pulumi-azure-native 2.82.0a1736497599__py3-none-any.whl → 2.83.0__py3-none-any.whl

pulumi_azure_native/keyvault/v20241201preview/_inputs.py

@@ -0,0 +1,2194 @@
+# coding=utf-8
+# *** WARNING: this file was generated by pulumi-language-python. ***
+# *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import copy
+import warnings
+import sys
+import pulumi
+import pulumi.runtime
+from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
+from ... import _utilities
+from ._enums import *
+
+__all__ = [
+    'AccessPolicyEntryArgs',
+    'AccessPolicyEntryArgsDict',
+    'ActionArgs',
+    'ActionArgsDict',
+    'IPRuleArgs',
+    'IPRuleArgsDict',
+    'KeyAttributesArgs',
+    'KeyAttributesArgsDict',
+    'KeyPropertiesArgs',
+    'KeyPropertiesArgsDict',
+    'KeyReleasePolicyArgs',
+    'KeyReleasePolicyArgsDict',
+    'KeyRotationPolicyAttributesArgs',
+    'KeyRotationPolicyAttributesArgsDict',
+    'LifetimeActionArgs',
+    'LifetimeActionArgsDict',
+    'MHSMGeoReplicatedRegionArgs',
+    'MHSMGeoReplicatedRegionArgsDict',
+    'MHSMIPRuleArgs',
+    'MHSMIPRuleArgsDict',
+    'MHSMNetworkRuleSetArgs',
+    'MHSMNetworkRuleSetArgsDict',
+    'MHSMPrivateLinkServiceConnectionStateArgs',
+    'MHSMPrivateLinkServiceConnectionStateArgsDict',
+    'MHSMVirtualNetworkRuleArgs',
+    'MHSMVirtualNetworkRuleArgsDict',
+    'ManagedHsmPropertiesArgs',
+    'ManagedHsmPropertiesArgsDict',
+    'ManagedHsmSkuArgs',
+    'ManagedHsmSkuArgsDict',
+    'ManagedServiceIdentityArgs',
+    'ManagedServiceIdentityArgsDict',
+    'NetworkRuleSetArgs',
+    'NetworkRuleSetArgsDict',
+    'PermissionsArgs',
+    'PermissionsArgsDict',
+    'PrivateLinkServiceConnectionStateArgs',
+    'PrivateLinkServiceConnectionStateArgsDict',
+    'RotationPolicyArgs',
+    'RotationPolicyArgsDict',
+    'SecretAttributesArgs',
+    'SecretAttributesArgsDict',
+    'SecretPropertiesArgs',
+    'SecretPropertiesArgsDict',
+    'SkuArgs',
+    'SkuArgsDict',
+    'TriggerArgs',
+    'TriggerArgsDict',
+    'VaultPropertiesArgs',
+    'VaultPropertiesArgsDict',
+    'VirtualNetworkRuleArgs',
+    'VirtualNetworkRuleArgsDict',
+]
+
+MYPY = False
+
+if not MYPY:
+    class AccessPolicyEntryArgsDict(TypedDict):
+        """
+        An identity that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.
+        """
+        object_id: pulumi.Input[str]
+        """
+        The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.
+        """
+        permissions: pulumi.Input['PermissionsArgsDict']
+        """
+        Permissions the identity has for keys, secrets and certificates.
+        """
+        tenant_id: pulumi.Input[str]
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        """
+        application_id: NotRequired[pulumi.Input[str]]
+        """
+         Application ID of the client making request on behalf of a principal
+        """
+elif False:
+    AccessPolicyEntryArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class AccessPolicyEntryArgs:
+    def __init__(__self__, *,
+                 object_id: pulumi.Input[str],
+                 permissions: pulumi.Input['PermissionsArgs'],
+                 tenant_id: pulumi.Input[str],
+                 application_id: Optional[pulumi.Input[str]] = None):
+        """
+        An identity that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID.
+        :param pulumi.Input[str] object_id: The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.
+        :param pulumi.Input['PermissionsArgs'] permissions: Permissions the identity has for keys, secrets and certificates.
+        :param pulumi.Input[str] tenant_id: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        :param pulumi.Input[str] application_id:  Application ID of the client making request on behalf of a principal
+        """
+        pulumi.set(__self__, "object_id", object_id)
+        pulumi.set(__self__, "permissions", permissions)
+        pulumi.set(__self__, "tenant_id", tenant_id)
+        if application_id is not None:
+            pulumi.set(__self__, "application_id", application_id)
+
+    @property
+    @pulumi.getter(name="objectId")
+    def object_id(self) -> pulumi.Input[str]:
+        """
+        The object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies.
+        """
+        return pulumi.get(self, "object_id")
+
+    @object_id.setter
+    def object_id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "object_id", value)
+
+    @property
+    @pulumi.getter
+    def permissions(self) -> pulumi.Input['PermissionsArgs']:
+        """
+        Permissions the identity has for keys, secrets and certificates.
+        """
+        return pulumi.get(self, "permissions")
+
+    @permissions.setter
+    def permissions(self, value: pulumi.Input['PermissionsArgs']):
+        pulumi.set(self, "permissions", value)
+
+    @property
+    @pulumi.getter(name="tenantId")
+    def tenant_id(self) -> pulumi.Input[str]:
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        """
+        return pulumi.get(self, "tenant_id")
+
+    @tenant_id.setter
+    def tenant_id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "tenant_id", value)
+
+    @property
+    @pulumi.getter(name="applicationId")
+    def application_id(self) -> Optional[pulumi.Input[str]]:
+        """
+         Application ID of the client making request on behalf of a principal
+        """
+        return pulumi.get(self, "application_id")
+
+    @application_id.setter
+    def application_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "application_id", value)
+
+
+if not MYPY:
+    class ActionArgsDict(TypedDict):
+        type: NotRequired[pulumi.Input['KeyRotationPolicyActionType']]
+        """
+        The type of action.
+        """
+elif False:
+    ActionArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ActionArgs:
+    def __init__(__self__, *,
+                 type: Optional[pulumi.Input['KeyRotationPolicyActionType']] = None):
+        """
+        :param pulumi.Input['KeyRotationPolicyActionType'] type: The type of action.
+        """
+        if type is not None:
+            pulumi.set(__self__, "type", type)
+
+    @property
+    @pulumi.getter
+    def type(self) -> Optional[pulumi.Input['KeyRotationPolicyActionType']]:
+        """
+        The type of action.
+        """
+        return pulumi.get(self, "type")
+
+    @type.setter
+    def type(self, value: Optional[pulumi.Input['KeyRotationPolicyActionType']]):
+        pulumi.set(self, "type", value)
+
+
+if not MYPY:
+    class IPRuleArgsDict(TypedDict):
+        """
+        A rule governing the accessibility of a vault from a specific ip address or ip range.
+        """
+        value: pulumi.Input[str]
+        """
+        An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+elif False:
+    IPRuleArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class IPRuleArgs:
+    def __init__(__self__, *,
+                 value: pulumi.Input[str]):
+        """
+        A rule governing the accessibility of a vault from a specific ip address or ip range.
+        :param pulumi.Input[str] value: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+        pulumi.set(__self__, "value", value)
+
+    @property
+    @pulumi.getter
+    def value(self) -> pulumi.Input[str]:
+        """
+        An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+        return pulumi.get(self, "value")
+
+    @value.setter
+    def value(self, value: pulumi.Input[str]):
+        pulumi.set(self, "value", value)
+
+
+if not MYPY:
+    class KeyAttributesArgsDict(TypedDict):
+        """
+        The object attributes managed by the Azure Key Vault service.
+        """
+        enabled: NotRequired[pulumi.Input[bool]]
+        """
+        Determines whether or not the object is enabled.
+        """
+        expires: NotRequired[pulumi.Input[float]]
+        """
+        Expiry date in seconds since 1970-01-01T00:00:00Z.
+        """
+        exportable: NotRequired[pulumi.Input[bool]]
+        """
+        Indicates if the private key can be exported.
+        """
+        not_before: NotRequired[pulumi.Input[float]]
+        """
+        Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+elif False:
+    KeyAttributesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class KeyAttributesArgs:
+    def __init__(__self__, *,
+                 enabled: Optional[pulumi.Input[bool]] = None,
+                 expires: Optional[pulumi.Input[float]] = None,
+                 exportable: Optional[pulumi.Input[bool]] = None,
+                 not_before: Optional[pulumi.Input[float]] = None):
+        """
+        The object attributes managed by the Azure Key Vault service.
+        :param pulumi.Input[bool] enabled: Determines whether or not the object is enabled.
+        :param pulumi.Input[float] expires: Expiry date in seconds since 1970-01-01T00:00:00Z.
+        :param pulumi.Input[bool] exportable: Indicates if the private key can be exported.
+        :param pulumi.Input[float] not_before: Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+        if enabled is not None:
+            pulumi.set(__self__, "enabled", enabled)
+        if expires is not None:
+            pulumi.set(__self__, "expires", expires)
+        if exportable is None:
+            exportable = False
+        if exportable is not None:
+            pulumi.set(__self__, "exportable", exportable)
+        if not_before is not None:
+            pulumi.set(__self__, "not_before", not_before)
+
+    @property
+    @pulumi.getter
+    def enabled(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Determines whether or not the object is enabled.
+        """
+        return pulumi.get(self, "enabled")
+
+    @enabled.setter
+    def enabled(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enabled", value)
+
+    @property
+    @pulumi.getter
+    def expires(self) -> Optional[pulumi.Input[float]]:
+        """
+        Expiry date in seconds since 1970-01-01T00:00:00Z.
+        """
+        return pulumi.get(self, "expires")
+
+    @expires.setter
+    def expires(self, value: Optional[pulumi.Input[float]]):
+        pulumi.set(self, "expires", value)
+
+    @property
+    @pulumi.getter
+    def exportable(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Indicates if the private key can be exported.
