAllFailoverIssues | 'Disabled' 'Enabled' |
|
alertsForAllJobFailures | 'Disabled' 'Enabled' |
|
alertsForAllReplicationIssues | 'Disabled' 'Enabled' |
ClassicAlertSettings
Name | Description | Value |
---|---|---|
alertsForCriticalOperations | 'Disabled' 'Enabled' |
|
emailNotificationsForSiteRecovery | 'Disabled' 'Enabled' |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
CrossSubscriptionRestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreState | 'Disabled' 'Enabled' 'PermanentlyDisabled' |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityDataUserAssignedIdentities |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|
ImmutabilitySettings
Name | Description | Value |
---|---|---|
state | 'Disabled' 'Locked' 'Unlocked' |
Microsoft.RecoveryServices/vaults
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2024-10-01' |
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
location | Resource location. | string (required) |
name | The resource name | string (required) |
properties | Properties of the vault. | VaultProperties |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.RecoveryServices/vaults' |
MonitoringSettings
Name | Description | Value |
---|---|---|
azureMonitorAlertSettings | Settings for Azure Monitor based alerts | AzureMonitorAlertSettings |
classicAlertSettings | Settings for classic alerts | ClassicAlertSettings |
RestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreSettings | Settings for CrossSubscriptionRestore | CrossSubscriptionRestoreSettings |
SecuritySettings
Name | Description | Value |
---|---|---|
immutabilitySettings | Immutability Settings of a vault | ImmutabilitySettings |
softDeleteSettings | Soft delete Settings of a vault | SoftDeleteSettings |
Sku
Name | Description | Value |
---|---|---|
capacity | The sku capacity | string |
family | The sku family | string |
name | Name of SKU is RS0 (Recovery Services 0th version) and the tier is standard tier. They do not have affect on backend storage redundancy or any other vault settings. To manage storage redundancy, use the backupstorageconfig | 'RS0' 'Standard' (required) |
size | The sku size | string |
tier | The Sku tier. | string |
SoftDeleteSettings
Name | Description | Value |
---|---|---|
enhancedSecurityState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
|
softDeleteRetentionPeriodInDays | Soft delete retention period in days | int |
softDeleteState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
TrackedResourceTags
Name | Description | Value |
---|
UpgradeDetails
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
monitoringSettings | Monitoring Settings of the vault | MonitoringSettings |
moveDetails | The details of the latest move operation performed on the Azure Resource | VaultPropertiesMoveDetails |
publicNetworkAccess | property to enable or disable resource provider inbound network traffic from public clients | 'Disabled' 'Enabled' |
redundancySettings | The redundancy Settings of a Vault | VaultPropertiesRedundancySettings |
resourceGuardOperationRequests | ResourceGuardOperationRequests on which LAC check will be performed | string[] |
restoreSettings | Restore Settings of the vault | RestoreSettings |
securitySettings | Security Settings of the vault | SecuritySettings |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | 'Disabled' 'Enabled' |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
VaultPropertiesMoveDetails
Name | Description | Value |
---|
VaultPropertiesRedundancySettings
Name | Description | Value |
---|---|---|
crossRegionRestore | Flag to show if Cross Region Restore is enabled on the Vault or not | 'Disabled' 'Enabled' |
standardTierStorageRedundancy | The storage redundancy setting of a vault | 'GeoRedundant' 'Invalid' 'LocallyRedundant' 'ZoneRedundant' |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Azure Backup for Workload in Azure Virtual Machines |
This template creates a Recovery Services Vault and a Workload specific Backup Policy. Registers VM with Backup service and Configures Protection |
Backup existing File Share using Recovery Services (Daily) |
