import * as pulumi from "@pulumi/pulumi"; /** * Manages a Key Vault Managed Storage Account SAS Definition. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const example = azure.core.getClientConfig({}); * const exampleResourceGroup = new azure.core.ResourceGroup("example", { * name: "example-resources", * location: "West Europe", * }); * const exampleAccount = new azure.storage.Account("example", { * name: "storageaccountname", * resourceGroupName: exampleResourceGroup.name, * location: exampleResourceGroup.location, * accountTier: "Standard", * accountReplicationType: "LRS", * }); * const exampleGetAccountSAS = azure.storage.getAccountSASOutput({ * connectionString: exampleAccount.primaryConnectionString, * httpsOnly: true, * resourceTypes: { * service: true, * container: false, * object: false, * }, * services: { * blob: true, * queue: false, * table: false, * file: false, * }, * start: "2021-04-30T00:00:00Z", * expiry: "2023-04-30T00:00:00Z", * permissions: { * read: true, * write: true, * "delete": false, * list: false, * add: true, * create: true, * update: false, * process: false, * tag: false, * filter: false, * }, * }); * const exampleKeyVault = new azure.keyvault.KeyVault("example", { * name: "example-keyvault", * location: exampleResourceGroup.location, * resourceGroupName: exampleResourceGroup.name, * tenantId: example.then(example => example.tenantId), * skuName: "standard", * accessPolicies: [{ * tenantId: example.then(example => example.tenantId), * objectId: example.then(example => example.objectId), * secretPermissions: [ * "Get", * "Delete", * ], * storagePermissions: [ * "Get", * "List", * "Set", * "SetSAS", * "GetSAS", * "DeleteSAS", * "Update", * "RegenerateKey", * ], * }], * }); * const exampleManagedStorageAccount = new azure.keyvault.ManagedStorageAccount("example", { * name: "examplemanagedstorage", * keyVaultId: exampleKeyVault.id, * storageAccountId: exampleAccount.id, * storageAccountKey: "key1", * regenerateKeyAutomatically: false, * regenerationPeriod: "P1D", * }); * const exampleManagedStorageAccountSasTokenDefinition = new azure.keyvault.ManagedStorageAccountSasTokenDefinition("example", { * name: "examplesasdefinition", * validityPeriod: "P1D", * managedStorageAccountId: exampleManagedStorageAccount.id, * sasTemplateUri: exampleGetAccountSAS.apply(exampleGetAccountSAS => exampleGetAccountSAS.sas), * sasType: "account", * }); * ``` * * ## Import * * Key Vaults can be imported using the `resource id`, e.g. * * ```sh * $ pulumi import azure:keyvault/managedStorageAccountSasTokenDefinition:ManagedStorageAccountSasTokenDefinition example https://example-keyvault.vault.azure.net/storage/exampleStorageAcc01/sas/exampleSasDefinition01 * ``` */ export declare class ManagedStorageAccountSasTokenDefinition extends pulumi.CustomResource { /** * Get an existing ManagedStorageAccountSasTokenDefinition resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ManagedStorageAccountSasTokenDefinitionState, opts?: pulumi.CustomResourceOptions): ManagedStorageAccountSasTokenDefinition; /** * Returns true if the given object is an instance of ManagedStorageAccountSasTokenDefinition. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ManagedStorageAccountSasTokenDefinition; /** * The ID of the Managed Storage Account. */ readonly managedStorageAccountId: pulumi.Output; /** * The name which should be used for this SAS Definition. */ readonly name: pulumi.Output; /** * The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template, but regenerated with a new validity period. */ readonly sasTemplateUri: pulumi.Output; /** * The type of SAS token the SAS definition will create. Possible values are `account` and `service`. */ readonly sasType: pulumi.Output; /** * The ID of the Secret that is created by Managed Storage Account SAS Definition. */ readonly secretId: pulumi.Output; /** * A mapping of tags which should be assigned to the SAS Definition. Changing this forces a new resource to be created. */ readonly tags: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Validity period of SAS token. Value needs to be in [ISO 8601 duration format](https://en.wikipedia.org/wiki/ISO_8601#Durations). */ readonly validityPeriod: pulumi.Output; /** * Create a ManagedStorageAccountSasTokenDefinition resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ManagedStorageAccountSasTokenDefinitionArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ManagedStorageAccountSasTokenDefinition resources. */ export interface ManagedStorageAccountSasTokenDefinitionState { /** * The ID of the Managed Storage Account. */ managedStorageAccountId?: pulumi.Input; /** * The name which should be used for this SAS Definition. */ name?: pulumi.Input; /** * The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template, but regenerated with a new validity period. */ sasTemplateUri?: pulumi.Input; /** * The type of SAS token the SAS definition will create. Possible values are `account` and `service`. */ sasType?: pulumi.Input; /** * The ID of the Secret that is created by Managed Storage Account SAS Definition. */ secretId?: pulumi.Input; /** * A mapping of tags which should be assigned to the SAS Definition. Changing this forces a new resource to be created. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Validity period of SAS token. Value needs to be in [ISO 8601 duration format](https://en.wikipedia.org/wiki/ISO_8601#Durations). */ validityPeriod?: pulumi.Input; } /** * The set of arguments for constructing a ManagedStorageAccountSasTokenDefinition resource. */ export interface ManagedStorageAccountSasTokenDefinitionArgs { /** * The ID of the Managed Storage Account. */ managedStorageAccountId: pulumi.Input; /** * The name which should be used for this SAS Definition. */ name?: pulumi.Input; /** * The SAS definition token template signed with an arbitrary key. Tokens created according to the SAS definition will have the same properties as the template, but regenerated with a new validity period. */ sasTemplateUri: pulumi.Input; /** * The type of SAS token the SAS definition will create. Possible values are `account` and `service`. */ sasType: pulumi.Input; /** * A mapping of tags which should be assigned to the SAS Definition. Changing this forces a new resource to be created. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Validity period of SAS token. Value needs to be in [ISO 8601 duration format](https://en.wikipedia.org/wiki/ISO_8601#Durations). */ validityPeriod: pulumi.Input; }