+        """
+        return pulumi.get(self, "exportable")
+
+    @exportable.setter
+    def exportable(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "exportable", value)
+
+    @property
+    @pulumi.getter(name="notBefore")
+    def not_before(self) -> Optional[pulumi.Input[float]]:
+        """
+        Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+        return pulumi.get(self, "not_before")
+
+    @not_before.setter
+    def not_before(self, value: Optional[pulumi.Input[float]]):
+        pulumi.set(self, "not_before", value)
+
+
+if not MYPY:
+    class KeyPropertiesArgsDict(TypedDict):
+        """
+        The properties of the key.
+        """
+        attributes: NotRequired[pulumi.Input['KeyAttributesArgsDict']]
+        """
+        The attributes of the key.
+        """
+        curve_name: NotRequired[pulumi.Input[Union[str, 'JsonWebKeyCurveName']]]
+        """
+        The elliptic curve name. For valid values, see JsonWebKeyCurveName. Default for EC and EC-HSM keys is P-256
+        """
+        key_ops: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union[str, 'JsonWebKeyOperation']]]]]
+        key_size: NotRequired[pulumi.Input[int]]
+        """
+        The key size in bits. For example: 2048, 3072, or 4096 for RSA. Default for RSA and RSA-HSM keys is 2048. Exception made for bring your own key (BYOK), key exchange keys default to 4096.
+        """
+        kty: NotRequired[pulumi.Input[Union[str, 'JsonWebKeyType']]]
+        """
+        The type of the key. For valid values, see JsonWebKeyType.
+        """
+        release_policy: NotRequired[pulumi.Input['KeyReleasePolicyArgsDict']]
+        """
+        Key release policy in response. It will be used for both output and input. Omitted if empty
+        """
+        rotation_policy: NotRequired[pulumi.Input['RotationPolicyArgsDict']]
+        """
+        Key rotation policy in response. It will be used for both output and input. Omitted if empty
+        """
+elif False:
+    KeyPropertiesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class KeyPropertiesArgs:
+    def __init__(__self__, *,
+                 attributes: Optional[pulumi.Input['KeyAttributesArgs']] = None,
+                 curve_name: Optional[pulumi.Input[Union[str, 'JsonWebKeyCurveName']]] = None,
+                 key_ops: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'JsonWebKeyOperation']]]]] = None,
+                 key_size: Optional[pulumi.Input[int]] = None,
+                 kty: Optional[pulumi.Input[Union[str, 'JsonWebKeyType']]] = None,
+                 release_policy: Optional[pulumi.Input['KeyReleasePolicyArgs']] = None,
+                 rotation_policy: Optional[pulumi.Input['RotationPolicyArgs']] = None):
+        """
+        The properties of the key.
+        :param pulumi.Input['KeyAttributesArgs'] attributes: The attributes of the key.
+        :param pulumi.Input[Union[str, 'JsonWebKeyCurveName']] curve_name: The elliptic curve name. For valid values, see JsonWebKeyCurveName. Default for EC and EC-HSM keys is P-256
+        :param pulumi.Input[int] key_size: The key size in bits. For example: 2048, 3072, or 4096 for RSA. Default for RSA and RSA-HSM keys is 2048. Exception made for bring your own key (BYOK), key exchange keys default to 4096.
+        :param pulumi.Input[Union[str, 'JsonWebKeyType']] kty: The type of the key. For valid values, see JsonWebKeyType.
+        :param pulumi.Input['KeyReleasePolicyArgs'] release_policy: Key release policy in response. It will be used for both output and input. Omitted if empty
+        :param pulumi.Input['RotationPolicyArgs'] rotation_policy: Key rotation policy in response. It will be used for both output and input. Omitted if empty
+        """
+        if attributes is not None:
+            pulumi.set(__self__, "attributes", attributes)
+        if curve_name is not None:
+            pulumi.set(__self__, "curve_name", curve_name)
+        if key_ops is not None:
+            pulumi.set(__self__, "key_ops", key_ops)
+        if key_size is not None:
+            pulumi.set(__self__, "key_size", key_size)
+        if kty is not None:
+            pulumi.set(__self__, "kty", kty)
+        if release_policy is not None:
+            pulumi.set(__self__, "release_policy", release_policy)
+        if rotation_policy is not None:
+            pulumi.set(__self__, "rotation_policy", rotation_policy)
+
+    @property
+    @pulumi.getter
+    def attributes(self) -> Optional[pulumi.Input['KeyAttributesArgs']]:
+        """
+        The attributes of the key.
+        """
+        return pulumi.get(self, "attributes")
+
+    @attributes.setter
+    def attributes(self, value: Optional[pulumi.Input['KeyAttributesArgs']]):
+        pulumi.set(self, "attributes", value)
+
+    @property
+    @pulumi.getter(name="curveName")
+    def curve_name(self) -> Optional[pulumi.Input[Union[str, 'JsonWebKeyCurveName']]]:
+        """
+        The elliptic curve name. For valid values, see JsonWebKeyCurveName. Default for EC and EC-HSM keys is P-256
+        """
+        return pulumi.get(self, "curve_name")
+
+    @curve_name.setter
+    def curve_name(self, value: Optional[pulumi.Input[Union[str, 'JsonWebKeyCurveName']]]):
+        pulumi.set(self, "curve_name", value)
+
+    @property
+    @pulumi.getter(name="keyOps")
+    def key_ops(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'JsonWebKeyOperation']]]]]:
+        return pulumi.get(self, "key_ops")
+
+    @key_ops.setter
+    def key_ops(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'JsonWebKeyOperation']]]]]):
+        pulumi.set(self, "key_ops", value)
+
+    @property
+    @pulumi.getter(name="keySize")
+    def key_size(self) -> Optional[pulumi.Input[int]]:
+        """
+        The key size in bits. For example: 2048, 3072, or 4096 for RSA. Default for RSA and RSA-HSM keys is 2048. Exception made for bring your own key (BYOK), key exchange keys default to 4096.
+        """
+        return pulumi.get(self, "key_size")
+
+    @key_size.setter
+    def key_size(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "key_size", value)
+
+    @property
+    @pulumi.getter
+    def kty(self) -> Optional[pulumi.Input[Union[str, 'JsonWebKeyType']]]:
+        """
+        The type of the key. For valid values, see JsonWebKeyType.
+        """
+        return pulumi.get(self, "kty")
+
+    @kty.setter
+    def kty(self, value: Optional[pulumi.Input[Union[str, 'JsonWebKeyType']]]):
+        pulumi.set(self, "kty", value)
+
+    @property
+    @pulumi.getter(name="releasePolicy")
+    def release_policy(self) -> Optional[pulumi.Input['KeyReleasePolicyArgs']]:
+        """
+        Key release policy in response. It will be used for both output and input. Omitted if empty
+        """
+        return pulumi.get(self, "release_policy")
+
+    @release_policy.setter
+    def release_policy(self, value: Optional[pulumi.Input['KeyReleasePolicyArgs']]):
+        pulumi.set(self, "release_policy", value)
+
+    @property
+    @pulumi.getter(name="rotationPolicy")
+    def rotation_policy(self) -> Optional[pulumi.Input['RotationPolicyArgs']]:
+        """
+        Key rotation policy in response. It will be used for both output and input. Omitted if empty
+        """
+        return pulumi.get(self, "rotation_policy")
+
+    @rotation_policy.setter
+    def rotation_policy(self, value: Optional[pulumi.Input['RotationPolicyArgs']]):
+        pulumi.set(self, "rotation_policy", value)
+
+
+if not MYPY:
+    class KeyReleasePolicyArgsDict(TypedDict):
+        content_type: NotRequired[pulumi.Input[str]]
+        """
+        Content type and version of key release policy
+        """
+        data: NotRequired[pulumi.Input[str]]
+        """
+        Blob encoding the policy rules under which the key can be released.
+        """
+elif False:
+    KeyReleasePolicyArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class KeyReleasePolicyArgs:
+    def __init__(__self__, *,
+                 content_type: Optional[pulumi.Input[str]] = None,
+                 data: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] content_type: Content type and version of key release policy
+        :param pulumi.Input[str] data: Blob encoding the policy rules under which the key can be released.
+        """
+        if content_type is None:
+            content_type = 'application/json; charset=utf-8'
+        if content_type is not None:
+            pulumi.set(__self__, "content_type", content_type)
+        if data is not None:
+            pulumi.set(__self__, "data", data)
+
+    @property
+    @pulumi.getter(name="contentType")
+    def content_type(self) -> Optional[pulumi.Input[str]]:
+        """
+        Content type and version of key release policy
+        """
+        return pulumi.get(self, "content_type")
+
+    @content_type.setter
+    def content_type(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "content_type", value)
+
+    @property
+    @pulumi.getter
+    def data(self) -> Optional[pulumi.Input[str]]:
+        """
+        Blob encoding the policy rules under which the key can be released.
+        """
+        return pulumi.get(self, "data")
+
+    @data.setter
+    def data(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "data", value)
+
+
+if not MYPY:
+    class KeyRotationPolicyAttributesArgsDict(TypedDict):
+        expiry_time: NotRequired[pulumi.Input[str]]
+        """
+        The expiration time for the new key version. It should be in ISO8601 format. Eg: 'P90D', 'P1Y'.
+        """
+elif False:
+    KeyRotationPolicyAttributesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class KeyRotationPolicyAttributesArgs:
+    def __init__(__self__, *,
+                 expiry_time: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] expiry_time: The expiration time for the new key version. It should be in ISO8601 format. Eg: 'P90D', 'P1Y'.