This template configures protection for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup existing File Share using Recovery Services (hourly) |
This template configures protection with hourly frequency for an existing File Share present in an existing Storage Account. It creates a new or uses an existing Recovery Services Vault and Backup Policy based on the set parameter values. |
Backup Resource Manager VMs using Recovery Services vault |
This template will use existing recovery services vault and existing backup policy, and configures backup of multiple Resource Manager VMs that belong to same resource group |
Create a Recovery Services vault with advanced options |
This template creates a Recovery Services vault that will be used further for Backup and Site Recovery. |
Create Daily Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
Create Recovery Services Vault with default options |
Simple template that creates a Recovery Services Vault. |
Create Weekly Backup Policy for RS Vault to protect IaaSVMs |
This template creates Recovery service vault and a Daily Backup Policy that can be used to protect classic and ARM based IaaS VMs. |
Deploy a Windows VM and enable backup using Azure Backup |
This template allows you to deploy a Windows VM and Recovery Services Vault configured with the DefaultPolicy for Protection. |
IBM Cloud Pak for Data on Azure |
This template deploys an Openshift cluster on Azure with all the required resources, infrastructure and then deploys IBM Cloud Pak for Data along with the add-ons that user chooses. |
Openshift Container Platform 4.3 |
Openshift Container Platform 4.3 |
Terraform (AzAPI provider) resource definition
The vaults resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.RecoveryServices/vaults resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.RecoveryServices/vaults@2024-10-01"
name = "string"
etag = "string"
identity = {
type = "string"
userAssignedIdentities = {
{customized property} = {
}
}
}
location = "string"
sku = {
capacity = "string"
family = "string"
name = "string"
size = "string"
tier = "string"
}
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
encryption = {
infrastructureEncryption = "string"
kekIdentity = {
userAssignedIdentity = "string"
useSystemAssignedIdentity = bool
}
keyVaultProperties = {
keyUri = "string"
}
}
monitoringSettings = {
azureMonitorAlertSettings = {
alertsForAllFailoverIssues = "string"
alertsForAllJobFailures = "string"
alertsForAllReplicationIssues = "string"
}
classicAlertSettings = {
alertsForCriticalOperations = "string"
emailNotificationsForSiteRecovery = "string"
}
}
moveDetails = {
}
publicNetworkAccess = "string"
redundancySettings = {
crossRegionRestore = "string"
standardTierStorageRedundancy = "string"
}
resourceGuardOperationRequests = [
"string"
]
restoreSettings = {
crossSubscriptionRestoreSettings = {
crossSubscriptionRestoreState = "string"
}
}
securitySettings = {
immutabilitySettings = {
state = "string"
}
softDeleteSettings = {
enhancedSecurityState = "string"
softDeleteRetentionPeriodInDays = int
softDeleteState = "string"
}
}
upgradeDetails = {
}
}
})
}
Property values
AzureMonitorAlertSettings
Name | Description | Value |
---|---|---|
alertsForAllFailoverIssues | 'Disabled' 'Enabled' |
|
alertsForAllJobFailures | 'Disabled' 'Enabled' |
|
alertsForAllReplicationIssues | 'Disabled' 'Enabled' |
ClassicAlertSettings
Name | Description | Value |
---|---|---|
alertsForCriticalOperations | 'Disabled' 'Enabled' |
|
emailNotificationsForSiteRecovery | 'Disabled' 'Enabled' |
CmkKekIdentity
Name | Description | Value |
---|---|---|
userAssignedIdentity | The user assigned identity to be used to grant permissions in case the type of identity used is UserAssigned | string |
useSystemAssignedIdentity | Indicate that system assigned identity should be used. Mutually exclusive with 'userAssignedIdentity' field | bool |
CmkKeyVaultProperties
Name | Description | Value |
---|---|---|
keyUri | The key uri of the Customer Managed Key | string |
CrossSubscriptionRestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreState | 'Disabled' 'Enabled' 'PermanentlyDisabled' |
