VaultPatchProperties interface

Properties of the vault

Properties

accessPolicies

An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.

createMode

The vault's create mode to indicate whether the vault need to be recovered or not.

enabledForDeployment

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDiskEncryption

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForTemplateDeployment

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

enablePurgeProtection

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enableRbacAuthorization

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.

enableSoftDelete

Property to specify whether the 'soft delete' functionality is enabled for this key vault. Once set to true, it cannot be reverted to false.

networkAcls

A collection of rules governing the accessibility of the vault from specific network locations.

publicNetworkAccess

Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.

sku

SKU details

softDeleteRetentionInDays

softDelete data retention days. It accepts >=7 and <=90.

tenantId

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

Property Details

accessPolicies

An array of 0 to 16 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.

accessPolicies?: AccessPolicyEntry[]

Property Value

createMode

The vault's create mode to indicate whether the vault need to be recovered or not.

createMode?: CreateMode

Property Value

enabledForDeployment

Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.

enabledForDeployment?: boolean

Property Value

boolean

enabledForDiskEncryption

Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.

enabledForDiskEncryption?: boolean

Property Value

boolean

enabledForTemplateDeployment

Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.

enabledForTemplateDeployment?: boolean

Property Value

boolean

enablePurgeProtection

Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.

enablePurgeProtection?: boolean

Property Value

boolean

enableRbacAuthorization

Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the value of this property will not change.

enableRbacAuthorization?: boolean

Property Value

boolean

enableSoftDelete

Property to specify whether the 'soft delete' functionality is enabled for this key vault. Once set to true, it cannot be reverted to false.

enableSoftDelete?: boolean

Property Value

boolean

networkAcls

A collection of rules governing the accessibility of the vault from specific network locations.

networkAcls?: NetworkRuleSet

Property Value

publicNetworkAccess

Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.

publicNetworkAccess?: string

Property Value

string

sku

SKU details

sku?: Sku

Property Value

Sku

softDeleteRetentionInDays

softDelete data retention days. It accepts >=7 and <=90.

softDeleteRetentionInDays?: number

Property Value

number

tenantId

The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.

tenantId?: string

Property Value

string