+        """
+        if expiry_time is not None:
+            pulumi.set(__self__, "expiry_time", expiry_time)
+
+    @property
+    @pulumi.getter(name="expiryTime")
+    def expiry_time(self) -> Optional[pulumi.Input[str]]:
+        """
+        The expiration time for the new key version. It should be in ISO8601 format. Eg: 'P90D', 'P1Y'.
+        """
+        return pulumi.get(self, "expiry_time")
+
+    @expiry_time.setter
+    def expiry_time(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "expiry_time", value)
+
+
+if not MYPY:
+    class LifetimeActionArgsDict(TypedDict):
+        action: NotRequired[pulumi.Input['ActionArgsDict']]
+        """
+        The action of key rotation policy lifetimeAction.
+        """
+        trigger: NotRequired[pulumi.Input['TriggerArgsDict']]
+        """
+        The trigger of key rotation policy lifetimeAction.
+        """
+elif False:
+    LifetimeActionArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class LifetimeActionArgs:
+    def __init__(__self__, *,
+                 action: Optional[pulumi.Input['ActionArgs']] = None,
+                 trigger: Optional[pulumi.Input['TriggerArgs']] = None):
+        """
+        :param pulumi.Input['ActionArgs'] action: The action of key rotation policy lifetimeAction.
+        :param pulumi.Input['TriggerArgs'] trigger: The trigger of key rotation policy lifetimeAction.
+        """
+        if action is not None:
+            pulumi.set(__self__, "action", action)
+        if trigger is not None:
+            pulumi.set(__self__, "trigger", trigger)
+
+    @property
+    @pulumi.getter
+    def action(self) -> Optional[pulumi.Input['ActionArgs']]:
+        """
+        The action of key rotation policy lifetimeAction.
+        """
+        return pulumi.get(self, "action")
+
+    @action.setter
+    def action(self, value: Optional[pulumi.Input['ActionArgs']]):
+        pulumi.set(self, "action", value)
+
+    @property
+    @pulumi.getter
+    def trigger(self) -> Optional[pulumi.Input['TriggerArgs']]:
+        """
+        The trigger of key rotation policy lifetimeAction.
+        """
+        return pulumi.get(self, "trigger")
+
+    @trigger.setter
+    def trigger(self, value: Optional[pulumi.Input['TriggerArgs']]):
+        pulumi.set(self, "trigger", value)
+
+
+if not MYPY:
+    class MHSMGeoReplicatedRegionArgsDict(TypedDict):
+        """
+        A region that this managed HSM Pool has been extended to.
+        """
+        is_primary: NotRequired[pulumi.Input[bool]]
+        """
+        A boolean value that indicates whether the region is the primary region or a secondary region.
+        """
+        name: NotRequired[pulumi.Input[str]]
+        """
+        Name of the geo replicated region.
+        """
+elif False:
+    MHSMGeoReplicatedRegionArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class MHSMGeoReplicatedRegionArgs:
+    def __init__(__self__, *,
+                 is_primary: Optional[pulumi.Input[bool]] = None,
+                 name: Optional[pulumi.Input[str]] = None):
+        """
+        A region that this managed HSM Pool has been extended to.
+        :param pulumi.Input[bool] is_primary: A boolean value that indicates whether the region is the primary region or a secondary region.
+        :param pulumi.Input[str] name: Name of the geo replicated region.
+        """
+        if is_primary is not None:
+            pulumi.set(__self__, "is_primary", is_primary)
+        if name is not None:
+            pulumi.set(__self__, "name", name)
+
+    @property
+    @pulumi.getter(name="isPrimary")
+    def is_primary(self) -> Optional[pulumi.Input[bool]]:
+        """
+        A boolean value that indicates whether the region is the primary region or a secondary region.
+        """
+        return pulumi.get(self, "is_primary")
+
+    @is_primary.setter
+    def is_primary(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "is_primary", value)
+
+    @property
+    @pulumi.getter
+    def name(self) -> Optional[pulumi.Input[str]]:
+        """
+        Name of the geo replicated region.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "name", value)
+
+
+if not MYPY:
+    class MHSMIPRuleArgsDict(TypedDict):
+        """
+        A rule governing the accessibility of a managed HSM pool from a specific IP address or IP range.
+        """
+        value: pulumi.Input[str]
+        """
+        An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+elif False:
+    MHSMIPRuleArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class MHSMIPRuleArgs:
+    def __init__(__self__, *,
+                 value: pulumi.Input[str]):
+        """
+        A rule governing the accessibility of a managed HSM pool from a specific IP address or IP range.
+        :param pulumi.Input[str] value: An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+        pulumi.set(__self__, "value", value)
+
+    @property
+    @pulumi.getter
+    def value(self) -> pulumi.Input[str]:
+        """
+        An IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
+        """
+        return pulumi.get(self, "value")
+
+    @value.setter
+    def value(self, value: pulumi.Input[str]):
+        pulumi.set(self, "value", value)
+
+
+if not MYPY:
+    class MHSMNetworkRuleSetArgsDict(TypedDict):
+        """
+        A set of rules governing the network accessibility of a managed hsm pool.
+        """
+        bypass: NotRequired[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]
+        """
+        Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        """
+        default_action: NotRequired[pulumi.Input[Union[str, 'NetworkRuleAction']]]
+        """
+        The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        """
+        ip_rules: NotRequired[pulumi.Input[Sequence[pulumi.Input['MHSMIPRuleArgsDict']]]]
+        """
+        The list of IP address rules.
+        """
+        virtual_network_rules: NotRequired[pulumi.Input[Sequence[pulumi.Input['MHSMVirtualNetworkRuleArgsDict']]]]
+        """
+        The list of virtual network rules.
+        """
+elif False:
+    MHSMNetworkRuleSetArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class MHSMNetworkRuleSetArgs:
+    def __init__(__self__, *,
+                 bypass: Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]] = None,
+                 default_action: Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]] = None,
+                 ip_rules: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMIPRuleArgs']]]] = None,
+                 virtual_network_rules: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMVirtualNetworkRuleArgs']]]] = None):
+        """
+        A set of rules governing the network accessibility of a managed hsm pool.
+        :param pulumi.Input[Union[str, 'NetworkRuleBypassOptions']] bypass: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        :param pulumi.Input[Union[str, 'NetworkRuleAction']] default_action: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        :param pulumi.Input[Sequence[pulumi.Input['MHSMIPRuleArgs']]] ip_rules: The list of IP address rules.
+        :param pulumi.Input[Sequence[pulumi.Input['MHSMVirtualNetworkRuleArgs']]] virtual_network_rules: The list of virtual network rules.
+        """
+        if bypass is not None:
+            pulumi.set(__self__, "bypass", bypass)
+        if default_action is not None:
+            pulumi.set(__self__, "default_action", default_action)
+        if ip_rules is not None:
+            pulumi.set(__self__, "ip_rules", ip_rules)
+        if virtual_network_rules is not None:
+            pulumi.set(__self__, "virtual_network_rules", virtual_network_rules)
+
+    @property
+    @pulumi.getter
+    def bypass(self) -> Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]:
+        """
+        Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        """
+        return pulumi.get(self, "bypass")
+
+    @bypass.setter
+    def bypass(self, value: Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]):
+        pulumi.set(self, "bypass", value)
+
+    @property
+    @pulumi.getter(name="defaultAction")
+    def default_action(self) -> Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]]:
+        """
+        The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        """
+        return pulumi.get(self, "default_action")
+
+    @default_action.setter
+    def default_action(self, value: Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]]):
+        pulumi.set(self, "default_action", value)
+
+    @property
+    @pulumi.getter(name="ipRules")
+    def ip_rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['MHSMIPRuleArgs']]]]:
+        """
+        The list of IP address rules.
+        """
+        return pulumi.get(self, "ip_rules")
+
+    @ip_rules.setter
+    def ip_rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMIPRuleArgs']]]]):
+        pulumi.set(self, "ip_rules", value)
+
+    @property
+    @pulumi.getter(name="virtualNetworkRules")
+    def virtual_network_rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['MHSMVirtualNetworkRuleArgs']]]]:
+        """
+        The list of virtual network rules.
+        """
+        return pulumi.get(self, "virtual_network_rules")
+
+    @virtual_network_rules.setter
+    def virtual_network_rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMVirtualNetworkRuleArgs']]]]):
+        pulumi.set(self, "virtual_network_rules", value)
+
+
+if not MYPY:
+    class MHSMPrivateLinkServiceConnectionStateArgsDict(TypedDict):
+        """
+        An object that represents the approval state of the private link connection.
+        """
+        actions_required: NotRequired[pulumi.Input[Union[str, 'ActionsRequired']]]
+        """
+        A message indicating if changes on the service provider require any updates on the consumer.
+        """
+        description: NotRequired[pulumi.Input[str]]
+        """
+        The reason for approval or rejection.
+        """
+        status: NotRequired[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]
+        """
+        Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+elif False:
+    MHSMPrivateLinkServiceConnectionStateArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class MHSMPrivateLinkServiceConnectionStateArgs:
+    def __init__(__self__, *,
+                 actions_required: Optional[pulumi.Input[Union[str, 'ActionsRequired']]] = None,
+                 description: Optional[pulumi.Input[str]] = None,
+                 status: Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]] = None):
+        """
+        An object that represents the approval state of the private link connection.
+        :param pulumi.Input[Union[str, 'ActionsRequired']] actions_required: A message indicating if changes on the service provider require any updates on the consumer.
+        :param pulumi.Input[str] description: The reason for approval or rejection.
+        :param pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']] status: Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+        if actions_required is not None:
+            pulumi.set(__self__, "actions_required", actions_required)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if status is not None:
+            pulumi.set(__self__, "status", status)
+
+    @property
+    @pulumi.getter(name="actionsRequired")
+    def actions_required(self) -> Optional[pulumi.Input[Union[str, 'ActionsRequired']]]:
+        """
+        A message indicating if changes on the service provider require any updates on the consumer.
+        """
+        return pulumi.get(self, "actions_required")
+
+    @actions_required.setter
+    def actions_required(self, value: Optional[pulumi.Input[Union[str, 'ActionsRequired']]]):
+        pulumi.set(self, "actions_required", value)
+
+    @property
+    @pulumi.getter
+    def description(self) -> Optional[pulumi.Input[str]]:
+        """
+        The reason for approval or rejection.
+        """
+        return pulumi.get(self, "description")
+
+    @description.setter
+    def description(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "description", value)
+
+    @property
+    @pulumi.getter
+    def status(self) -> Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]:
+        """
+        Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+        return pulumi.get(self, "status")
+
+    @status.setter
+    def status(self, value: Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]):
+        pulumi.set(self, "status", value)
+
+
+if not MYPY:
+    class MHSMVirtualNetworkRuleArgsDict(TypedDict):
+        """
+        A rule governing the accessibility of a managed hsm pool from a specific virtual network.
+        """
+        id: pulumi.Input[str]
+        """
+        Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        """
+elif False:
+    MHSMVirtualNetworkRuleArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class MHSMVirtualNetworkRuleArgs:
+    def __init__(__self__, *,
+                 id: pulumi.Input[str]):
+        """
+        A rule governing the accessibility of a managed hsm pool from a specific virtual network.
+        :param pulumi.Input[str] id: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        """
+        pulumi.set(__self__, "id", id)
+
+    @property
+    @pulumi.getter
+    def id(self) -> pulumi.Input[str]:
+        """
+        Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        """
+        return pulumi.get(self, "id")
+
+    @id.setter
+    def id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "id", value)
+
+
+if not MYPY:
+    class ManagedHsmPropertiesArgsDict(TypedDict):
+        """
+        Properties of the managed HSM Pool
+        """
+        create_mode: NotRequired[pulumi.Input['CreateMode']]
+        """
+        The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.
+        """
+        enable_purge_protection: NotRequired[pulumi.Input[bool]]
+        """
+        Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
+        """
+        enable_soft_delete: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
+        """
+        initial_admin_object_ids: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        Array of initial administrators object ids for this managed hsm pool.
+        """
+        network_acls: NotRequired[pulumi.Input['MHSMNetworkRuleSetArgsDict']]
+        """
+        Rules governing the accessibility of the key vault from specific network locations.
+        """
+        public_network_access: NotRequired[pulumi.Input[Union[str, 'PublicNetworkAccess']]]
+        """
+        Control permission to the managed HSM from public networks.
+        """
+        regions: NotRequired[pulumi.Input[Sequence[pulumi.Input['MHSMGeoReplicatedRegionArgsDict']]]]
+        """
+        List of all regions associated with the managed hsm pool.
+        """
+        soft_delete_retention_in_days: NotRequired[pulumi.Input[int]]
+        """
+        Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
+        """
+        tenant_id: NotRequired[pulumi.Input[str]]
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.
+        """
+elif False:
+    ManagedHsmPropertiesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ManagedHsmPropertiesArgs:
+    def __init__(__self__, *,
+                 create_mode: Optional[pulumi.Input['CreateMode']] = None,
+                 enable_purge_protection: Optional[pulumi.Input[bool]] = None,
+                 enable_soft_delete: Optional[pulumi.Input[bool]] = None,
+                 initial_admin_object_ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
+                 network_acls: Optional[pulumi.Input['MHSMNetworkRuleSetArgs']] = None,
+                 public_network_access: Optional[pulumi.Input[Union[str, 'PublicNetworkAccess']]] = None,
+                 regions: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMGeoReplicatedRegionArgs']]]] = None,
+                 soft_delete_retention_in_days: Optional[pulumi.Input[int]] = None,
+                 tenant_id: Optional[pulumi.Input[str]] = None):
+        """
+        Properties of the managed HSM Pool
+        :param pulumi.Input['CreateMode'] create_mode: The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.
+        :param pulumi.Input[bool] enable_purge_protection: Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
+        :param pulumi.Input[bool] enable_soft_delete: Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] initial_admin_object_ids: Array of initial administrators object ids for this managed hsm pool.
+        :param pulumi.Input['MHSMNetworkRuleSetArgs'] network_acls: Rules governing the accessibility of the key vault from specific network locations.
+        :param pulumi.Input[Union[str, 'PublicNetworkAccess']] public_network_access: Control permission to the managed HSM from public networks.
+        :param pulumi.Input[Sequence[pulumi.Input['MHSMGeoReplicatedRegionArgs']]] regions: List of all regions associated with the managed hsm pool.
+        :param pulumi.Input[int] soft_delete_retention_in_days: Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
+        :param pulumi.Input[str] tenant_id: The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.
+        """
+        if create_mode is not None:
+            pulumi.set(__self__, "create_mode", create_mode)
+        if enable_purge_protection is None:
+            enable_purge_protection = True
+        if enable_purge_protection is not None:
+            pulumi.set(__self__, "enable_purge_protection", enable_purge_protection)
+        if enable_soft_delete is None:
+            enable_soft_delete = True
+        if enable_soft_delete is not None:
+            pulumi.set(__self__, "enable_soft_delete", enable_soft_delete)
+        if initial_admin_object_ids is not None:
+            pulumi.set(__self__, "initial_admin_object_ids", initial_admin_object_ids)
+        if network_acls is not None:
+            pulumi.set(__self__, "network_acls", network_acls)
+        if public_network_access is None:
+            public_network_access = 'Enabled'
+        if public_network_access is not None:
+            pulumi.set(__self__, "public_network_access", public_network_access)
+        if regions is not None:
+            pulumi.set(__self__, "regions", regions)
+        if soft_delete_retention_in_days is None:
+            soft_delete_retention_in_days = 90
+        if soft_delete_retention_in_days is not None:
+            pulumi.set(__self__, "soft_delete_retention_in_days", soft_delete_retention_in_days)
+        if tenant_id is not None:
+            pulumi.set(__self__, "tenant_id", tenant_id)
+
+    @property
+    @pulumi.getter(name="createMode")
+    def create_mode(self) -> Optional[pulumi.Input['CreateMode']]:
+        """
+        The create mode to indicate whether the resource is being created or is being recovered from a deleted resource.
+        """
+        return pulumi.get(self, "create_mode")
+
+    @create_mode.setter
+    def create_mode(self, value: Optional[pulumi.Input['CreateMode']]):
+        pulumi.set(self, "create_mode", value)
+
+    @property
+    @pulumi.getter(name="enablePurgeProtection")
+    def enable_purge_protection(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property specifying whether protection against purge is enabled for this managed HSM pool. Setting this property to true activates protection against purge for this managed HSM pool and its content - only the Managed HSM service may initiate a hard, irrecoverable deletion. Enabling this functionality is irreversible.
+        """
+        return pulumi.get(self, "enable_purge_protection")
+
+    @enable_purge_protection.setter
+    def enable_purge_protection(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enable_purge_protection", value)
+
+    @property
+    @pulumi.getter(name="enableSoftDelete")
+    def enable_soft_delete(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether the 'soft delete' functionality is enabled for this managed HSM pool. Soft delete is enabled by default for all managed HSMs and is immutable.
+        """
+        return pulumi.get(self, "enable_soft_delete")
+
+    @enable_soft_delete.setter
+    def enable_soft_delete(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enable_soft_delete", value)
+
+    @property
+    @pulumi.getter(name="initialAdminObjectIds")
+    def initial_admin_object_ids(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        Array of initial administrators object ids for this managed hsm pool.
+        """
+        return pulumi.get(self, "initial_admin_object_ids")
+
+    @initial_admin_object_ids.setter
+    def initial_admin_object_ids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "initial_admin_object_ids", value)
+
+    @property
+    @pulumi.getter(name="networkAcls")
+    def network_acls(self) -> Optional[pulumi.Input['MHSMNetworkRuleSetArgs']]:
+        """
+        Rules governing the accessibility of the key vault from specific network locations.
+        """
+        return pulumi.get(self, "network_acls")
+
+    @network_acls.setter
+    def network_acls(self, value: Optional[pulumi.Input['MHSMNetworkRuleSetArgs']]):
+        pulumi.set(self, "network_acls", value)
+
+    @property
+    @pulumi.getter(name="publicNetworkAccess")
+    def public_network_access(self) -> Optional[pulumi.Input[Union[str, 'PublicNetworkAccess']]]:
+        """
+        Control permission to the managed HSM from public networks.
+        """
+        return pulumi.get(self, "public_network_access")
+
+    @public_network_access.setter
+    def public_network_access(self, value: Optional[pulumi.Input[Union[str, 'PublicNetworkAccess']]]):
+        pulumi.set(self, "public_network_access", value)
+
+    @property
+    @pulumi.getter
+    def regions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['MHSMGeoReplicatedRegionArgs']]]]:
+        """
+        List of all regions associated with the managed hsm pool.
+        """
+        return pulumi.get(self, "regions")
+
+    @regions.setter
+    def regions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['MHSMGeoReplicatedRegionArgs']]]]):
+        pulumi.set(self, "regions", value)
+
+    @property
+    @pulumi.getter(name="softDeleteRetentionInDays")
+    def soft_delete_retention_in_days(self) -> Optional[pulumi.Input[int]]:
+        """
+        Soft deleted data retention days. When you delete an HSM or a key, it will remain recoverable for the configured retention period or for a default period of 90 days. It accepts values between 7 and 90.
+        """
+        return pulumi.get(self, "soft_delete_retention_in_days")
+
+    @soft_delete_retention_in_days.setter
+    def soft_delete_retention_in_days(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "soft_delete_retention_in_days", value)
+
+    @property
+    @pulumi.getter(name="tenantId")
+    def tenant_id(self) -> Optional[pulumi.Input[str]]:
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the managed HSM pool.
