alicloud logo
Alibaba Cloud v3.34.0, Mar 17 23

alicloud.kms.getSecrets

This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.

NOTE: Available in v1.86.0+.

Example Usage

using System.Collections.Generic;
using Pulumi;
using AliCloud = Pulumi.AliCloud;

return await Deployment.RunAsync(() => 
{
    var kmsSecretsDs = AliCloud.Kms.GetSecrets.Invoke(new()
    {
        FetchTags = true,
        NameRegex = "name_regex",
        Tags = 
        {
            { "k-aa", "v-aa" },
            { "k-bb", "v-bb" },
        },
    });

    return new Dictionary<string, object?>
    {
        ["firstSecretId"] = kmsSecretsDs.Apply(getSecretsResult => getSecretsResult.Secrets[0]?.Id),
    };
});
package main

import (
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
			FetchTags: pulumi.BoolRef(true),
			NameRegex: pulumi.StringRef("name_regex"),
			Tags: map[string]interface{}{
				"k-aa": "v-aa",
				"k-bb": "v-bb",
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.KmsFunctions;
import com.pulumi.alicloud.kms.inputs.GetSecretsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var kmsSecretsDs = KmsFunctions.getSecrets(GetSecretsArgs.builder()
            .fetchTags(true)
            .nameRegex("name_regex")
            .tags(Map.ofEntries(
                Map.entry("k-aa", "v-aa"),
                Map.entry("k-bb", "v-bb")
            ))
            .build());

        ctx.export("firstSecretId", kmsSecretsDs.applyValue(getSecretsResult -> getSecretsResult.secrets()[0].id()));
    }
}
import pulumi
import pulumi_alicloud as alicloud

kms_secrets_ds = alicloud.kms.get_secrets(fetch_tags=True,
    name_regex="name_regex",
    tags={
        "k-aa": "v-aa",
        "k-bb": "v-bb",
    })
pulumi.export("firstSecretId", kms_secrets_ds.secrets[0].id)
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const kmsSecretsDs = alicloud.kms.getSecrets({
    fetchTags: true,
    nameRegex: "name_regex",
    tags: {
        "k-aa": "v-aa",
        "k-bb": "v-bb",
    },
});
export const firstSecretId = kmsSecretsDs.then(kmsSecretsDs => kmsSecretsDs.secrets?.[0]?.id);
variables:
  kmsSecretsDs:
    fn::invoke:
      Function: alicloud:kms:getSecrets
      Arguments:
        fetchTags: true
        nameRegex: name_regex
        tags:
          k-aa: v-aa
          k-bb: v-bb
outputs:
  firstSecretId: ${kmsSecretsDs.secrets[0].id}

Using getSecrets

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>
def get_secrets(enable_details: Optional[bool] = None,
                fetch_tags: Optional[bool] = None,
                filters: Optional[str] = None,
                ids: Optional[Sequence[str]] = None,
                name_regex: Optional[str] = None,
                output_file: Optional[str] = None,
                tags: Optional[Mapping[str, Any]] = None,
                opts: Optional[InvokeOptions] = None) -> GetSecretsResult
def get_secrets_output(enable_details: Optional[pulumi.Input[bool]] = None,
                fetch_tags: Optional[pulumi.Input[bool]] = None,
                filters: Optional[pulumi.Input[str]] = None,
                ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                name_regex: Optional[pulumi.Input[str]] = None,
                output_file: Optional[pulumi.Input[str]] = None,
                tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]
func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput

> Note: This function is named GetSecrets in the Go SDK.

public static class GetSecrets 
{
    public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
    public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: alicloud:kms/getSecrets:getSecrets
  arguments:
    # arguments dictionary

The following arguments are supported:

EnableDetails bool

Default to false. Set it to true can output more details.

FetchTags bool

Whether to include the predetermined resource tag in the return value. Default to false.

Filters string

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

Ids List<string>

A list of KMS Secret ids. The value is same as KMS secret_name.

NameRegex string

A regex string to filter the results by the KMS secret_name.

OutputFile string
Tags Dictionary<string, object>

A mapping of tags to assign to the resource.

EnableDetails bool

Default to false. Set it to true can output more details.

FetchTags bool

Whether to include the predetermined resource tag in the return value. Default to false.

Filters string

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

Ids []string

A list of KMS Secret ids. The value is same as KMS secret_name.

NameRegex string

A regex string to filter the results by the KMS secret_name.

OutputFile string
Tags map[string]interface{}

A mapping of tags to assign to the resource.

enableDetails Boolean

Default to false. Set it to true can output more details.

fetchTags Boolean

Whether to include the predetermined resource tag in the return value. Default to false.

filters String

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

ids List<String>

A list of KMS Secret ids. The value is same as KMS secret_name.

nameRegex String

A regex string to filter the results by the KMS secret_name.

outputFile String
tags Map<String,Object>

A mapping of tags to assign to the resource.

enableDetails boolean

Default to false. Set it to true can output more details.

fetchTags boolean

Whether to include the predetermined resource tag in the return value. Default to false.

filters string

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

ids string[]

A list of KMS Secret ids. The value is same as KMS secret_name.

nameRegex string

A regex string to filter the results by the KMS secret_name.

outputFile string
tags {[key: string]: any}

A mapping of tags to assign to the resource.

enable_details bool

Default to false. Set it to true can output more details.

fetch_tags bool

Whether to include the predetermined resource tag in the return value. Default to false.

filters str

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

ids Sequence[str]

A list of KMS Secret ids. The value is same as KMS secret_name.

name_regex str

A regex string to filter the results by the KMS secret_name.

output_file str
tags Mapping[str, Any]

A mapping of tags to assign to the resource.

enableDetails Boolean

Default to false. Set it to true can output more details.

fetchTags Boolean

Whether to include the predetermined resource tag in the return value. Default to false.

filters String

The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

ids List<String>

A list of KMS Secret ids. The value is same as KMS secret_name.

nameRegex String

A regex string to filter the results by the KMS secret_name.

outputFile String
tags Map<Any>

A mapping of tags to assign to the resource.

getSecrets Result

The following output properties are available:

Id string

The provider-assigned unique ID for this managed resource.

Ids List<string>

A list of Kms Secret ids. The value is same as KMS secret_name.

Names List<string>

A list of KMS Secret names.

Secrets List<Pulumi.AliCloud.Kms.Outputs.GetSecretsSecret>

A list of KMS Secrets. Each element contains the following attributes:

EnableDetails bool
FetchTags bool
Filters string
NameRegex string
OutputFile string
Tags Dictionary<string, object>

(Optional) A mapping of tags to assign to the resource.

Id string

The provider-assigned unique ID for this managed resource.

Ids []string

A list of Kms Secret ids. The value is same as KMS secret_name.

Names []string

A list of KMS Secret names.

Secrets []GetSecretsSecret

A list of KMS Secrets. Each element contains the following attributes:

EnableDetails bool
FetchTags bool
Filters string
NameRegex string
OutputFile string
Tags map[string]interface{}

(Optional) A mapping of tags to assign to the resource.

id String

The provider-assigned unique ID for this managed resource.

ids List<String>

A list of Kms Secret ids. The value is same as KMS secret_name.

names List<String>

A list of KMS Secret names.

secrets List<GetSecretsSecret>

A list of KMS Secrets. Each element contains the following attributes:

enableDetails Boolean
fetchTags Boolean
filters String
nameRegex String
outputFile String
tags Map<String,Object>

(Optional) A mapping of tags to assign to the resource.

id string

The provider-assigned unique ID for this managed resource.

ids string[]

A list of Kms Secret ids. The value is same as KMS secret_name.

names string[]

A list of KMS Secret names.

secrets GetSecretsSecret[]

A list of KMS Secrets. Each element contains the following attributes:

enableDetails boolean
fetchTags boolean
filters string
nameRegex string
outputFile string
tags {[key: string]: any}

(Optional) A mapping of tags to assign to the resource.

id str

The provider-assigned unique ID for this managed resource.

ids Sequence[str]

A list of Kms Secret ids. The value is same as KMS secret_name.

names Sequence[str]

A list of KMS Secret names.

secrets Sequence[GetSecretsSecret]

A list of KMS Secrets. Each element contains the following attributes:

enable_details bool
fetch_tags bool
filters str
name_regex str
output_file str
tags Mapping[str, Any]

(Optional) A mapping of tags to assign to the resource.

id String

The provider-assigned unique ID for this managed resource.

ids List<String>

A list of Kms Secret ids. The value is same as KMS secret_name.

names List<String>

A list of KMS Secret names.

secrets List<Property Map>

A list of KMS Secrets. Each element contains the following attributes:

enableDetails Boolean
fetchTags Boolean
filters String
nameRegex String
outputFile String
tags Map<Any>

(Optional) A mapping of tags to assign to the resource.

Supporting Types

GetSecretsSecret

Arn string

(Available in 1.124.0+) A mapping of tags to assign to the resource.

Description string

(Available in 1.124.0+) The description of the secret.

EncryptionKeyId string

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

Id string

ID of the Kms Secret. The value is same as KMS secret_name.

