1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. kms
  5. getSecrets
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

alicloud.kms.getSecrets

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

    This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.

    NOTE: Available in v1.86.0+.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var kmsSecretsDs = AliCloud.Kms.GetSecrets.Invoke(new()
        {
            FetchTags = true,
            NameRegex = "name_regex",
            Tags = 
            {
                { "k-aa", "v-aa" },
                { "k-bb", "v-bb" },
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["firstSecretId"] = kmsSecretsDs.Apply(getSecretsResult => getSecretsResult.Secrets[0]?.Id),
        };
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
    			FetchTags: pulumi.BoolRef(true),
    			NameRegex: pulumi.StringRef("name_regex"),
    			Tags: map[string]interface{}{
    				"k-aa": "v-aa",
    				"k-bb": "v-bb",
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.kms.KmsFunctions;
    import com.pulumi.alicloud.kms.inputs.GetSecretsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var kmsSecretsDs = KmsFunctions.getSecrets(GetSecretsArgs.builder()
                .fetchTags(true)
                .nameRegex("name_regex")
                .tags(Map.ofEntries(
                    Map.entry("k-aa", "v-aa"),
                    Map.entry("k-bb", "v-bb")
                ))
                .build());
    
            ctx.export("firstSecretId", kmsSecretsDs.applyValue(getSecretsResult -> getSecretsResult.secrets()[0].id()));
        }
    }
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    kms_secrets_ds = alicloud.kms.get_secrets(fetch_tags=True,
        name_regex="name_regex",
        tags={
            "k-aa": "v-aa",
            "k-bb": "v-bb",
        })
    pulumi.export("firstSecretId", kms_secrets_ds.secrets[0].id)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const kmsSecretsDs = alicloud.kms.getSecrets({
        fetchTags: true,
        nameRegex: "name_regex",
        tags: {
            "k-aa": "v-aa",
            "k-bb": "v-bb",
        },
    });
    export const firstSecretId = kmsSecretsDs.then(kmsSecretsDs => kmsSecretsDs.secrets?.[0]?.id);
    
    variables:
      kmsSecretsDs:
        fn::invoke:
          Function: alicloud:kms:getSecrets
          Arguments:
            fetchTags: true
            nameRegex: name_regex
            tags:
              k-aa: v-aa
              k-bb: v-bb
    outputs:
      firstSecretId: ${kmsSecretsDs.secrets[0].id}
    

    Using getSecrets

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
    function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>
    def get_secrets(enable_details: Optional[bool] = None,
                    fetch_tags: Optional[bool] = None,
                    filters: Optional[str] = None,
                    ids: Optional[Sequence[str]] = None,
                    name_regex: Optional[str] = None,
                    output_file: Optional[str] = None,
                    tags: Optional[Mapping[str, Any]] = None,
                    opts: Optional[InvokeOptions] = None) -> GetSecretsResult
    def get_secrets_output(enable_details: Optional[pulumi.Input[bool]] = None,
                    fetch_tags: Optional[pulumi.Input[bool]] = None,
                    filters: Optional[pulumi.Input[str]] = None,
                    ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                    name_regex: Optional[pulumi.Input[str]] = None,
                    output_file: Optional[pulumi.Input[str]] = None,
                    tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]
    func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
    func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput

    > Note: This function is named GetSecrets in the Go SDK.

    public static class GetSecrets 
    {
        public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
        public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: alicloud:kms/getSecrets:getSecrets
      arguments:
        # arguments dictionary

    The following arguments are supported:

    EnableDetails bool

    Default to false. Set it to true can output more details.

    FetchTags bool

    Whether to include the predetermined resource tag in the return value. Default to false.

    Filters string

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    Ids List<string>

    A list of KMS Secret ids. The value is same as KMS secret_name.

    NameRegex string

    A regex string to filter the results by the KMS secret_name.

    OutputFile string

    File name where to save data source results (after running pulumi preview).

    Tags Dictionary<string, object>

    A mapping of tags to assign to the resource.

    EnableDetails bool

    Default to false. Set it to true can output more details.

    FetchTags bool

    Whether to include the predetermined resource tag in the return value. Default to false.

    Filters string

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    Ids []string

    A list of KMS Secret ids. The value is same as KMS secret_name.

    NameRegex string

    A regex string to filter the results by the KMS secret_name.

    OutputFile string

    File name where to save data source results (after running pulumi preview).