+        """
+        return pulumi.get(self, "tenant_id")
+
+    @tenant_id.setter
+    def tenant_id(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "tenant_id", value)
+
+
+if not MYPY:
+    class ManagedHsmSkuArgsDict(TypedDict):
+        """
+        SKU details
+        """
+        family: pulumi.Input[Union[str, 'ManagedHsmSkuFamily']]
+        """
+        SKU Family of the managed HSM Pool
+        """
+        name: pulumi.Input['ManagedHsmSkuName']
+        """
+        SKU of the managed HSM Pool
+        """
+elif False:
+    ManagedHsmSkuArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ManagedHsmSkuArgs:
+    def __init__(__self__, *,
+                 family: pulumi.Input[Union[str, 'ManagedHsmSkuFamily']],
+                 name: pulumi.Input['ManagedHsmSkuName']):
+        """
+        SKU details
+        :param pulumi.Input[Union[str, 'ManagedHsmSkuFamily']] family: SKU Family of the managed HSM Pool
+        :param pulumi.Input['ManagedHsmSkuName'] name: SKU of the managed HSM Pool
+        """
+        pulumi.set(__self__, "family", family)
+        pulumi.set(__self__, "name", name)
+
+    @property
+    @pulumi.getter
+    def family(self) -> pulumi.Input[Union[str, 'ManagedHsmSkuFamily']]:
+        """
+        SKU Family of the managed HSM Pool
+        """
+        return pulumi.get(self, "family")
+
+    @family.setter
+    def family(self, value: pulumi.Input[Union[str, 'ManagedHsmSkuFamily']]):
+        pulumi.set(self, "family", value)
+
+    @property
+    @pulumi.getter
+    def name(self) -> pulumi.Input['ManagedHsmSkuName']:
+        """
+        SKU of the managed HSM Pool
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input['ManagedHsmSkuName']):
+        pulumi.set(self, "name", value)
+
+
+if not MYPY:
+    class ManagedServiceIdentityArgsDict(TypedDict):
+        """
+        Managed service identity (system assigned and/or user assigned identities)
+        """
+        type: pulumi.Input[Union[str, 'ManagedServiceIdentityType']]
+        """
+        Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
+        """
+        user_assigned_identities: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]]
+        """
+        The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
+        """
+elif False:
+    ManagedServiceIdentityArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class ManagedServiceIdentityArgs:
+    def __init__(__self__, *,
+                 type: pulumi.Input[Union[str, 'ManagedServiceIdentityType']],
+                 user_assigned_identities: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None):
+        """
+        Managed service identity (system assigned and/or user assigned identities)
+        :param pulumi.Input[Union[str, 'ManagedServiceIdentityType']] type: Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] user_assigned_identities: The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
+        """
+        pulumi.set(__self__, "type", type)
+        if user_assigned_identities is not None:
+            pulumi.set(__self__, "user_assigned_identities", user_assigned_identities)
+
+    @property
+    @pulumi.getter
+    def type(self) -> pulumi.Input[Union[str, 'ManagedServiceIdentityType']]:
+        """
+        Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
+        """
+        return pulumi.get(self, "type")
+
+    @type.setter
+    def type(self, value: pulumi.Input[Union[str, 'ManagedServiceIdentityType']]):
+        pulumi.set(self, "type", value)
+
+    @property
+    @pulumi.getter(name="userAssignedIdentities")
+    def user_assigned_identities(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
+        """
+        The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
+        """
+        return pulumi.get(self, "user_assigned_identities")
+
+    @user_assigned_identities.setter
+    def user_assigned_identities(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]):
+        pulumi.set(self, "user_assigned_identities", value)
+
+
+if not MYPY:
+    class NetworkRuleSetArgsDict(TypedDict):
+        """
+        A set of rules governing the network accessibility of a vault.
+        """
+        bypass: NotRequired[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]
+        """
+        Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        """
+        default_action: NotRequired[pulumi.Input[Union[str, 'NetworkRuleAction']]]
+        """
+        The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        """
+        ip_rules: NotRequired[pulumi.Input[Sequence[pulumi.Input['IPRuleArgsDict']]]]
+        """
+        The list of IP address rules.
+        """
+        virtual_network_rules: NotRequired[pulumi.Input[Sequence[pulumi.Input['VirtualNetworkRuleArgsDict']]]]
+        """
+        The list of virtual network rules.
+        """
+elif False:
+    NetworkRuleSetArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class NetworkRuleSetArgs:
+    def __init__(__self__, *,
+                 bypass: Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]] = None,
+                 default_action: Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]] = None,
+                 ip_rules: Optional[pulumi.Input[Sequence[pulumi.Input['IPRuleArgs']]]] = None,
+                 virtual_network_rules: Optional[pulumi.Input[Sequence[pulumi.Input['VirtualNetworkRuleArgs']]]] = None):
+        """
+        A set of rules governing the network accessibility of a vault.
+        :param pulumi.Input[Union[str, 'NetworkRuleBypassOptions']] bypass: Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        :param pulumi.Input[Union[str, 'NetworkRuleAction']] default_action: The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        :param pulumi.Input[Sequence[pulumi.Input['IPRuleArgs']]] ip_rules: The list of IP address rules.
+        :param pulumi.Input[Sequence[pulumi.Input['VirtualNetworkRuleArgs']]] virtual_network_rules: The list of virtual network rules.
+        """
+        if bypass is not None:
+            pulumi.set(__self__, "bypass", bypass)
+        if default_action is not None:
+            pulumi.set(__self__, "default_action", default_action)
+        if ip_rules is not None:
+            pulumi.set(__self__, "ip_rules", ip_rules)
+        if virtual_network_rules is not None:
+            pulumi.set(__self__, "virtual_network_rules", virtual_network_rules)
+
+    @property
+    @pulumi.getter
+    def bypass(self) -> Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]:
+        """
+        Tells what traffic can bypass network rules. This can be 'AzureServices' or 'None'.  If not specified the default is 'AzureServices'.
+        """
+        return pulumi.get(self, "bypass")
+
+    @bypass.setter
+    def bypass(self, value: Optional[pulumi.Input[Union[str, 'NetworkRuleBypassOptions']]]):
+        pulumi.set(self, "bypass", value)
+
+    @property
+    @pulumi.getter(name="defaultAction")
+    def default_action(self) -> Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]]:
+        """
+        The default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
+        """
+        return pulumi.get(self, "default_action")
+
+    @default_action.setter
+    def default_action(self, value: Optional[pulumi.Input[Union[str, 'NetworkRuleAction']]]):
+        pulumi.set(self, "default_action", value)
+
+    @property
+    @pulumi.getter(name="ipRules")
+    def ip_rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['IPRuleArgs']]]]:
+        """
+        The list of IP address rules.
+        """
+        return pulumi.get(self, "ip_rules")
+
+    @ip_rules.setter
+    def ip_rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['IPRuleArgs']]]]):
+        pulumi.set(self, "ip_rules", value)
+
+    @property
+    @pulumi.getter(name="virtualNetworkRules")
+    def virtual_network_rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['VirtualNetworkRuleArgs']]]]:
+        """
+        The list of virtual network rules.
+        """
+        return pulumi.get(self, "virtual_network_rules")
+
+    @virtual_network_rules.setter
+    def virtual_network_rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['VirtualNetworkRuleArgs']]]]):
+        pulumi.set(self, "virtual_network_rules", value)
+
+
+if not MYPY:
+    class PermissionsArgsDict(TypedDict):
+        """
+        Permissions the identity has for keys, secrets, certificates and storage.
+        """
+        certificates: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union[str, 'CertificatePermissions']]]]]
+        """
+        Permissions to certificates
+        """
+        keys: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union[str, 'KeyPermissions']]]]]
+        """
+        Permissions to keys
+        """
+        secrets: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union[str, 'SecretPermissions']]]]]
+        """
+        Permissions to secrets
+        """
+        storage: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union[str, 'StoragePermissions']]]]]
+        """
+        Permissions to storage accounts
+        """
+elif False:
+    PermissionsArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class PermissionsArgs:
+    def __init__(__self__, *,
+                 certificates: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'CertificatePermissions']]]]] = None,
+                 keys: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'KeyPermissions']]]]] = None,
+                 secrets: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'SecretPermissions']]]]] = None,
+                 storage: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'StoragePermissions']]]]] = None):
+        """
+        Permissions the identity has for keys, secrets, certificates and storage.
+        :param pulumi.Input[Sequence[pulumi.Input[Union[str, 'CertificatePermissions']]]] certificates: Permissions to certificates
+        :param pulumi.Input[Sequence[pulumi.Input[Union[str, 'KeyPermissions']]]] keys: Permissions to keys
+        :param pulumi.Input[Sequence[pulumi.Input[Union[str, 'SecretPermissions']]]] secrets: Permissions to secrets
+        :param pulumi.Input[Sequence[pulumi.Input[Union[str, 'StoragePermissions']]]] storage: Permissions to storage accounts
+        """
+        if certificates is not None:
+            pulumi.set(__self__, "certificates", certificates)
+        if keys is not None:
+            pulumi.set(__self__, "keys", keys)
+        if secrets is not None:
+            pulumi.set(__self__, "secrets", secrets)
+        if storage is not None:
+            pulumi.set(__self__, "storage", storage)
+
+    @property
+    @pulumi.getter
+    def certificates(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'CertificatePermissions']]]]]:
+        """
+        Permissions to certificates
+        """
+        return pulumi.get(self, "certificates")
+
+    @certificates.setter
+    def certificates(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'CertificatePermissions']]]]]):
+        pulumi.set(self, "certificates", value)
+
+    @property
+    @pulumi.getter
+    def keys(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'KeyPermissions']]]]]:
+        """
+        Permissions to keys
+        """
+        return pulumi.get(self, "keys")
+
+    @keys.setter
+    def keys(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'KeyPermissions']]]]]):
+        pulumi.set(self, "keys", value)
+
+    @property
+    @pulumi.getter
+    def secrets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'SecretPermissions']]]]]:
+        """
+        Permissions to secrets
+        """
+        return pulumi.get(self, "secrets")
+
+    @secrets.setter
+    def secrets(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'SecretPermissions']]]]]):
+        pulumi.set(self, "secrets", value)
+
+    @property
+    @pulumi.getter
+    def storage(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'StoragePermissions']]]]]:
+        """
+        Permissions to storage accounts
+        """
+        return pulumi.get(self, "storage")
+
+    @storage.setter
+    def storage(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union[str, 'StoragePermissions']]]]]):
+        pulumi.set(self, "storage", value)
+
+
+if not MYPY:
+    class PrivateLinkServiceConnectionStateArgsDict(TypedDict):
+        """
+        An object that represents the approval state of the private link connection.
