We recommend using Azure Native.
azure.appconfiguration.ConfigurationKey
Explore with Pulumi AI
Manages an Azure App Configuration Key.
Note: App Configuration Keys are provisioned using a Data Plane API which requires the role
App Configuration Data Owner
on either the App Configuration or a parent scope (such as the Resource Group/Subscription). More information can be found in the Azure Documentation for App Configuration.
Example Usage
Kv
Type
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const appconf = new azure.appconfiguration.ConfigurationStore("appconf", {
name: "appConf1",
resourceGroupName: example.name,
location: example.location,
});
const current = azure.core.getClientConfig({});
const appconfDataowner = new azure.authorization.Assignment("appconf_dataowner", {
scope: appconf.id,
roleDefinitionName: "App Configuration Data Owner",
principalId: current.then(current => current.objectId),
});
const test = new azure.appconfiguration.ConfigurationKey("test", {
configurationStoreId: appconf.id,
key: "appConfKey1",
label: "somelabel",
value: "a test",
}, {
dependsOn: [appconfDataowner],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
appconf = azure.appconfiguration.ConfigurationStore("appconf",
name="appConf1",
resource_group_name=example.name,
location=example.location)
current = azure.core.get_client_config()
appconf_dataowner = azure.authorization.Assignment("appconf_dataowner",
scope=appconf.id,
role_definition_name="App Configuration Data Owner",
principal_id=current.object_id)
test = azure.appconfiguration.ConfigurationKey("test",
configuration_store_id=appconf.id,
key="appConfKey1",
label="somelabel",
value="a test",
opts = pulumi.ResourceOptions(depends_on=[appconf_dataowner]))
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/appconfiguration"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
appconf, err := appconfiguration.NewConfigurationStore(ctx, "appconf", &appconfiguration.ConfigurationStoreArgs{
Name: pulumi.String("appConf1"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
current, err := core.GetClientConfig(ctx, nil, nil)
if err != nil {
return err
}
appconfDataowner, err := authorization.NewAssignment(ctx, "appconf_dataowner", &authorization.AssignmentArgs{
Scope: appconf.ID(),
RoleDefinitionName: pulumi.String("App Configuration Data Owner"),
PrincipalId: pulumi.String(current.ObjectId),
})
if err != nil {
return err
}
_, err = appconfiguration.NewConfigurationKey(ctx, "test", &appconfiguration.ConfigurationKeyArgs{
ConfigurationStoreId: appconf.ID(),
Key: pulumi.String("appConfKey1"),
Label: pulumi.String("somelabel"),
Value: pulumi.String("a test"),
}, pulumi.DependsOn([]pulumi.Resource{
appconfDataowner,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var appconf = new Azure.AppConfiguration.ConfigurationStore("appconf", new()
{
Name = "appConf1",
ResourceGroupName = example.Name,
Location = example.Location,
});
var current = Azure.Core.GetClientConfig.Invoke();
var appconfDataowner = new Azure.Authorization.Assignment("appconf_dataowner", new()
{
Scope = appconf.Id,
RoleDefinitionName = "App Configuration Data Owner",
PrincipalId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
});
var test = new Azure.AppConfiguration.ConfigurationKey("test", new()
{
ConfigurationStoreId = appconf.Id,
Key = "appConfKey1",
Label = "somelabel",
Value = "a test",
}, new CustomResourceOptions
{
DependsOn =
{
appconfDataowner,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.appconfiguration.ConfigurationKey;
import com.pulumi.azure.appconfiguration.ConfigurationKeyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var appconf = new ConfigurationStore("appconf", ConfigurationStoreArgs.builder()
.name("appConf1")
.resourceGroupName(example.name())
.location(example.location())
.build());
final var current = CoreFunctions.getClientConfig();
var appconfDataowner = new Assignment("appconfDataowner", AssignmentArgs.builder()
.scope(appconf.id())
.roleDefinitionName("App Configuration Data Owner")
.principalId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.build());
var test = new ConfigurationKey("test", ConfigurationKeyArgs.builder()
.configurationStoreId(appconf.id())
.key("appConfKey1")
.label("somelabel")
.value("a test")
.build(), CustomResourceOptions.builder()
.dependsOn(appconfDataowner)
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
appconf:
type: azure:appconfiguration:ConfigurationStore
properties:
name: appConf1
resourceGroupName: ${example.name}
location: ${example.location}
appconfDataowner:
type: azure:authorization:Assignment
name: appconf_dataowner
properties:
scope: ${appconf.id}
roleDefinitionName: App Configuration Data Owner
principalId: ${current.objectId}
test:
type: azure:appconfiguration:ConfigurationKey
properties:
configurationStoreId: ${appconf.id}
key: appConfKey1
label: somelabel
value: a test
options:
dependson:
- ${appconfDataowner}
variables:
current:
fn::invoke:
Function: azure:core:getClientConfig
Arguments: {}
Vault
Type
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const appconf = new azure.appconfiguration.ConfigurationStore("appconf", {
name: "appConf1",
resourceGroupName: example.name,
location: example.location,
});
const current = azure.core.getClientConfig({});
const kv = new azure.keyvault.KeyVault("kv", {
name: "kv",
location: testAzurermResourceGroup.location,
resourceGroupName: testAzurermResourceGroup.name,
tenantId: current.then(current => current.tenantId),
skuName: "premium",
softDeleteRetentionDays: 7,
accessPolicies: [{
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
keyPermissions: [
"Create",
"Get",
],
secretPermissions: [
"Set",
"Get",
"Delete",
"Purge",
"Recover",
],
}],
});
const kvs = new azure.keyvault.Secret("kvs", {
name: "kvs",
value: "szechuan",
keyVaultId: kv.id,
});
const appconfDataowner = new azure.authorization.Assignment("appconf_dataowner", {
scope: appconf.id,
roleDefinitionName: "App Configuration Data Owner",
principalId: current.then(current => current.objectId),
});
const test = new azure.appconfiguration.ConfigurationKey("test", {
configurationStoreId: testAzurermAppConfiguration.id,
key: "key1",
type: "vault",
label: "label1",
vaultKeyReference: kvs.versionlessId,
}, {
dependsOn: [appconfDataowner],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
appconf = azure.appconfiguration.ConfigurationStore("appconf",
name="appConf1",
resource_group_name=example.name,
location=example.location)
current = azure.core.get_client_config()
kv = azure.keyvault.KeyVault("kv",
name="kv",
location=test_azurerm_resource_group["location"],
resource_group_name=test_azurerm_resource_group["name"],
tenant_id=current.tenant_id,
sku_name="premium",
soft_delete_retention_days=7,
access_policies=[{
"tenant_id": current.tenant_id,
"object_id": current.object_id,
"key_permissions": [
"Create",
"Get",
],
"secret_permissions": [
"Set",
"Get",
"Delete",
"Purge",
"Recover",
],
}])
kvs = azure.keyvault.Secret("kvs",
name="kvs",
value="szechuan",
key_vault_id=kv.id)
appconf_dataowner = azure.authorization.Assignment("appconf_dataowner",
scope=appconf.id,
role_definition_name="App Configuration Data Owner",
principal_id=current.object_id)
test = azure.appconfiguration.ConfigurationKey("test",
configuration_store_id=test_azurerm_app_configuration["id"],
key="key1",
type="vault",
label="label1",
vault_key_reference=kvs.versionless_id,
opts = pulumi.ResourceOptions(depends_on=[appconf_dataowner]))
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/appconfiguration"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
appconf, err := appconfiguration.NewConfigurationStore(ctx, "appconf", &appconfiguration.ConfigurationStoreArgs{
Name: pulumi.String("appConf1"),
ResourceGroupName: example.Name,
Location: example.Location,
})
if err != nil {
return err
}
current, err := core.GetClientConfig(ctx, nil, nil)
if err != nil {
return err
}
kv, err := keyvault.NewKeyVault(ctx, "kv", &keyvault.KeyVaultArgs{
Name: pulumi.String("kv"),
Location: pulumi.Any(testAzurermResourceGroup.Location),
ResourceGroupName: pulumi.Any(testAzurermResourceGroup.Name),
TenantId: pulumi.String(current.TenantId),
SkuName: pulumi.String("premium"),
SoftDeleteRetentionDays: pulumi.Int(7),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.String(current.TenantId),
ObjectId: pulumi.String(current.ObjectId),
KeyPermissions: pulumi.StringArray{
pulumi.String("Create"),
pulumi.String("Get"),
},
SecretPermissions: pulumi.StringArray{
pulumi.String("Set"),
pulumi.String("Get"),
pulumi.String("Delete"),
pulumi.String("Purge"),
pulumi.String("Recover"),
},
},
},
})
if err != nil {
return err
}
kvs, err := keyvault.NewSecret(ctx, "kvs", &keyvault.SecretArgs{
Name: pulumi.String("kvs"),
Value: pulumi.String("szechuan"),
KeyVaultId: kv.ID(),
})
if err != nil {
return err
}
appconfDataowner, err := authorization.NewAssignment(ctx, "appconf_dataowner", &authorization.AssignmentArgs{
Scope: appconf.ID(),
RoleDefinitionName: pulumi.String("App Configuration Data Owner"),
PrincipalId: pulumi.String(current.ObjectId),
})
if err != nil {
return err
}
_, err = appconfiguration.NewConfigurationKey(ctx, "test", &appconfiguration.ConfigurationKeyArgs{
ConfigurationStoreId: pulumi.Any(testAzurermAppConfiguration.Id),
Key: pulumi.String("key1"),
Type: pulumi.String("vault"),
Label: pulumi.String("label1"),
VaultKeyReference: kvs.VersionlessId,
