Skip to content

Data Source: azurermKeyVaultKey

Use this data source to access information about an existing Key Vault Key.

\~> Note: All arguments including the secret value will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermKeyVaultKeyExample =
  new azurerm.dataAzurermKeyVaultKey.DataAzurermKeyVaultKey(this, "example", {
    key_vault_id: "${data.azurerm_key_vault.existing.id}",
    name: "secret-sauce",
  });
new cdktf.TerraformOutput(this, "key_type", {
  value: dataAzurermKeyVaultKeyExample.keyType,
});

Argument Reference

The following arguments are supported:

  • name - Specifies the name of the Key Vault Key.

  • keyVaultId - Specifies the ID of the Key Vault instance where the Secret resides, available on the azurermKeyVault Data Source / Resource.

NOTE: The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.

Attributes Reference

The following attributes are exported:

  • id - The ID of the Key Vault Key.

  • curve - The EC Curve name of this Key Vault Key.

  • e - The RSA public exponent of this Key Vault Key.

  • keyType - Specifies the Key Type of this Key Vault Key

  • keySize - Specifies the Size of this Key Vault Key.

  • keyOpts - A list of JSON web key operations assigned to this Key Vault Key

  • n - The RSA modulus of this Key Vault Key.

  • publicKeyPem - The PEM encoded public key of this Key Vault Key.

  • publicKeyOpenssh - The OpenSSH encoded public key of this Key Vault Key.

  • resourceId - The (Versioned) ID for this Key Vault Key. This property points to a specific version of a Key Vault Key, as such using this won't auto-rotate values if used in other Azure Services.

  • resourceVersionlessId - The Versionless ID of the Key Vault Key. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Key is updated.

  • tags - A mapping of tags assigned to this Key Vault Key.

  • version - The current version of the Key Vault Key.

  • versionlessId - The Base ID of the Key Vault Key.

  • x - The EC X component of this Key Vault Key.

  • y - The EC Y component of this Key Vault Key.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • read - (Defaults to 30 minutes) Used when retrieving the Key Vault Key.