+        """
+        actions_required: NotRequired[pulumi.Input[Union[str, 'ActionsRequired']]]
+        """
+        A message indicating if changes on the service provider require any updates on the consumer.
+        """
+        description: NotRequired[pulumi.Input[str]]
+        """
+        The reason for approval or rejection.
+        """
+        status: NotRequired[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]
+        """
+        Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+elif False:
+    PrivateLinkServiceConnectionStateArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class PrivateLinkServiceConnectionStateArgs:
+    def __init__(__self__, *,
+                 actions_required: Optional[pulumi.Input[Union[str, 'ActionsRequired']]] = None,
+                 description: Optional[pulumi.Input[str]] = None,
+                 status: Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]] = None):
+        """
+        An object that represents the approval state of the private link connection.
+        :param pulumi.Input[Union[str, 'ActionsRequired']] actions_required: A message indicating if changes on the service provider require any updates on the consumer.
+        :param pulumi.Input[str] description: The reason for approval or rejection.
+        :param pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']] status: Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+        if actions_required is not None:
+            pulumi.set(__self__, "actions_required", actions_required)
+        if description is not None:
+            pulumi.set(__self__, "description", description)
+        if status is not None:
+            pulumi.set(__self__, "status", status)
+
+    @property
+    @pulumi.getter(name="actionsRequired")
+    def actions_required(self) -> Optional[pulumi.Input[Union[str, 'ActionsRequired']]]:
+        """
+        A message indicating if changes on the service provider require any updates on the consumer.
+        """
+        return pulumi.get(self, "actions_required")
+
+    @actions_required.setter
+    def actions_required(self, value: Optional[pulumi.Input[Union[str, 'ActionsRequired']]]):
+        pulumi.set(self, "actions_required", value)
+
+    @property
+    @pulumi.getter
+    def description(self) -> Optional[pulumi.Input[str]]:
+        """
+        The reason for approval or rejection.
+        """
+        return pulumi.get(self, "description")
+
+    @description.setter
+    def description(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "description", value)
+
+    @property
+    @pulumi.getter
+    def status(self) -> Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]:
+        """
+        Indicates whether the connection has been approved, rejected or removed by the key vault owner.
+        """
+        return pulumi.get(self, "status")
+
+    @status.setter
+    def status(self, value: Optional[pulumi.Input[Union[str, 'PrivateEndpointServiceConnectionStatus']]]):
+        pulumi.set(self, "status", value)
+
+
+if not MYPY:
+    class RotationPolicyArgsDict(TypedDict):
+        attributes: NotRequired[pulumi.Input['KeyRotationPolicyAttributesArgsDict']]
+        """
+        The attributes of key rotation policy.
+        """
+        lifetime_actions: NotRequired[pulumi.Input[Sequence[pulumi.Input['LifetimeActionArgsDict']]]]
+        """
+        The lifetimeActions for key rotation action.
+        """
+elif False:
+    RotationPolicyArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class RotationPolicyArgs:
+    def __init__(__self__, *,
+                 attributes: Optional[pulumi.Input['KeyRotationPolicyAttributesArgs']] = None,
+                 lifetime_actions: Optional[pulumi.Input[Sequence[pulumi.Input['LifetimeActionArgs']]]] = None):
+        """
+        :param pulumi.Input['KeyRotationPolicyAttributesArgs'] attributes: The attributes of key rotation policy.
+        :param pulumi.Input[Sequence[pulumi.Input['LifetimeActionArgs']]] lifetime_actions: The lifetimeActions for key rotation action.
+        """
+        if attributes is not None:
+            pulumi.set(__self__, "attributes", attributes)
+        if lifetime_actions is not None:
+            pulumi.set(__self__, "lifetime_actions", lifetime_actions)
+
+    @property
+    @pulumi.getter
+    def attributes(self) -> Optional[pulumi.Input['KeyRotationPolicyAttributesArgs']]:
+        """
+        The attributes of key rotation policy.
+        """
+        return pulumi.get(self, "attributes")
+
+    @attributes.setter
+    def attributes(self, value: Optional[pulumi.Input['KeyRotationPolicyAttributesArgs']]):
+        pulumi.set(self, "attributes", value)
+
+    @property
+    @pulumi.getter(name="lifetimeActions")
+    def lifetime_actions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['LifetimeActionArgs']]]]:
+        """
+        The lifetimeActions for key rotation action.
+        """
+        return pulumi.get(self, "lifetime_actions")
+
+    @lifetime_actions.setter
+    def lifetime_actions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['LifetimeActionArgs']]]]):
+        pulumi.set(self, "lifetime_actions", value)
+
+
+if not MYPY:
+    class SecretAttributesArgsDict(TypedDict):
+        """
+        The secret management attributes.
+        """
+        enabled: NotRequired[pulumi.Input[bool]]
+        """
+        Determines whether the object is enabled.
+        """
+        expires: NotRequired[pulumi.Input[int]]
+        """
+        Expiry date in seconds since 1970-01-01T00:00:00Z.
+        """
+        not_before: NotRequired[pulumi.Input[int]]
+        """
+        Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+elif False:
+    SecretAttributesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class SecretAttributesArgs:
+    def __init__(__self__, *,
+                 enabled: Optional[pulumi.Input[bool]] = None,
+                 expires: Optional[pulumi.Input[int]] = None,
+                 not_before: Optional[pulumi.Input[int]] = None):
+        """
+        The secret management attributes.
+        :param pulumi.Input[bool] enabled: Determines whether the object is enabled.
+        :param pulumi.Input[int] expires: Expiry date in seconds since 1970-01-01T00:00:00Z.
+        :param pulumi.Input[int] not_before: Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+        if enabled is not None:
+            pulumi.set(__self__, "enabled", enabled)
+        if expires is not None:
+            pulumi.set(__self__, "expires", expires)
+        if not_before is not None:
+            pulumi.set(__self__, "not_before", not_before)
+
+    @property
+    @pulumi.getter
+    def enabled(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Determines whether the object is enabled.
+        """
+        return pulumi.get(self, "enabled")
+
+    @enabled.setter
+    def enabled(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enabled", value)
+
+    @property
+    @pulumi.getter
+    def expires(self) -> Optional[pulumi.Input[int]]:
+        """
+        Expiry date in seconds since 1970-01-01T00:00:00Z.
+        """
+        return pulumi.get(self, "expires")
+
+    @expires.setter
+    def expires(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "expires", value)
+
+    @property
+    @pulumi.getter(name="notBefore")
+    def not_before(self) -> Optional[pulumi.Input[int]]:
+        """
+        Not before date in seconds since 1970-01-01T00:00:00Z.
+        """
+        return pulumi.get(self, "not_before")
+
+    @not_before.setter
+    def not_before(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "not_before", value)
+
+
+if not MYPY:
+    class SecretPropertiesArgsDict(TypedDict):
+        """
+        Properties of the secret
+        """
+        attributes: NotRequired[pulumi.Input['SecretAttributesArgsDict']]
+        """
+        The attributes of the secret.
+        """
+        content_type: NotRequired[pulumi.Input[str]]
+        """
+        The content type of the secret.
+        """
+        value: NotRequired[pulumi.Input[str]]
+        """
+        The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
+        """
+elif False:
+    SecretPropertiesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class SecretPropertiesArgs:
+    def __init__(__self__, *,
+                 attributes: Optional[pulumi.Input['SecretAttributesArgs']] = None,
+                 content_type: Optional[pulumi.Input[str]] = None,
+                 value: Optional[pulumi.Input[str]] = None):
+        """
+        Properties of the secret
+        :param pulumi.Input['SecretAttributesArgs'] attributes: The attributes of the secret.
+        :param pulumi.Input[str] content_type: The content type of the secret.
+        :param pulumi.Input[str] value: The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
+        """
+        if attributes is not None:
+            pulumi.set(__self__, "attributes", attributes)
+        if content_type is not None:
+            pulumi.set(__self__, "content_type", content_type)
+        if value is not None:
+            pulumi.set(__self__, "value", value)
+
+    @property
+    @pulumi.getter
+    def attributes(self) -> Optional[pulumi.Input['SecretAttributesArgs']]:
+        """
+        The attributes of the secret.
+        """
+        return pulumi.get(self, "attributes")
+
+    @attributes.setter
+    def attributes(self, value: Optional[pulumi.Input['SecretAttributesArgs']]):
+        pulumi.set(self, "attributes", value)
+
+    @property
+    @pulumi.getter(name="contentType")
+    def content_type(self) -> Optional[pulumi.Input[str]]:
+        """
+        The content type of the secret.