    Tags map[string]interface{}

    A mapping of tags to assign to the resource.

    enableDetails Boolean

    Default to false. Set it to true can output more details.

    fetchTags Boolean

    Whether to include the predetermined resource tag in the return value. Default to false.

    filters String

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    ids List<String>

    A list of KMS Secret ids. The value is same as KMS secret_name.

    nameRegex String

    A regex string to filter the results by the KMS secret_name.

    outputFile String

    File name where to save data source results (after running pulumi preview).

    tags Map<String,Object>

    A mapping of tags to assign to the resource.

    enableDetails boolean

    Default to false. Set it to true can output more details.

    fetchTags boolean

    Whether to include the predetermined resource tag in the return value. Default to false.

    filters string

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    ids string[]

    A list of KMS Secret ids. The value is same as KMS secret_name.

    nameRegex string

    A regex string to filter the results by the KMS secret_name.

    outputFile string

    File name where to save data source results (after running pulumi preview).

    tags {[key: string]: any}

    A mapping of tags to assign to the resource.

    enable_details bool

    Default to false. Set it to true can output more details.

    fetch_tags bool

    Whether to include the predetermined resource tag in the return value. Default to false.

    filters str

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    ids Sequence[str]

    A list of KMS Secret ids. The value is same as KMS secret_name.

    name_regex str

    A regex string to filter the results by the KMS secret_name.

    output_file str

    File name where to save data source results (after running pulumi preview).

    tags Mapping[str, Any]

    A mapping of tags to assign to the resource.

    enableDetails Boolean

    Default to false. Set it to true can output more details.

    fetchTags Boolean

    Whether to include the predetermined resource tag in the return value. Default to false.

    filters String

    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.

    ids List<String>

    A list of KMS Secret ids. The value is same as KMS secret_name.

    nameRegex String

    A regex string to filter the results by the KMS secret_name.

    outputFile String

    File name where to save data source results (after running pulumi preview).

    tags Map<Any>

    A mapping of tags to assign to the resource.

    getSecrets Result

    The following output properties are available:

    Id string

    The provider-assigned unique ID for this managed resource.

    Ids List<string>

    A list of Kms Secret ids. The value is same as KMS secret_name.

    Names List<string>

    A list of KMS Secret names.

    Secrets List<Pulumi.AliCloud.Kms.Outputs.GetSecretsSecret>

    A list of KMS Secrets. Each element contains the following attributes:

    EnableDetails bool
    FetchTags bool
    Filters string
    NameRegex string
    OutputFile string
    Tags Dictionary<string, object>

    (Optional) A mapping of tags to assign to the resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    Ids []string

    A list of Kms Secret ids. The value is same as KMS secret_name.

    Names []string

    A list of KMS Secret names.

    Secrets []GetSecretsSecret

    A list of KMS Secrets. Each element contains the following attributes:

    EnableDetails bool
    FetchTags bool
    Filters string
    NameRegex string
    OutputFile string
    Tags map[string]interface{}

    (Optional) A mapping of tags to assign to the resource.

    id String

    The provider-assigned unique ID for this managed resource.

    ids List<String>

    A list of Kms Secret ids. The value is same as KMS secret_name.

    names List<String>

    A list of KMS Secret names.

    secrets List<GetSecretsSecret>

    A list of KMS Secrets. Each element contains the following attributes:

    enableDetails Boolean
    fetchTags Boolean
    filters String
    nameRegex String
    outputFile String
    tags Map<String,Object>

    (Optional) A mapping of tags to assign to the resource.

    id string

    The provider-assigned unique ID for this managed resource.

    ids string[]

    A list of Kms Secret ids. The value is same as KMS secret_name.

    names string[]

    A list of KMS Secret names.

    secrets GetSecretsSecret[]

    A list of KMS Secrets. Each element contains the following attributes:

    enableDetails boolean
    fetchTags boolean
    filters string
    nameRegex string
    outputFile string
    tags {[key: string]: any}

    (Optional) A mapping of tags to assign to the resource.

    id str

    The provider-assigned unique ID for this managed resource.

    ids Sequence[str]

    A list of Kms Secret ids. The value is same as KMS secret_name.

    names Sequence[str]

    A list of KMS Secret names.

    secrets Sequence[GetSecretsSecret]

    A list of KMS Secrets. Each element contains the following attributes:

    enable_details bool
    fetch_tags bool
    filters str
    name_regex str
    output_file str
    tags Mapping[str, Any]

    (Optional) A mapping of tags to assign to the resource.

    id String

    The provider-assigned unique ID for this managed resource.

    ids List<String>

    A list of Kms Secret ids. The value is same as KMS secret_name.

    names List<String>

    A list of KMS Secret names.

    secrets List<Property Map>

    A list of KMS Secrets. Each element contains the following attributes:

    enableDetails Boolean
    fetchTags Boolean
    filters String
    nameRegex String
    outputFile String
    tags Map<Any>

    (Optional) A mapping of tags to assign to the resource.