}, pulumi.DependsOn([]pulumi.Resource{
appconfDataowner,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var appconf = new Azure.AppConfiguration.ConfigurationStore("appconf", new()
{
Name = "appConf1",
ResourceGroupName = example.Name,
Location = example.Location,
});
var current = Azure.Core.GetClientConfig.Invoke();
var kv = new Azure.KeyVault.KeyVault("kv", new()
{
Name = "kv",
Location = testAzurermResourceGroup.Location,
ResourceGroupName = testAzurermResourceGroup.Name,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
SkuName = "premium",
SoftDeleteRetentionDays = 7,
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
KeyPermissions = new[]
{
"Create",
"Get",
},
SecretPermissions = new[]
{
"Set",
"Get",
"Delete",
"Purge",
"Recover",
},
},
},
});
var kvs = new Azure.KeyVault.Secret("kvs", new()
{
Name = "kvs",
Value = "szechuan",
KeyVaultId = kv.Id,
});
var appconfDataowner = new Azure.Authorization.Assignment("appconf_dataowner", new()
{
Scope = appconf.Id,
RoleDefinitionName = "App Configuration Data Owner",
PrincipalId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
});
var test = new Azure.AppConfiguration.ConfigurationKey("test", new()
{
ConfigurationStoreId = testAzurermAppConfiguration.Id,
Key = "key1",
Type = "vault",
Label = "label1",
VaultKeyReference = kvs.VersionlessId,
}, new CustomResourceOptions
{
DependsOn =
{
appconfDataowner,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appconfiguration.ConfigurationStore;
import com.pulumi.azure.appconfiguration.ConfigurationStoreArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Secret;
import com.pulumi.azure.keyvault.SecretArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.appconfiguration.ConfigurationKey;
import com.pulumi.azure.appconfiguration.ConfigurationKeyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var appconf = new ConfigurationStore("appconf", ConfigurationStoreArgs.builder()
.name("appConf1")
.resourceGroupName(example.name())
.location(example.location())
.build());
final var current = CoreFunctions.getClientConfig();
var kv = new KeyVault("kv", KeyVaultArgs.builder()
.name("kv")
.location(testAzurermResourceGroup.location())
.resourceGroupName(testAzurermResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("premium")
.softDeleteRetentionDays(7)
.accessPolicies(KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Create",
"Get")
.secretPermissions(
"Set",
"Get",
"Delete",
"Purge",
"Recover")
.build())
.build());
var kvs = new Secret("kvs", SecretArgs.builder()
.name("kvs")
.value("szechuan")
.keyVaultId(kv.id())
.build());
var appconfDataowner = new Assignment("appconfDataowner", AssignmentArgs.builder()
.scope(appconf.id())
.roleDefinitionName("App Configuration Data Owner")
.principalId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.build());
var test = new ConfigurationKey("test", ConfigurationKeyArgs.builder()
.configurationStoreId(testAzurermAppConfiguration.id())
.key("key1")
.type("vault")
.label("label1")
.vaultKeyReference(kvs.versionlessId())
.build(), CustomResourceOptions.builder()
.dependsOn(appconfDataowner)
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
appconf:
type: azure:appconfiguration:ConfigurationStore
properties:
name: appConf1
resourceGroupName: ${example.name}
location: ${example.location}
kv:
type: azure:keyvault:KeyVault
properties:
name: kv
location: ${testAzurermResourceGroup.location}
resourceGroupName: ${testAzurermResourceGroup.name}
tenantId: ${current.tenantId}
skuName: premium
softDeleteRetentionDays: 7
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
keyPermissions:
- Create
- Get
secretPermissions:
- Set
- Get
- Delete
- Purge
- Recover
kvs:
type: azure:keyvault:Secret
properties:
name: kvs
value: szechuan
keyVaultId: ${kv.id}
appconfDataowner:
type: azure:authorization:Assignment
name: appconf_dataowner
properties:
scope: ${appconf.id}
roleDefinitionName: App Configuration Data Owner
principalId: ${current.objectId}
test:
type: azure:appconfiguration:ConfigurationKey
properties:
configurationStoreId: ${testAzurermAppConfiguration.id}
key: key1
type: vault
label: label1
vaultKeyReference: ${kvs.versionlessId}
options:
dependson:
- ${appconfDataowner}
variables:
current:
fn::invoke:
Function: azure:core:getClientConfig
Arguments: {}
Create ConfigurationKey Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ConfigurationKey(name: string, args: ConfigurationKeyArgs, opts?: CustomResourceOptions);
@overload
def ConfigurationKey(resource_name: str,
args: ConfigurationKeyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ConfigurationKey(resource_name: str,
opts: Optional[ResourceOptions] = None,