+        """
+        return pulumi.get(self, "content_type")
+
+    @content_type.setter
+    def content_type(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "content_type", value)
+
+    @property
+    @pulumi.getter
+    def value(self) -> Optional[pulumi.Input[str]]:
+        """
+        The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
+        """
+        return pulumi.get(self, "value")
+
+    @value.setter
+    def value(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "value", value)
+
+
+if not MYPY:
+    class SkuArgsDict(TypedDict):
+        """
+        SKU details
+        """
+        family: pulumi.Input[Union[str, 'SkuFamily']]
+        """
+        SKU family name
+        """
+        name: pulumi.Input['SkuName']
+        """
+        SKU name to specify whether the key vault is a standard vault or a premium vault.
+        """
+elif False:
+    SkuArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class SkuArgs:
+    def __init__(__self__, *,
+                 family: pulumi.Input[Union[str, 'SkuFamily']],
+                 name: pulumi.Input['SkuName']):
+        """
+        SKU details
+        :param pulumi.Input[Union[str, 'SkuFamily']] family: SKU family name
+        :param pulumi.Input['SkuName'] name: SKU name to specify whether the key vault is a standard vault or a premium vault.
+        """
+        pulumi.set(__self__, "family", family)
+        pulumi.set(__self__, "name", name)
+
+    @property
+    @pulumi.getter
+    def family(self) -> pulumi.Input[Union[str, 'SkuFamily']]:
+        """
+        SKU family name
+        """
+        return pulumi.get(self, "family")
+
+    @family.setter
+    def family(self, value: pulumi.Input[Union[str, 'SkuFamily']]):
+        pulumi.set(self, "family", value)
+
+    @property
+    @pulumi.getter
+    def name(self) -> pulumi.Input['SkuName']:
+        """
+        SKU name to specify whether the key vault is a standard vault or a premium vault.
+        """
+        return pulumi.get(self, "name")
+
+    @name.setter
+    def name(self, value: pulumi.Input['SkuName']):
+        pulumi.set(self, "name", value)
+
+
+if not MYPY:
+    class TriggerArgsDict(TypedDict):
+        time_after_create: NotRequired[pulumi.Input[str]]
+        """
+        The time duration after key creation to rotate the key. It only applies to rotate. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        """
+        time_before_expiry: NotRequired[pulumi.Input[str]]
+        """
+        The time duration before key expiring to rotate or notify. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        """
+elif False:
+    TriggerArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class TriggerArgs:
+    def __init__(__self__, *,
+                 time_after_create: Optional[pulumi.Input[str]] = None,
+                 time_before_expiry: Optional[pulumi.Input[str]] = None):
+        """
+        :param pulumi.Input[str] time_after_create: The time duration after key creation to rotate the key. It only applies to rotate. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        :param pulumi.Input[str] time_before_expiry: The time duration before key expiring to rotate or notify. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        """
+        if time_after_create is not None:
+            pulumi.set(__self__, "time_after_create", time_after_create)
+        if time_before_expiry is not None:
+            pulumi.set(__self__, "time_before_expiry", time_before_expiry)
+
+    @property
+    @pulumi.getter(name="timeAfterCreate")
+    def time_after_create(self) -> Optional[pulumi.Input[str]]:
+        """
+        The time duration after key creation to rotate the key. It only applies to rotate. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        """
+        return pulumi.get(self, "time_after_create")
+
+    @time_after_create.setter
+    def time_after_create(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "time_after_create", value)
+
+    @property
+    @pulumi.getter(name="timeBeforeExpiry")
+    def time_before_expiry(self) -> Optional[pulumi.Input[str]]:
+        """
+        The time duration before key expiring to rotate or notify. It will be in ISO 8601 duration format. Eg: 'P90D', 'P1Y'.
+        """
+        return pulumi.get(self, "time_before_expiry")
+
+    @time_before_expiry.setter
+    def time_before_expiry(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "time_before_expiry", value)
+
+
+if not MYPY:
+    class VaultPropertiesArgsDict(TypedDict):
+        """
+        Properties of the vault
+        """
+        sku: pulumi.Input['SkuArgsDict']
+        """
+        SKU details
+        """
+        tenant_id: pulumi.Input[str]
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        """
+        access_policies: NotRequired[pulumi.Input[Sequence[pulumi.Input['AccessPolicyEntryArgsDict']]]]
+        """
+        An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required.
+        These are also available as standalone resources. Do not mix inline and standalone resource as they will conflict with each other, leading to resources deletion.
+        """
+        create_mode: NotRequired[pulumi.Input['CreateMode']]
+        """
+        The vault's create mode to indicate whether the vault need to be recovered or not.
+        """
+        enable_purge_protection: NotRequired[pulumi.Input[bool]]
+        """
+        Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.
+        """
+        enable_rbac_authorization: NotRequired[pulumi.Input[bool]]
+        """
+        Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
+        """
+        enable_soft_delete: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.
+        """
+        enabled_for_deployment: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
+        """
+        enabled_for_disk_encryption: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
+        """
+        enabled_for_template_deployment: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
+        """
+        network_acls: NotRequired[pulumi.Input['NetworkRuleSetArgsDict']]
+        """
+        Rules governing the accessibility of the key vault from specific network locations.
+        """
+        provisioning_state: NotRequired[pulumi.Input[Union[str, 'VaultProvisioningState']]]
+        """
+        Provisioning state of the vault.
+        """
+        public_network_access: NotRequired[pulumi.Input[str]]
+        """
+        Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.
+        """
+        soft_delete_retention_in_days: NotRequired[pulumi.Input[int]]
+        """
+        softDelete data retention days. It accepts >=7 and <=90.
+        """
+        vault_uri: NotRequired[pulumi.Input[str]]
+        """
+        The URI of the vault for performing operations on keys and secrets.
+        """
+elif False:
+    VaultPropertiesArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class VaultPropertiesArgs:
+    def __init__(__self__, *,
+                 sku: pulumi.Input['SkuArgs'],
+                 tenant_id: pulumi.Input[str],
+                 access_policies: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyEntryArgs']]]] = None,
+                 create_mode: Optional[pulumi.Input['CreateMode']] = None,
+                 enable_purge_protection: Optional[pulumi.Input[bool]] = None,
+                 enable_rbac_authorization: Optional[pulumi.Input[bool]] = None,
+                 enable_soft_delete: Optional[pulumi.Input[bool]] = None,
+                 enabled_for_deployment: Optional[pulumi.Input[bool]] = None,
+                 enabled_for_disk_encryption: Optional[pulumi.Input[bool]] = None,
+                 enabled_for_template_deployment: Optional[pulumi.Input[bool]] = None,
+                 network_acls: Optional[pulumi.Input['NetworkRuleSetArgs']] = None,
+                 provisioning_state: Optional[pulumi.Input[Union[str, 'VaultProvisioningState']]] = None,
+                 public_network_access: Optional[pulumi.Input[str]] = None,
+                 soft_delete_retention_in_days: Optional[pulumi.Input[int]] = None,
+                 vault_uri: Optional[pulumi.Input[str]] = None):
+        """
+        Properties of the vault
+        :param pulumi.Input['SkuArgs'] sku: SKU details
+        :param pulumi.Input[str] tenant_id: The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        :param pulumi.Input[Sequence[pulumi.Input['AccessPolicyEntryArgs']]] access_policies: An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required.
+               These are also available as standalone resources. Do not mix inline and standalone resource as they will conflict with each other, leading to resources deletion.
+        :param pulumi.Input['CreateMode'] create_mode: The vault's create mode to indicate whether the vault need to be recovered or not.
+        :param pulumi.Input[bool] enable_purge_protection: Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.
+        :param pulumi.Input[bool] enable_rbac_authorization: Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
+        :param pulumi.Input[bool] enable_soft_delete: Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.
+        :param pulumi.Input[bool] enabled_for_deployment: Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
+        :param pulumi.Input[bool] enabled_for_disk_encryption: Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
+        :param pulumi.Input[bool] enabled_for_template_deployment: Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
+        :param pulumi.Input['NetworkRuleSetArgs'] network_acls: Rules governing the accessibility of the key vault from specific network locations.
+        :param pulumi.Input[Union[str, 'VaultProvisioningState']] provisioning_state: Provisioning state of the vault.
+        :param pulumi.Input[str] public_network_access: Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.
+        :param pulumi.Input[int] soft_delete_retention_in_days: softDelete data retention days. It accepts >=7 and <=90.
+        :param pulumi.Input[str] vault_uri: The URI of the vault for performing operations on keys and secrets.
+        """
+        pulumi.set(__self__, "sku", sku)
+        pulumi.set(__self__, "tenant_id", tenant_id)
+        if access_policies is not None:
+            pulumi.set(__self__, "access_policies", access_policies)
+        if create_mode is not None:
+            pulumi.set(__self__, "create_mode", create_mode)
+        if enable_purge_protection is not None:
+            pulumi.set(__self__, "enable_purge_protection", enable_purge_protection)
+        if enable_rbac_authorization is None:
+            enable_rbac_authorization = False
+        if enable_rbac_authorization is not None:
+            pulumi.set(__self__, "enable_rbac_authorization", enable_rbac_authorization)
+        if enable_soft_delete is None:
+            enable_soft_delete = True
+        if enable_soft_delete is not None:
+            pulumi.set(__self__, "enable_soft_delete", enable_soft_delete)
+        if enabled_for_deployment is None:
+            enabled_for_deployment = False
+        if enabled_for_deployment is not None:
+            pulumi.set(__self__, "enabled_for_deployment", enabled_for_deployment)
+        if enabled_for_disk_encryption is None:
+            enabled_for_disk_encryption = False
+        if enabled_for_disk_encryption is not None:
+            pulumi.set(__self__, "enabled_for_disk_encryption", enabled_for_disk_encryption)
+        if enabled_for_template_deployment is None:
+            enabled_for_template_deployment = False
+        if enabled_for_template_deployment is not None:
+            pulumi.set(__self__, "enabled_for_template_deployment", enabled_for_template_deployment)
+        if network_acls is not None:
+            pulumi.set(__self__, "network_acls", network_acls)
+        if provisioning_state is not None:
+            pulumi.set(__self__, "provisioning_state", provisioning_state)
+        if public_network_access is None:
+            public_network_access = 'enabled'
+        if public_network_access is not None:
+            pulumi.set(__self__, "public_network_access", public_network_access)
+        if soft_delete_retention_in_days is None:
+            soft_delete_retention_in_days = 90
+        if soft_delete_retention_in_days is not None:
+            pulumi.set(__self__, "soft_delete_retention_in_days", soft_delete_retention_in_days)
+        if vault_uri is not None:
+            pulumi.set(__self__, "vault_uri", vault_uri)
+
+    @property
+    @pulumi.getter
+    def sku(self) -> pulumi.Input['SkuArgs']:
+        """
+        SKU details
+        """
+        return pulumi.get(self, "sku")
+
+    @sku.setter
+    def sku(self, value: pulumi.Input['SkuArgs']):
+        pulumi.set(self, "sku", value)
+
+    @property
+    @pulumi.getter(name="tenantId")
+    def tenant_id(self) -> pulumi.Input[str]:
+        """
+        The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault.
