alicloud.kms.getSecrets
This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.
NOTE: Available in v1.86.0+.
Example Usage
using System.Collections.Generic;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var kmsSecretsDs = AliCloud.Kms.GetSecrets.Invoke(new()
{
FetchTags = true,
NameRegex = "name_regex",
Tags =
{
{ "k-aa", "v-aa" },
{ "k-bb", "v-bb" },
},
});
return new Dictionary<string, object?>
{
["firstSecretId"] = kmsSecretsDs.Apply(getSecretsResult => getSecretsResult.Secrets[0]?.Id),
};
});
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
FetchTags: pulumi.BoolRef(true),
NameRegex: pulumi.StringRef("name_regex"),
Tags: map[string]interface{}{
"k-aa": "v-aa",
"k-bb": "v-bb",
},
}, nil)
if err != nil {
return err
}
ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.KmsFunctions;
import com.pulumi.alicloud.kms.inputs.GetSecretsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var kmsSecretsDs = KmsFunctions.getSecrets(GetSecretsArgs.builder()
.fetchTags(true)
.nameRegex("name_regex")
.tags(Map.ofEntries(
Map.entry("k-aa", "v-aa"),
Map.entry("k-bb", "v-bb")
))
.build());
ctx.export("firstSecretId", kmsSecretsDs.applyValue(getSecretsResult -> getSecretsResult.secrets()[0].id()));
}
}
import pulumi
import pulumi_alicloud as alicloud
kms_secrets_ds = alicloud.kms.get_secrets(fetch_tags=True,
name_regex="name_regex",
tags={
"k-aa": "v-aa",
"k-bb": "v-bb",
})
pulumi.export("firstSecretId", kms_secrets_ds.secrets[0].id)
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const kmsSecretsDs = alicloud.kms.getSecrets({
fetchTags: true,
nameRegex: "name_regex",
tags: {
"k-aa": "v-aa",
"k-bb": "v-bb",
},
});
export const firstSecretId = kmsSecretsDs.then(kmsSecretsDs => kmsSecretsDs.secrets?.[0]?.id);
variables:
kmsSecretsDs:
fn::invoke:
Function: alicloud:kms:getSecrets
Arguments:
fetchTags: true
nameRegex: name_regex
tags:
k-aa: v-aa
k-bb: v-bb
outputs:
firstSecretId: ${kmsSecretsDs.secrets[0].id}
Using getSecrets
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>def get_secrets(enable_details: Optional[bool] = None,
fetch_tags: Optional[bool] = None,
filters: Optional[str] = None,
ids: Optional[Sequence[str]] = None,
name_regex: Optional[str] = None,
output_file: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretsResult
def get_secrets_output(enable_details: Optional[pulumi.Input[bool]] = None,
fetch_tags: Optional[pulumi.Input[bool]] = None,
filters: Optional[pulumi.Input[str]] = None,
ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
name_regex: Optional[pulumi.Input[str]] = None,
output_file: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput> Note: This function is named GetSecrets in the Go SDK.
public static class GetSecrets
{
public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: alicloud:kms/getSecrets:getSecrets
arguments:
# arguments dictionaryThe following arguments are supported:
- Enable
Details bool Default to
false. Set it to true can output more details.- bool
Whether to include the predetermined resource tag in the return value. Default to
false.- Filters string
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- Ids List<string>
A list of KMS Secret ids. The value is same as KMS secret_name.
- Name
Regex string A regex string to filter the results by the KMS secret_name.
- Output
File string - Dictionary<string, object>
A mapping of tags to assign to the resource.
- Enable
Details bool Default to
false. Set it to true can output more details.- bool
Whether to include the predetermined resource tag in the return value. Default to
false.- Filters string
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- Ids []string
A list of KMS Secret ids. The value is same as KMS secret_name.
- Name
Regex string A regex string to filter the results by the KMS secret_name.
- Output
File string - map[string]interface{}
A mapping of tags to assign to the resource.