    Supporting Types

    GetSecretsSecret

    Arn string

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    Description string

    (Available in 1.124.0+) The description of the secret.

    EncryptionKeyId string

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    Id string

    ID of the Kms Secret. The value is same as KMS secret_name.

    PlannedDeleteTime string

    Schedule deletion time.

    SecretData string

    (Available in 1.124.0+) The value of the secret that you want to create.

    SecretDataType string

    (Available in 1.124.0+) The type of the secret data value.

    SecretName string

    Name of the KMS Secret.

    SecretType string

    (Available in 1.124.0+) The type of the secret.

    Tags Dictionary<string, object>

    A mapping of tags to assign to the resource.

    VersionId string

    (Available in 1.124.0+) The version number of the initial version.

    VersionStages List<string>

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    Arn string

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    Description string

    (Available in 1.124.0+) The description of the secret.

    EncryptionKeyId string

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    Id string

    ID of the Kms Secret. The value is same as KMS secret_name.

    PlannedDeleteTime string

    Schedule deletion time.

    SecretData string

    (Available in 1.124.0+) The value of the secret that you want to create.

    SecretDataType string

    (Available in 1.124.0+) The type of the secret data value.

    SecretName string

    Name of the KMS Secret.

    SecretType string

    (Available in 1.124.0+) The type of the secret.

    Tags map[string]interface{}

    A mapping of tags to assign to the resource.

    VersionId string

    (Available in 1.124.0+) The version number of the initial version.

    VersionStages []string

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    arn String

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    description String

    (Available in 1.124.0+) The description of the secret.

    encryptionKeyId String

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    id String

    ID of the Kms Secret. The value is same as KMS secret_name.

    plannedDeleteTime String

    Schedule deletion time.

    secretData String

    (Available in 1.124.0+) The value of the secret that you want to create.

    secretDataType String

    (Available in 1.124.0+) The type of the secret data value.

    secretName String

    Name of the KMS Secret.

    secretType String

    (Available in 1.124.0+) The type of the secret.

    tags Map<String,Object>

    A mapping of tags to assign to the resource.

    versionId String

    (Available in 1.124.0+) The version number of the initial version.

    versionStages List<String>

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    arn string

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    description string

    (Available in 1.124.0+) The description of the secret.

    encryptionKeyId string

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    id string

    ID of the Kms Secret. The value is same as KMS secret_name.

    plannedDeleteTime string

    Schedule deletion time.

    secretData string

    (Available in 1.124.0+) The value of the secret that you want to create.

    secretDataType string

    (Available in 1.124.0+) The type of the secret data value.

    secretName string

    Name of the KMS Secret.

    secretType string

    (Available in 1.124.0+) The type of the secret.

    tags {[key: string]: any}

    A mapping of tags to assign to the resource.

    versionId string

    (Available in 1.124.0+) The version number of the initial version.

    versionStages string[]

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    arn str

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    description str

    (Available in 1.124.0+) The description of the secret.

    encryption_key_id str

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    id str

    ID of the Kms Secret. The value is same as KMS secret_name.

    planned_delete_time str

    Schedule deletion time.

    secret_data str

    (Available in 1.124.0+) The value of the secret that you want to create.

    secret_data_type str

    (Available in 1.124.0+) The type of the secret data value.

    secret_name str

    Name of the KMS Secret.

    secret_type str

    (Available in 1.124.0+) The type of the secret.

    tags Mapping[str, Any]

    A mapping of tags to assign to the resource.

    version_id str

    (Available in 1.124.0+) The version number of the initial version.

    version_stages Sequence[str]

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    arn String

    (Available in 1.124.0+) A mapping of tags to assign to the resource.

    description String

    (Available in 1.124.0+) The description of the secret.

    encryptionKeyId String

    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

    id String

    ID of the Kms Secret. The value is same as KMS secret_name.

    plannedDeleteTime String

    Schedule deletion time.

    secretData String

    (Available in 1.124.0+) The value of the secret that you want to create.

    secretDataType String

    (Available in 1.124.0+) The type of the secret data value.

    secretName String

    Name of the KMS Secret.

    secretType String

    (Available in 1.124.0+) The type of the secret.

    tags Map<Any>

    A mapping of tags to assign to the resource.

    versionId String

    (Available in 1.124.0+) The version number of the initial version.

    versionStages List<String>

    (Available in 1.124.0+) The stage labels that mark the new secret version.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the alicloud Terraform Provider.

    alicloud logo
    Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi