1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. kms
  5. getSecrets
Alibaba Cloud v3.59.0 published on Friday, Jul 12, 2024 by Pulumi

alicloud.kms.getSecrets

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.59.0 published on Friday, Jul 12, 2024 by Pulumi

    This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.

    NOTE: Available in v1.86.0+.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    // Declare the data source
    const kmsSecretsDs = alicloud.kms.getSecrets({
        fetchTags: true,
        nameRegex: "name_regex",
        tags: {
            "k-aa": "v-aa",
            "k-bb": "v-bb",
        },
    });
    export const firstSecretId = kmsSecretsDs.then(kmsSecretsDs => kmsSecretsDs.secrets?.[0]?.id);
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    # Declare the data source
    kms_secrets_ds = alicloud.kms.get_secrets(fetch_tags=True,
        name_regex="name_regex",
        tags={
            "k-aa": "v-aa",
            "k-bb": "v-bb",
        })
    pulumi.export("firstSecretId", kms_secrets_ds.secrets[0].id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// Declare the data source
    		kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
    			FetchTags: pulumi.BoolRef(true),
    			NameRegex: pulumi.StringRef("name_regex"),
    			Tags: map[string]interface{}{
    				"k-aa": "v-aa",
    				"k-bb": "v-bb",
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        // Declare the data source
        var kmsSecretsDs = AliCloud.Kms.GetSecrets.Invoke(new()
        {
            FetchTags = true,
            NameRegex = "name_regex",
            Tags = 
            {
                { "k-aa", "v-aa" },
                { "k-bb", "v-bb" },
            },
        });
    
        return new Dictionary<string, object?>
        {
            ["firstSecretId"] = kmsSecretsDs.Apply(getSecretsResult => getSecretsResult.Secrets[0]?.Id),
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.kms.KmsFunctions;
    import com.pulumi.alicloud.kms.inputs.GetSecretsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // Declare the data source
            final var kmsSecretsDs = KmsFunctions.getSecrets(GetSecretsArgs.builder()
                .fetchTags(true)
                .nameRegex("name_regex")
                .tags(Map.ofEntries(
                    Map.entry("k-aa", "v-aa"),
                    Map.entry("k-bb", "v-bb")
                ))
                .build());
    
            ctx.export("firstSecretId", kmsSecretsDs.applyValue(getSecretsResult -> getSecretsResult.secrets()[0].id()));
        }
    }
    
    variables:
      # Declare the data source
      kmsSecretsDs:
        fn::invoke:
          Function: alicloud:kms:getSecrets
          Arguments:
            fetchTags: true
            nameRegex: name_regex
            tags:
              k-aa: v-aa
              k-bb: v-bb
    outputs:
      firstSecretId: ${kmsSecretsDs.secrets[0].id}
    

    Using getSecrets

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
    function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>
    def get_secrets(enable_details: Optional[bool] = None,
                    fetch_tags: Optional[bool] = None,
                    filters: Optional[str] = None,
                    ids: Optional[Sequence[str]] = None,
                    name_regex: Optional[str] = None,
                    output_file: Optional[str] = None,
                    tags: Optional[Mapping[str, Any]] = None,
                    opts: Optional[InvokeOptions] = None) -> GetSecretsResult
    def get_secrets_output(enable_details: Optional[pulumi.Input[bool]] = None,
                    fetch_tags: Optional[pulumi.Input[bool]] = None,
                    filters: Optional[pulumi.Input[str]] = None,
                    ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                    name_regex: Optional[pulumi.Input[str]] = None,
                    output_file: Optional[pulumi.Input[str]] = None,
                    tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]
    func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
    func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput

    > Note: This function is named GetSecrets in the Go SDK.

    public static class GetSecrets 
    {
        public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
        public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: alicloud:kms/getSecrets:getSecrets
      arguments:
        # arguments dictionary

    The following arguments are supported:

    EnableDetails bool
    Default to false. Set it to true can output more details.
    FetchTags bool
    Whether to include the predetermined resource tag in the return value. Default to false.
    Filters string
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    Ids List<string>
    A list of KMS Secret ids. The value is same as KMS secret_name.
    NameRegex string
    A regex string to filter the results by the KMS secret_name.
    OutputFile string
    File name where to save data source results (after running pulumi preview).
    Tags Dictionary<string, object>
    A mapping of tags to assign to the resource.
    EnableDetails bool
    Default to false. Set it to true can output more details.
    FetchTags bool
    Whether to include the predetermined resource tag in the return value. Default to false.
    Filters string
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    Ids []string
    A list of KMS Secret ids. The value is same as KMS secret_name.
    NameRegex string
    A regex string to filter the results by the KMS secret_name.
    OutputFile string
    File name where to save data source results (after running pulumi preview).
    Tags map[string]interface{}
    A mapping of tags to assign to the resource.
    enableDetails Boolean
    Default to false. Set it to true can output more details.
    fetchTags Boolean
    Whether to include the predetermined resource tag in the return value. Default to false.
    filters String
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    ids List<String>
    A list of KMS Secret ids. The value is same as KMS secret_name.
    nameRegex String
    A regex string to filter the results by the KMS secret_name.
    outputFile String
    File name where to save data source results (after running pulumi preview).
    tags Map<String,Object>
    A mapping of tags to assign to the resource.
    enableDetails boolean
    Default to false. Set it to true can output more details.
    fetchTags boolean
    Whether to include the predetermined resource tag in the return value. Default to false.
    filters string
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    ids string[]
    A list of KMS Secret ids. The value is same as KMS secret_name.
    nameRegex string
    A regex string to filter the results by the KMS secret_name.
    outputFile string
    File name where to save data source results (after running pulumi preview).
    tags {[key: string]: any}
    A mapping of tags to assign to the resource.
    enable_details bool
    Default to false. Set it to true can output more details.
    fetch_tags bool
    Whether to include the predetermined resource tag in the return value. Default to false.
    filters str
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    ids Sequence[str]
    A list of KMS Secret ids. The value is same as KMS secret_name.
    name_regex str
    A regex string to filter the results by the KMS secret_name.
    output_file str
    File name where to save data source results (after running pulumi preview).
    tags Mapping[str, Any]
    A mapping of tags to assign to the resource.
    enableDetails Boolean
    Default to false. Set it to true can output more details.
    fetchTags Boolean
    Whether to include the predetermined resource tag in the return value. Default to false.
    filters String
    The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
    ids List<String>
    A list of KMS Secret ids. The value is same as KMS secret_name.
    nameRegex String
    A regex string to filter the results by the KMS secret_name.
    outputFile String
    File name where to save data source results (after running pulumi preview).
    tags Map<Any>
    A mapping of tags to assign to the resource.

    getSecrets Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    Ids List<string>
    A list of Kms Secret ids. The value is same as KMS secret_name.
    Names List<string>
    A list of KMS Secret names.
    Secrets List<Pulumi.AliCloud.Kms.Outputs.GetSecretsSecret>
    A list of KMS Secrets. Each element contains the following attributes:
    EnableDetails bool
    FetchTags bool
    Filters string
    NameRegex string
    OutputFile string
    Tags Dictionary<string, object>
    (Optional) A mapping of tags to assign to the resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    Ids []string
    A list of Kms Secret ids. The value is same as KMS secret_name.
    Names []string
    A list of KMS Secret names.
    Secrets []GetSecretsSecret
    A list of KMS Secrets. Each element contains the following attributes:
    EnableDetails bool
    FetchTags bool
    Filters string
    NameRegex string
    OutputFile string
    Tags map[string]interface{}
    (Optional) A mapping of tags to assign to the resource.
    id String
    The provider-assigned unique ID for this managed resource.
    ids List<String>
    A list of Kms Secret ids. The value is same as KMS secret_name.
    names List<String>
    A list of KMS Secret names.
    secrets List<GetSecretsSecret>
    A list of KMS Secrets. Each element contains the following attributes:
    enableDetails Boolean
    fetchTags Boolean
    filters String
    nameRegex String
    outputFile String
    tags Map<String,Object>
    (Optional) A mapping of tags to assign to the resource.
    id string
    The provider-assigned unique ID for this managed resource.
    ids string[]
    A list of Kms Secret ids. The value is same as KMS secret_name.
    names string[]
    A list of KMS Secret names.
    secrets GetSecretsSecret[]
    A list of KMS Secrets. Each element contains the following attributes:
    enableDetails boolean
    fetchTags boolean
    filters string
    nameRegex string
    outputFile string
    tags {[key: string]: any}
    (Optional) A mapping of tags to assign to the resource.
    id str
    The provider-assigned unique ID for this managed resource.
    ids Sequence[str]
    A list of Kms Secret ids. The value is same as KMS secret_name.
    names Sequence[str]
    A list of KMS Secret names.
    secrets Sequence[GetSecretsSecret]
    A list of KMS Secrets. Each element contains the following attributes:
    enable_details bool
    fetch_tags bool
    filters str
    name_regex str
    output_file str
    tags Mapping[str, Any]
    (Optional) A mapping of tags to assign to the resource.
    id String
    The provider-assigned unique ID for this managed resource.
    ids List<String>
    A list of Kms Secret ids. The value is same as KMS secret_name.
    names List<String>
    A list of KMS Secret names.
    secrets List<Property Map>
    A list of KMS Secrets. Each element contains the following attributes:
    enableDetails Boolean
    fetchTags Boolean
    filters String
    nameRegex String
    outputFile String
    tags Map<Any>
    (Optional) A mapping of tags to assign to the resource.