- enable
Details Boolean Default to
false. Set it to true can output more details.- Boolean
Whether to include the predetermined resource tag in the return value. Default to
false.- filters String
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids List<String>
A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex String A regex string to filter the results by the KMS secret_name.
- output
File String - Map<String,Object>
A mapping of tags to assign to the resource.
- enable
Details boolean Default to
false. Set it to true can output more details.- boolean
Whether to include the predetermined resource tag in the return value. Default to
false.- filters string
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids string[]
A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex string A regex string to filter the results by the KMS secret_name.
- output
File string - {[key: string]: any}
A mapping of tags to assign to the resource.
- enable_
details bool Default to
false. Set it to true can output more details.- bool
Whether to include the predetermined resource tag in the return value. Default to
false.- filters str
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids Sequence[str]
A list of KMS Secret ids. The value is same as KMS secret_name.
- name_
regex str A regex string to filter the results by the KMS secret_name.
- output_
file str - Mapping[str, Any]
A mapping of tags to assign to the resource.
- enable
Details Boolean Default to
false. Set it to true can output more details.- Boolean
Whether to include the predetermined resource tag in the return value. Default to
false.- filters String
The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids List<String>
A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex String A regex string to filter the results by the KMS secret_name.
- output
File String - Map<Any>
A mapping of tags to assign to the resource.
getSecrets Result
The following output properties are available:
- Id string
The provider-assigned unique ID for this managed resource.
- Ids List<string>
A list of Kms Secret ids. The value is same as KMS secret_name.
- Names List<string>
A list of KMS Secret names.
- Secrets
List<Pulumi.
Ali Cloud. Kms. Outputs. Get Secrets Secret> A list of KMS Secrets. Each element contains the following attributes:
- Enable
Details bool - bool
- Filters string
- Name
Regex string - Output
File string - Dictionary<string, object>
(Optional) A mapping of tags to assign to the resource.
- Id string
The provider-assigned unique ID for this managed resource.
- Ids []string
A list of Kms Secret ids. The value is same as KMS secret_name.
- Names []string
A list of KMS Secret names.
- Secrets
[]Get
Secrets Secret A list of KMS Secrets. Each element contains the following attributes:
- Enable
Details bool - bool
- Filters string
- Name
Regex string - Output
File string - map[string]interface{}
(Optional) A mapping of tags to assign to the resource.
- id String
The provider-assigned unique ID for this managed resource.
- ids List<String>
A list of Kms Secret ids. The value is same as KMS secret_name.
- names List<String>
A list of KMS Secret names.
- secrets
List<Get
Secrets Secret> A list of KMS Secrets. Each element contains the following attributes:
- enable
Details Boolean - Boolean
- filters String
- name
Regex String - output
File String - Map<String,Object>
(Optional) A mapping of tags to assign to the resource.
- id string
The provider-assigned unique ID for this managed resource.
- ids string[]
A list of Kms Secret ids. The value is same as KMS secret_name.
- names string[]
A list of KMS Secret names.
- secrets
Get
Secrets Secret[] A list of KMS Secrets. Each element contains the following attributes:
- enable
Details boolean - boolean
- filters string
- name
Regex string - output
File string - {[key: string]: any}
(Optional) A mapping of tags to assign to the resource.
- id str
The provider-assigned unique ID for this managed resource.
- ids Sequence[str]
A list of Kms Secret ids. The value is same as KMS secret_name.
- names Sequence[str]
A list of KMS Secret names.
- secrets
Sequence[Get
Secrets Secret] A list of KMS Secrets. Each element contains the following attributes:
- enable_
details bool - bool
- filters str
- name_
regex str - output_
file str - Mapping[str, Any]
(Optional) A mapping of tags to assign to the resource.
- id String
The provider-assigned unique ID for this managed resource.
- ids List<String>
A list of Kms Secret ids. The value is same as KMS secret_name.
- names List<String>
A list of KMS Secret names.
- secrets List<Property Map>
A list of KMS Secrets. Each element contains the following attributes:
- enable
Details Boolean - Boolean
- filters String
- name
Regex String - output
File String - Map<Any>
(Optional) A mapping of tags to assign to the resource.