PlannedDeleteTime string

Schedule deletion time.

SecretData string

(Available in 1.124.0+) The value of the secret that you want to create.

SecretDataType string

(Available in 1.124.0+) The type of the secret data value.

SecretName string

Name of the KMS Secret.

SecretType string

(Available in 1.124.0+) The type of the secret.

Tags Dictionary<string, object>

A mapping of tags to assign to the resource.

VersionId string

(Available in 1.124.0+) The version number of the initial version.

VersionStages List<string>

(Available in 1.124.0+) The stage labels that mark the new secret version.

Arn string

(Available in 1.124.0+) A mapping of tags to assign to the resource.

Description string

(Available in 1.124.0+) The description of the secret.

EncryptionKeyId string

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

Id string

ID of the Kms Secret. The value is same as KMS secret_name.

PlannedDeleteTime string

Schedule deletion time.

SecretData string

(Available in 1.124.0+) The value of the secret that you want to create.

SecretDataType string

(Available in 1.124.0+) The type of the secret data value.

SecretName string

Name of the KMS Secret.

SecretType string

(Available in 1.124.0+) The type of the secret.

Tags map[string]interface{}

A mapping of tags to assign to the resource.

VersionId string

(Available in 1.124.0+) The version number of the initial version.

VersionStages []string

(Available in 1.124.0+) The stage labels that mark the new secret version.

arn String

(Available in 1.124.0+) A mapping of tags to assign to the resource.

description String

(Available in 1.124.0+) The description of the secret.

encryptionKeyId String

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

id String

ID of the Kms Secret. The value is same as KMS secret_name.

plannedDeleteTime String

Schedule deletion time.

secretData String

(Available in 1.124.0+) The value of the secret that you want to create.

secretDataType String

(Available in 1.124.0+) The type of the secret data value.

secretName String

Name of the KMS Secret.

secretType String

(Available in 1.124.0+) The type of the secret.

tags Map<String,Object>

A mapping of tags to assign to the resource.

versionId String

(Available in 1.124.0+) The version number of the initial version.

versionStages List<String>

(Available in 1.124.0+) The stage labels that mark the new secret version.

arn string

(Available in 1.124.0+) A mapping of tags to assign to the resource.

description string

(Available in 1.124.0+) The description of the secret.

encryptionKeyId string

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

id string

ID of the Kms Secret. The value is same as KMS secret_name.

plannedDeleteTime string

Schedule deletion time.

secretData string

(Available in 1.124.0+) The value of the secret that you want to create.

secretDataType string

(Available in 1.124.0+) The type of the secret data value.

secretName string

Name of the KMS Secret.

secretType string

(Available in 1.124.0+) The type of the secret.

tags {[key: string]: any}

A mapping of tags to assign to the resource.

versionId string

(Available in 1.124.0+) The version number of the initial version.

versionStages string[]

(Available in 1.124.0+) The stage labels that mark the new secret version.

arn str

(Available in 1.124.0+) A mapping of tags to assign to the resource.

description str

(Available in 1.124.0+) The description of the secret.

encryption_key_id str

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

id str

ID of the Kms Secret. The value is same as KMS secret_name.

planned_delete_time str

Schedule deletion time.

secret_data str

(Available in 1.124.0+) The value of the secret that you want to create.

secret_data_type str

(Available in 1.124.0+) The type of the secret data value.

secret_name str

Name of the KMS Secret.

secret_type str

(Available in 1.124.0+) The type of the secret.

tags Mapping[str, Any]

A mapping of tags to assign to the resource.

version_id str

(Available in 1.124.0+) The version number of the initial version.

version_stages Sequence[str]

(Available in 1.124.0+) The stage labels that mark the new secret version.

arn String

(Available in 1.124.0+) A mapping of tags to assign to the resource.

description String

(Available in 1.124.0+) The description of the secret.

encryptionKeyId String

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

id String

ID of the Kms Secret. The value is same as KMS secret_name.

plannedDeleteTime String

Schedule deletion time.

secretData String

(Available in 1.124.0+) The value of the secret that you want to create.

secretDataType String

(Available in 1.124.0+) The type of the secret data value.

secretName String

Name of the KMS Secret.

secretType String

(Available in 1.124.0+) The type of the secret.

tags Map<Any>

A mapping of tags to assign to the resource.

versionId String

(Available in 1.124.0+) The version number of the initial version.

versionStages List<String>

(Available in 1.124.0+) The stage labels that mark the new secret version.

Package Details

Repository
Alibaba Cloud pulumi/pulumi-alicloud
License
Apache-2.0
Notes

This Pulumi package is based on the alicloud Terraform Provider.