configuration_store_id: Optional[str] = None,
key: Optional[str] = None,
content_type: Optional[str] = None,
etag: Optional[str] = None,
label: Optional[str] = None,
locked: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
type: Optional[str] = None,
value: Optional[str] = None,
vault_key_reference: Optional[str] = None)
func NewConfigurationKey(ctx *Context, name string, args ConfigurationKeyArgs, opts ...ResourceOption) (*ConfigurationKey, error)
public ConfigurationKey(string name, ConfigurationKeyArgs args, CustomResourceOptions? opts = null)
public ConfigurationKey(String name, ConfigurationKeyArgs args)
public ConfigurationKey(String name, ConfigurationKeyArgs args, CustomResourceOptions options)
type: azure:appconfiguration:ConfigurationKey
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ConfigurationKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConfigurationKeyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConfigurationKeyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConfigurationKeyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConfigurationKeyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var configurationKeyResource = new Azure.AppConfiguration.ConfigurationKey("configurationKeyResource", new()
{
ConfigurationStoreId = "string",
Key = "string",
ContentType = "string",
Etag = "string",
Label = "string",
Locked = false,
Tags =
{
{ "string", "string" },
},
Type = "string",
Value = "string",
VaultKeyReference = "string",
});
example, err := appconfiguration.NewConfigurationKey(ctx, "configurationKeyResource", &appconfiguration.ConfigurationKeyArgs{
ConfigurationStoreId: pulumi.String("string"),
Key: pulumi.String("string"),
ContentType: pulumi.String("string"),
Etag: pulumi.String("string"),
Label: pulumi.String("string"),
Locked: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Type: pulumi.String("string"),
Value: pulumi.String("string"),
VaultKeyReference: pulumi.String("string"),
})
var configurationKeyResource = new ConfigurationKey("configurationKeyResource", ConfigurationKeyArgs.builder()
.configurationStoreId("string")
.key("string")
.contentType("string")
.etag("string")
.label("string")
.locked(false)
.tags(Map.of("string", "string"))
.type("string")
.value("string")
.vaultKeyReference("string")
.build());
configuration_key_resource = azure.appconfiguration.ConfigurationKey("configurationKeyResource",
configuration_store_id="string",
key="string",
content_type="string",
etag="string",
label="string",
locked=False,
tags={
"string": "string",
},
type="string",
value="string",
vault_key_reference="string")
const configurationKeyResource = new azure.appconfiguration.ConfigurationKey("configurationKeyResource", {
configurationStoreId: "string",
key: "string",
contentType: "string",
etag: "string",
label: "string",
locked: false,
tags: {
string: "string",
},
type: "string",
value: "string",
vaultKeyReference: "string",
});
type: azure:appconfiguration:ConfigurationKey
properties:
configurationStoreId: string
contentType: string
etag: string
key: string
label: string
locked: false
tags:
string: string
type: string
value: string
vaultKeyReference: string
ConfigurationKey Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ConfigurationKey resource accepts the following input properties:
- Configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- Key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- Content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - Etag string
- (Optional) The ETag of the key.
- Label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- Locked bool
- Should this App Configuration Key be Locked to prevent changes?
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - Value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- Vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- Configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- Key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- Content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - Etag string
- (Optional) The ETag of the key.
- Label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- Locked bool
- Should this App Configuration Key be Locked to prevent changes?
- map[string]string
- A mapping of tags to assign to the resource.
- Type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - Value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- Vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store StringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- key String
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- content
Type String - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag String
- (Optional) The ETag of the key.