Supporting Types
GetSecretsSecret
- Arn string
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- Description string
(Available in 1.124.0+) The description of the secret.
- Encryption
Key stringId (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- Id string
ID of the Kms Secret. The value is same as KMS secret_name.
- Planned
Delete stringTime Schedule deletion time.
- Secret
Data string (Available in 1.124.0+) The value of the secret that you want to create.
- Secret
Data stringType (Available in 1.124.0+) The type of the secret data value.
- Secret
Name string Name of the KMS Secret.
- Secret
Type string (Available in 1.124.0+) The type of the secret.
- Dictionary<string, object>
A mapping of tags to assign to the resource.
- Version
Id string (Available in 1.124.0+) The version number of the initial version.
- Version
Stages List<string> (Available in 1.124.0+) The stage labels that mark the new secret version.
- Arn string
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- Description string
(Available in 1.124.0+) The description of the secret.
- Encryption
Key stringId (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- Id string
ID of the Kms Secret. The value is same as KMS secret_name.
- Planned
Delete stringTime Schedule deletion time.
- Secret
Data string (Available in 1.124.0+) The value of the secret that you want to create.
- Secret
Data stringType (Available in 1.124.0+) The type of the secret data value.
- Secret
Name string Name of the KMS Secret.
- Secret
Type string (Available in 1.124.0+) The type of the secret.
- map[string]interface{}
A mapping of tags to assign to the resource.
- Version
Id string (Available in 1.124.0+) The version number of the initial version.
- Version
Stages []string (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn String
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- description String
(Available in 1.124.0+) The description of the secret.
- encryption
Key StringId (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id String
ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete StringTime Schedule deletion time.
- secret
Data String (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data StringType (Available in 1.124.0+) The type of the secret data value.
- secret
Name String Name of the KMS Secret.
- secret
Type String (Available in 1.124.0+) The type of the secret.
- Map<String,Object>
A mapping of tags to assign to the resource.
- version
Id String (Available in 1.124.0+) The version number of the initial version.
- version
Stages List<String> (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn string
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- description string
(Available in 1.124.0+) The description of the secret.
- encryption
Key stringId (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id string
ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete stringTime Schedule deletion time.
- secret
Data string (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data stringType (Available in 1.124.0+) The type of the secret data value.
- secret
Name string Name of the KMS Secret.
- secret
Type string (Available in 1.124.0+) The type of the secret.
- {[key: string]: any}
A mapping of tags to assign to the resource.
- version
Id string (Available in 1.124.0+) The version number of the initial version.
- version
Stages string[] (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn str
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- description str
(Available in 1.124.0+) The description of the secret.
- encryption_
key_ strid (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id str
ID of the Kms Secret. The value is same as KMS secret_name.
- planned_
delete_ strtime Schedule deletion time.
- secret_
data str (Available in 1.124.0+) The value of the secret that you want to create.
- secret_
data_ strtype (Available in 1.124.0+) The type of the secret data value.
- secret_
name str Name of the KMS Secret.
- secret_
type str (Available in 1.124.0+) The type of the secret.
- Mapping[str, Any]
A mapping of tags to assign to the resource.
- version_
id str (Available in 1.124.0+) The version number of the initial version.
- version_
stages Sequence[str] (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn String
(Available in 1.124.0+) A mapping of tags to assign to the resource.
- description String
(Available in 1.124.0+) The description of the secret.
- encryption
Key StringId (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id String
ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete StringTime Schedule deletion time.
- secret
Data String (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data StringType (Available in 1.124.0+) The type of the secret data value.
- secret
Name String Name of the KMS Secret.
- secret
Type String (Available in 1.124.0+) The type of the secret.
- Map<Any>
A mapping of tags to assign to the resource.
- version
Id String (Available in 1.124.0+) The version number of the initial version.
- version
Stages List<String> (Available in 1.124.0+) The stage labels that mark the new secret version.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
alicloudTerraform Provider.