VaultProperties interface
Properties of the vault
Properties
| access |
An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When |
| create |
The vault's create mode to indicate whether the vault need to be recovered or not. |
| enabled |
Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. |
| enabled |
Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. |
| enabled |
Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. |
| enable |
Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value. |
| enable |
Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC. |
| enable |
Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false. |
| hsm |
The resource id of HSM Pool. NOTE: This property will not be serialized. It can only be populated by the server. |
| network |
Rules governing the accessibility of the key vault from specific network locations. |
| private |
List of private endpoint connections associated with the key vault. NOTE: This property will not be serialized. It can only be populated by the server. |
| provisioning |
Provisioning state of the vault. |
| sku | SKU details |
| soft |
softDelete data retention days. It accepts >=7 and <=90. |
| tenant |
The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault. |
| vault |
The URI of the vault for performing operations on keys and secrets. This property is readonly |
Property Details
accessPolicies
An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When createMode is set to recover, access policies are not required. Otherwise, access policies are required.
accessPolicies?: AccessPolicyEntry[]Property Value
createMode
The vault's create mode to indicate whether the vault need to be recovered or not.
createMode?: CreateModeProperty Value
enabledForDeployment
Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
enabledForDeployment?: booleanProperty Value
boolean
enabledForDiskEncryption
Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
enabledForDiskEncryption?: booleanProperty Value
boolean
enabledForTemplateDeployment
Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
enabledForTemplateDeployment?: booleanProperty Value
boolean
enablePurgeProtection
Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.
enablePurgeProtection?: booleanProperty Value
boolean
enableRbacAuthorization
Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
enableRbacAuthorization?: booleanProperty Value
boolean
enableSoftDelete
Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.
enableSoftDelete?: booleanProperty Value
boolean
hsmPoolResourceId
The resource id of HSM Pool. NOTE: This property will not be serialized. It can only be populated by the server.
hsmPoolResourceId?: stringProperty Value
string
networkAcls
Rules governing the accessibility of the key vault from specific network locations.
networkAcls?: NetworkRuleSetProperty Value
privateEndpointConnections
List of private endpoint connections associated with the key vault. NOTE: This property will not be serialized. It can only be populated by the server.
privateEndpointConnections?: PrivateEndpointConnectionItem[]Property Value
provisioningState
Provisioning state of the vault.
provisioningState?: stringProperty Value
string
sku
softDeleteRetentionInDays
softDelete data retention days. It accepts >=7 and <=90.
softDeleteRetentionInDays?: numberProperty Value
number
tenantId
The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
tenantId: stringProperty Value
string
vaultUri
The URI of the vault for performing operations on keys and secrets. This property is readonly
vaultUri?: stringProperty Value
string