CustomerManagedKeyEncryption Class
All Customer-managed key encryption properties for the resource.
Constructor
CustomerManagedKeyEncryption(*args: Any, **kwargs: Any)Variables
| Name | Description |
|---|---|
|
key_encryption_key_url
|
Key encryption key URL. This URL can be either versioned (e.g., https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78), or unversioned (e.g., https://contosovault.vault.azure.net/keys/contosokek. When versioned URL is used, this version of the key will be used by Event Grid Runtime even if it is rotated. It is user responsibility to update the URL with the new version by updating the namespace resource. When URL without version is used, Event Grid will query and get latest version and will be used automatically. Required. |
|
key_encryption_key_identity
|
All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. This is an optional property. When not specified, the SystemAssigned identity will be used. |
|
key_encryption_key_status
|
The state of the Customer Managed Key (CMK) encryption. This is a read-only property which determines if the associated key is active and valid and used actively by runtime as expected. When the associated CMK becomes invalid (e.g., if it is deleted, or if versioned CMK is not current anymore), Event Grid Service will set this state to disabled to indicate that this key is not valid anymore and requires action from user. Known values are: "Active" and "Revoked". |
|
key_encryption_key_status_friendly_description
|
Friendly description about the Customer Managed Key (CMK) encryption state. This is a read-only property which determines why the associated key is revoked which will help user to mitigate the issue and re-enable the CMK key. |
Attributes
key_encryption_key_identity
All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. This is an optional property. When not specified, the SystemAssigned identity will be used.
key_encryption_key_identity: _models.KeyEncryptionKeyIdentity | Nonekey_encryption_key_status
The state of the Customer Managed Key (CMK) encryption. This is a read-only property which determines if the associated key is active and valid and used actively by runtime as expected. When the associated CMK becomes invalid (e.g., if it is deleted, or if versioned CMK is not current anymore), Event Grid Service will set this state to disabled to indicate that this key is not valid anymore and requires action from user. Known values are: "Active" and "Revoked".
key_encryption_key_status: str | _models.KeyEncryptionKeyStatus | Nonekey_encryption_key_status_friendly_description
Friendly description about the Customer Managed Key (CMK) encryption state. This is a read-only property which determines why the associated key is revoked which will help user to mitigate the issue and re-enable the CMK key.
key_encryption_key_status_friendly_description: str | Nonekey_encryption_key_url
Key encryption key URL. This URL can be either versioned (e.g., https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78), or unversioned (e.g., https://contosovault.vault.azure.net/keys/contosokek. When versioned URL is used, this version of the key will be used by Event Grid Runtime even if it is rotated. It is user responsibility to update the URL with the new version by updating the namespace resource. When URL without version is used, Event Grid will query and get latest version and will be used automatically. Required.
key_encryption_key_url: str