+        """
+        return pulumi.get(self, "tenant_id")
+
+    @tenant_id.setter
+    def tenant_id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "tenant_id", value)
+
+    @property
+    @pulumi.getter(name="accessPolicies")
+    def access_policies(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyEntryArgs']]]]:
+        """
+        An array of 0 to 1024 identities that have access to the key vault. All identities in the array must use the same tenant ID as the key vault's tenant ID. When `createMode` is set to `recover`, access policies are not required. Otherwise, access policies are required.
+        These are also available as standalone resources. Do not mix inline and standalone resource as they will conflict with each other, leading to resources deletion.
+        """
+        return pulumi.get(self, "access_policies")
+
+    @access_policies.setter
+    def access_policies(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['AccessPolicyEntryArgs']]]]):
+        pulumi.set(self, "access_policies", value)
+
+    @property
+    @pulumi.getter(name="createMode")
+    def create_mode(self) -> Optional[pulumi.Input['CreateMode']]:
+        """
+        The vault's create mode to indicate whether the vault need to be recovered or not.
+        """
+        return pulumi.get(self, "create_mode")
+
+    @create_mode.setter
+    def create_mode(self, value: Optional[pulumi.Input['CreateMode']]):
+        pulumi.set(self, "create_mode", value)
+
+    @property
+    @pulumi.getter(name="enablePurgeProtection")
+    def enable_purge_protection(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property specifying whether protection against purge is enabled for this vault. Setting this property to true activates protection against purge for this vault and its content - only the Key Vault service may initiate a hard, irrecoverable deletion. The setting is effective only if soft delete is also enabled. Enabling this functionality is irreversible - that is, the property does not accept false as its value.
+        """
+        return pulumi.get(self, "enable_purge_protection")
+
+    @enable_purge_protection.setter
+    def enable_purge_protection(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enable_purge_protection", value)
+
+    @property
+    @pulumi.getter(name="enableRbacAuthorization")
+    def enable_rbac_authorization(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property that controls how data actions are authorized. When true, the key vault will use Role Based Access Control (RBAC) for authorization of data actions, and the access policies specified in vault properties will be  ignored. When false, the key vault will use the access policies specified in vault properties, and any policy stored on Azure Resource Manager will be ignored. If null or not specified, the vault is created with the default value of false. Note that management actions are always authorized with RBAC.
+        """
+        return pulumi.get(self, "enable_rbac_authorization")
+
+    @enable_rbac_authorization.setter
+    def enable_rbac_authorization(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enable_rbac_authorization", value)
+
+    @property
+    @pulumi.getter(name="enableSoftDelete")
+    def enable_soft_delete(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether the 'soft delete' functionality is enabled for this key vault. If it's not set to any value(true or false) when creating new key vault, it will be set to true by default. Once set to true, it cannot be reverted to false.
+        """
+        return pulumi.get(self, "enable_soft_delete")
+
+    @enable_soft_delete.setter
+    def enable_soft_delete(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enable_soft_delete", value)
+
+    @property
+    @pulumi.getter(name="enabledForDeployment")
+    def enabled_for_deployment(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault.
+        """
+        return pulumi.get(self, "enabled_for_deployment")
+
+    @enabled_for_deployment.setter
+    def enabled_for_deployment(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enabled_for_deployment", value)
+
+    @property
+    @pulumi.getter(name="enabledForDiskEncryption")
+    def enabled_for_disk_encryption(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys.
+        """
+        return pulumi.get(self, "enabled_for_disk_encryption")
+
+    @enabled_for_disk_encryption.setter
+    def enabled_for_disk_encryption(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enabled_for_disk_encryption", value)
+
+    @property
+    @pulumi.getter(name="enabledForTemplateDeployment")
+    def enabled_for_template_deployment(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.
+        """
+        return pulumi.get(self, "enabled_for_template_deployment")
+
+    @enabled_for_template_deployment.setter
+    def enabled_for_template_deployment(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "enabled_for_template_deployment", value)
+
+    @property
+    @pulumi.getter(name="networkAcls")
+    def network_acls(self) -> Optional[pulumi.Input['NetworkRuleSetArgs']]:
+        """
+        Rules governing the accessibility of the key vault from specific network locations.
+        """
+        return pulumi.get(self, "network_acls")
+
+    @network_acls.setter
+    def network_acls(self, value: Optional[pulumi.Input['NetworkRuleSetArgs']]):
+        pulumi.set(self, "network_acls", value)
+
+    @property
+    @pulumi.getter(name="provisioningState")
+    def provisioning_state(self) -> Optional[pulumi.Input[Union[str, 'VaultProvisioningState']]]:
+        """
+        Provisioning state of the vault.
+        """
+        return pulumi.get(self, "provisioning_state")
+
+    @provisioning_state.setter
+    def provisioning_state(self, value: Optional[pulumi.Input[Union[str, 'VaultProvisioningState']]]):
+        pulumi.set(self, "provisioning_state", value)
+
+    @property
+    @pulumi.getter(name="publicNetworkAccess")
+    def public_network_access(self) -> Optional[pulumi.Input[str]]:
+        """
+        Property to specify whether the vault will accept traffic from public internet. If set to 'disabled' all traffic except private endpoint traffic and that that originates from trusted services will be blocked. This will override the set firewall rules, meaning that even if the firewall rules are present we will not honor the rules.
+        """
+        return pulumi.get(self, "public_network_access")
+
+    @public_network_access.setter
+    def public_network_access(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "public_network_access", value)
+
+    @property
+    @pulumi.getter(name="softDeleteRetentionInDays")
+    def soft_delete_retention_in_days(self) -> Optional[pulumi.Input[int]]:
+        """
+        softDelete data retention days. It accepts >=7 and <=90.
+        """
+        return pulumi.get(self, "soft_delete_retention_in_days")
+
+    @soft_delete_retention_in_days.setter
+    def soft_delete_retention_in_days(self, value: Optional[pulumi.Input[int]]):
+        pulumi.set(self, "soft_delete_retention_in_days", value)
+
+    @property
+    @pulumi.getter(name="vaultUri")
+    def vault_uri(self) -> Optional[pulumi.Input[str]]:
+        """
+        The URI of the vault for performing operations on keys and secrets.
+        """
+        return pulumi.get(self, "vault_uri")
+
+    @vault_uri.setter
+    def vault_uri(self, value: Optional[pulumi.Input[str]]):
+        pulumi.set(self, "vault_uri", value)
+
+
+if not MYPY:
+    class VirtualNetworkRuleArgsDict(TypedDict):
+        """
+        A rule governing the accessibility of a vault from a specific virtual network.
+        """
+        id: pulumi.Input[str]
+        """
+        Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        """
+        ignore_missing_vnet_service_endpoint: NotRequired[pulumi.Input[bool]]
+        """
+        Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.
+        """
+elif False:
+    VirtualNetworkRuleArgsDict: TypeAlias = Mapping[str, Any]
+
+@pulumi.input_type
+class VirtualNetworkRuleArgs:
+    def __init__(__self__, *,
+                 id: pulumi.Input[str],
+                 ignore_missing_vnet_service_endpoint: Optional[pulumi.Input[bool]] = None):
+        """
+        A rule governing the accessibility of a vault from a specific virtual network.
+        :param pulumi.Input[str] id: Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        :param pulumi.Input[bool] ignore_missing_vnet_service_endpoint: Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.
+        """
+        pulumi.set(__self__, "id", id)
+        if ignore_missing_vnet_service_endpoint is not None:
+            pulumi.set(__self__, "ignore_missing_vnet_service_endpoint", ignore_missing_vnet_service_endpoint)
+
+    @property
+    @pulumi.getter
+    def id(self) -> pulumi.Input[str]:
+        """
+        Full resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
+        """
+        return pulumi.get(self, "id")
+
+    @id.setter
+    def id(self, value: pulumi.Input[str]):
+        pulumi.set(self, "id", value)
+
+    @property
+    @pulumi.getter(name="ignoreMissingVnetServiceEndpoint")
+    def ignore_missing_vnet_service_endpoint(self) -> Optional[pulumi.Input[bool]]:
+        """
+        Property to specify whether NRP will ignore the check if parent subnet has serviceEndpoints configured.
+        """
+        return pulumi.get(self, "ignore_missing_vnet_service_endpoint")
+
+    @ignore_missing_vnet_service_endpoint.setter
+    def ignore_missing_vnet_service_endpoint(self, value: Optional[pulumi.Input[bool]]):
+        pulumi.set(self, "ignore_missing_vnet_service_endpoint", value)
+
+