- label String
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked Boolean
- Should this App Configuration Key be Locked to prevent changes?
- Map<String,String>
- A mapping of tags to assign to the resource.
- type String
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value String
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key StringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag string
- (Optional) The ETag of the key.
- label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked boolean
- Should this App Configuration Key be Locked to prevent changes?
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration_
store_ strid - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- key str
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- content_
type str - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag str
- (Optional) The ETag of the key.
- label str
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked bool
- Should this App Configuration Key be Locked to prevent changes?
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- type str
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value str
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault_
key_ strreference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store StringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- key String
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- content
Type String - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag String
- (Optional) The ETag of the key.
- label String
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked Boolean
- Should this App Configuration Key be Locked to prevent changes?
- Map<String>
- A mapping of tags to assign to the resource.
- type String
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value String
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key StringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
Outputs
All input properties are implicitly available as output properties. Additionally, the ConfigurationKey resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ConfigurationKey Resource
Get an existing ConfigurationKey resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ConfigurationKeyState, opts?: CustomResourceOptions): ConfigurationKey
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
configuration_store_id: Optional[str] = None,
content_type: Optional[str] = None,
etag: Optional[str] = None,
key: Optional[str] = None,
label: Optional[str] = None,
locked: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
type: Optional[str] = None,
value: Optional[str] = None,
vault_key_reference: Optional[str] = None) -> ConfigurationKey
func GetConfigurationKey(ctx *Context, name string, id IDInput, state *ConfigurationKeyState, opts ...ResourceOption) (*ConfigurationKey, error)
public static ConfigurationKey Get(string name, Input<string> id, ConfigurationKeyState? state, CustomResourceOptions? opts = null)
public static ConfigurationKey get(String name, Output<String> id, ConfigurationKeyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- Content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - Etag string
- (Optional) The ETag of the key.
- Key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- Label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- Locked bool
- Should this App Configuration Key be Locked to prevent changes?
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - Value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- Vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- Configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- Content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - Etag string
- (Optional) The ETag of the key.
- Key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- Label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- Locked bool
- Should this App Configuration Key be Locked to prevent changes?
- map[string]string
- A mapping of tags to assign to the resource.
- Type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - Value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- Vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store StringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- content
Type String - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag String
- (Optional) The ETag of the key.
- key String
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- label String
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked Boolean
- Should this App Configuration Key be Locked to prevent changes?
- Map<String,String>
- A mapping of tags to assign to the resource.
- type String
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value String
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key StringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store stringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- content
Type string - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag string
- (Optional) The ETag of the key.
- key string
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- label string
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked boolean
- Should this App Configuration Key be Locked to prevent changes?
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- type string
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value string
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key stringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration_
store_ strid - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- content_
type str - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag str
- (Optional) The ETag of the key.
- key str
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- label str
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked bool
- Should this App Configuration Key be Locked to prevent changes?
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- type str
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value str
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault_
key_ strreference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
- configuration
Store StringId - Specifies the id of the App Configuration. Changing this forces a new resource to be created.
- content
Type String - The content type of the App Configuration Key. This should only be set when type is set to
kv
. - etag String
- (Optional) The ETag of the key.
- key String
- The name of the App Configuration Key to create. Changing this forces a new resource to be created.
- label String
- The label of the App Configuration Key. Changing this forces a new resource to be created.
- locked Boolean
- Should this App Configuration Key be Locked to prevent changes?
- Map<String>
- A mapping of tags to assign to the resource.
- type String
- The type of the App Configuration Key. It can either be
kv
(simple key/value) orvault
(where the value is a reference to a Key Vault Secret. Defaults tokv
. - value String
The value of the App Configuration Key. This should only be set when type is set to
kv
.NOTE:
value
andvault_key_reference
are mutually exclusive.- vault
Key StringReference The ID of the vault secret this App Configuration Key refers to. This should only be set when
type
is set tovault
.NOTE:
vault_key_reference
andvalue
are mutually exclusive.NOTE: When setting the
vault_key_reference
using theid
will pin the value to specific version of the secret, to reference latest secret value useversionless_id
Import
App Configuration Keys can be imported using the resource id
, e.g.
$ pulumi import azure:appconfiguration/configurationKey:ConfigurationKey test https://appconfname1.azconfig.io/kv/keyName?label=labelName
If you wish to import a key with an empty label then simply leave label’s name blank:
$ pulumi import azure:appconfiguration/configurationKey:ConfigurationKey test https://appconfname1.azconfig.io/kv/keyName?label=
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.