IdentityData
Name | Description | Value |
---|---|---|
type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove any identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The list of user-assigned identities associated with the resource. The user-assigned identity dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityDataUserAssignedIdentities |
IdentityDataUserAssignedIdentities
Name | Description | Value |
---|
ImmutabilitySettings
Name | Description | Value |
---|---|---|
state | 'Disabled' 'Locked' 'Unlocked' |
Microsoft.RecoveryServices/vaults
Name | Description | Value |
---|---|---|
etag | Optional ETag. | string |
identity | Identity for the resource. | IdentityData |
location | Resource location. | string (required) |
name | The resource name | string (required) |
properties | Properties of the vault. | VaultProperties |
sku | Identifies the unique system identifier for each Azure resource. | Sku |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.RecoveryServices/vaults@2024-10-01" |
MonitoringSettings
Name | Description | Value |
---|---|---|
azureMonitorAlertSettings | Settings for Azure Monitor based alerts | AzureMonitorAlertSettings |
classicAlertSettings | Settings for classic alerts | ClassicAlertSettings |
RestoreSettings
Name | Description | Value |
---|---|---|
crossSubscriptionRestoreSettings | Settings for CrossSubscriptionRestore | CrossSubscriptionRestoreSettings |
SecuritySettings
Name | Description | Value |
---|---|---|
immutabilitySettings | Immutability Settings of a vault | ImmutabilitySettings |
softDeleteSettings | Soft delete Settings of a vault | SoftDeleteSettings |
Sku
Name | Description | Value |
---|---|---|
capacity | The sku capacity | string |
family | The sku family | string |
name | Name of SKU is RS0 (Recovery Services 0th version) and the tier is standard tier. They do not have affect on backend storage redundancy or any other vault settings. To manage storage redundancy, use the backupstorageconfig | 'RS0' 'Standard' (required) |
size | The sku size | string |
tier | The Sku tier. | string |
SoftDeleteSettings
Name | Description | Value |
---|---|---|
enhancedSecurityState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
|
softDeleteRetentionPeriodInDays | Soft delete retention period in days | int |
softDeleteState | 'AlwaysON' 'Disabled' 'Enabled' 'Invalid' |
TrackedResourceTags
Name | Description | Value |
---|
UpgradeDetails
Name | Description | Value |
---|
UserIdentity
Name | Description | Value |
---|
VaultProperties
Name | Description | Value |
---|---|---|
encryption | Customer Managed Key details of the resource. | VaultPropertiesEncryption |
monitoringSettings | Monitoring Settings of the vault | MonitoringSettings |
moveDetails | The details of the latest move operation performed on the Azure Resource | VaultPropertiesMoveDetails |
publicNetworkAccess | property to enable or disable resource provider inbound network traffic from public clients | 'Disabled' 'Enabled' |
redundancySettings | The redundancy Settings of a Vault | VaultPropertiesRedundancySettings |
resourceGuardOperationRequests | ResourceGuardOperationRequests on which LAC check will be performed | string[] |
restoreSettings | Restore Settings of the vault | RestoreSettings |
securitySettings | Security Settings of the vault | SecuritySettings |
upgradeDetails | Details for upgrading vault. | UpgradeDetails |
VaultPropertiesEncryption
Name | Description | Value |
---|---|---|
infrastructureEncryption | Enabling/Disabling the Double Encryption state | 'Disabled' 'Enabled' |
kekIdentity | The details of the identity used for CMK | CmkKekIdentity |
keyVaultProperties | The properties of the Key Vault which hosts CMK | CmkKeyVaultProperties |
VaultPropertiesMoveDetails
Name | Description | Value |
---|
VaultPropertiesRedundancySettings
Name | Description | Value |
---|---|---|
crossRegionRestore | Flag to show if Cross Region Restore is enabled on the Vault or not | 'Disabled' 'Enabled' |
standardTierStorageRedundancy | The storage redundancy setting of a vault | 'GeoRedundant' 'Invalid' 'LocallyRedundant' 'ZoneRedundant' |