    Supporting Types

    GetSecretsSecret

    Arn string
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    Description string
    (Available in 1.124.0+) The description of the secret.
    EncryptionKeyId string
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    Id string
    ID of the Kms Secret. The value is same as KMS secret_name.
    PlannedDeleteTime string
    Schedule deletion time.
    SecretData string
    (Available in 1.124.0+) The value of the secret that you want to create.
    SecretDataType string
    (Available in 1.124.0+) The type of the secret data value.
    SecretName string
    Name of the KMS Secret.
    SecretType string
    (Available in 1.124.0+) The type of the secret.
    Tags Dictionary<string, object>
    A mapping of tags to assign to the resource.
    VersionId string
    (Available in 1.124.0+) The version number of the initial version.
    VersionStages List<string>
    (Available in 1.124.0+) The stage labels that mark the new secret version.
    Arn string
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    Description string
    (Available in 1.124.0+) The description of the secret.
    EncryptionKeyId string
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    Id string
    ID of the Kms Secret. The value is same as KMS secret_name.
    PlannedDeleteTime string
    Schedule deletion time.
    SecretData string
    (Available in 1.124.0+) The value of the secret that you want to create.
    SecretDataType string
    (Available in 1.124.0+) The type of the secret data value.
    SecretName string
    Name of the KMS Secret.
    SecretType string
    (Available in 1.124.0+) The type of the secret.
    Tags map[string]interface{}
    A mapping of tags to assign to the resource.
    VersionId string
    (Available in 1.124.0+) The version number of the initial version.
    VersionStages []string
    (Available in 1.124.0+) The stage labels that mark the new secret version.
    arn String
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    description String
    (Available in 1.124.0+) The description of the secret.
    encryptionKeyId String
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    id String
    ID of the Kms Secret. The value is same as KMS secret_name.
    plannedDeleteTime String
    Schedule deletion time.
    secretData String
    (Available in 1.124.0+) The value of the secret that you want to create.
    secretDataType String
    (Available in 1.124.0+) The type of the secret data value.
    secretName String
    Name of the KMS Secret.
    secretType String
    (Available in 1.124.0+) The type of the secret.
    tags Map<String,Object>
    A mapping of tags to assign to the resource.
    versionId String
    (Available in 1.124.0+) The version number of the initial version.
    versionStages List<String>
    (Available in 1.124.0+) The stage labels that mark the new secret version.
    arn string
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    description string
    (Available in 1.124.0+) The description of the secret.
    encryptionKeyId string
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    id string
    ID of the Kms Secret. The value is same as KMS secret_name.
    plannedDeleteTime string
    Schedule deletion time.
    secretData string
    (Available in 1.124.0+) The value of the secret that you want to create.
    secretDataType string
    (Available in 1.124.0+) The type of the secret data value.
    secretName string
    Name of the KMS Secret.
    secretType string
    (Available in 1.124.0+) The type of the secret.
    tags {[key: string]: any}
    A mapping of tags to assign to the resource.
    versionId string
    (Available in 1.124.0+) The version number of the initial version.
    versionStages string[]
    (Available in 1.124.0+) The stage labels that mark the new secret version.
    arn str
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    description str
    (Available in 1.124.0+) The description of the secret.
    encryption_key_id str
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    id str
    ID of the Kms Secret. The value is same as KMS secret_name.
    planned_delete_time str
    Schedule deletion time.
    secret_data str
    (Available in 1.124.0+) The value of the secret that you want to create.
    secret_data_type str
    (Available in 1.124.0+) The type of the secret data value.
    secret_name str
    Name of the KMS Secret.
    secret_type str
    (Available in 1.124.0+) The type of the secret.
    tags Mapping[str, Any]
    A mapping of tags to assign to the resource.
    version_id str
    (Available in 1.124.0+) The version number of the initial version.
    version_stages Sequence[str]
    (Available in 1.124.0+) The stage labels that mark the new secret version.
    arn String
    (Available in 1.124.0+) A mapping of tags to assign to the resource.
    description String
    (Available in 1.124.0+) The description of the secret.
    encryptionKeyId String
    (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
    id String
    ID of the Kms Secret. The value is same as KMS secret_name.
    plannedDeleteTime String
    Schedule deletion time.
    secretData String
    (Available in 1.124.0+) The value of the secret that you want to create.
    secretDataType String
    (Available in 1.124.0+) The type of the secret data value.
    secretName String
    Name of the KMS Secret.
    secretType String
    (Available in 1.124.0+) The type of the secret.
    tags Map<Any>
    A mapping of tags to assign to the resource.
    versionId String
    (Available in 1.124.0+) The version number of the initial version.
    versionStages List<String>
    (Available in 1.124.0+) The stage labels that mark the new secret version.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.59.0 published on Friday, Jul 12, 2024 by Pulumi