Docs
PackagesTry AWS Native preview for resources not in the classic version.
aws.kms.getCipherText
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
The KMS ciphertext data source allows you to encrypt plaintext into ciphertext
by using an AWS KMS customer master key. The value returned by this data source
changes every apply. For a stable ciphertext value, see the aws.kms.Ciphertext
resource.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var oauthConfig = new Aws.Kms.Key("oauthConfig", new()
{
Description = "oauth config",
IsEnabled = true,
});
var oauth = Aws.Kms.GetCipherText.Invoke(new()
{
KeyId = oauthConfig.KeyId,
Plaintext = @"{
""client_id"": ""e587dbae22222f55da22"",
""client_secret"": ""8289575d00000ace55e1815ec13673955721b8a5""
}
",
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
oauthConfig, err := kms.NewKey(ctx, "oauthConfig", &kms.KeyArgs{
Description: pulumi.String("oauth config"),
IsEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
_ = kms.GetCipherTextOutput(ctx, kms.GetCipherTextOutputArgs{
KeyId: oauthConfig.KeyId,
Plaintext: pulumi.String("{\n \"client_id\": \"e587dbae22222f55da22\",\n \"client_secret\": \"8289575d00000ace55e1815ec13673955721b8a5\"\n}\n"),
}, nil)
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.kms.KmsFunctions;
import com.pulumi.aws.kms.inputs.GetCipherTextArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var oauthConfig = new Key("oauthConfig", KeyArgs.builder()
.description("oauth config")
.isEnabled(true)
.build());
final var oauth = KmsFunctions.getCipherText(GetCipherTextArgs.builder()
.keyId(oauthConfig.keyId())
.plaintext("""
{
"client_id": "e587dbae22222f55da22",
"client_secret": "8289575d00000ace55e1815ec13673955721b8a5"
}
""")
.build());
}
}
import pulumi
import pulumi_aws as aws
oauth_config = aws.kms.Key("oauthConfig",
description="oauth config",
is_enabled=True)
oauth = aws.kms.get_cipher_text_output(key_id=oauth_config.key_id,
plaintext="""{
"client_id": "e587dbae22222f55da22",
"client_secret": "8289575d00000ace55e1815ec13673955721b8a5"
}
""")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const oauthConfig = new aws.kms.Key("oauthConfig", {
description: "oauth config",
isEnabled: true,
});
const oauth = aws.kms.getCipherTextOutput({
keyId: oauthConfig.keyId,
plaintext: `{
"client_id": "e587dbae22222f55da22",
"client_secret": "8289575d00000ace55e1815ec13673955721b8a5"
}
`,
});
resources:
oauthConfig:
type: aws:kms:Key
properties:
description: oauth config
isEnabled: true
variables:
oauth:
fn::invoke:
Function: aws:kms:getCipherText
Arguments:
keyId: ${oauthConfig.keyId}
plaintext: |
{
"client_id": "e587dbae22222f55da22",
"client_secret": "8289575d00000ace55e1815ec13673955721b8a5"
}
Using getCipherText
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCipherText(args: GetCipherTextArgs, opts?: InvokeOptions): Promise<GetCipherTextResult>
function getCipherTextOutput(args: GetCipherTextOutputArgs, opts?: InvokeOptions): Output<GetCipherTextResult>def get_cipher_text(context: Optional[Mapping[str, str]] = None,
key_id: Optional[str] = None,
plaintext: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetCipherTextResult
def get_cipher_text_output(context: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
key_id: Optional[pulumi.Input[str]] = None,
plaintext: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCipherTextResult]func GetCipherText(ctx *Context, args *GetCipherTextArgs, opts ...InvokeOption) (*GetCipherTextResult, error)
func GetCipherTextOutput(ctx *Context, args *GetCipherTextOutputArgs, opts ...InvokeOption) GetCipherTextResultOutput> Note: This function is named GetCipherText in the Go SDK.
public static class GetCipherText
{
public static Task<GetCipherTextResult> InvokeAsync(GetCipherTextArgs args, InvokeOptions? opts = null)
public static Output<GetCipherTextResult> Invoke(GetCipherTextInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetCipherTextResult> getCipherText(GetCipherTextArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:kms/getCipherText:getCipherText
arguments:
# arguments dictionaryThe following arguments are supported:
getCipherText Result
The following output properties are available:
- Ciphertext
Blob string Base64 encoded ciphertext
- Id string
The provider-assigned unique ID for this managed resource.
- Key
Id string - Plaintext string
- Context Dictionary<string, string>
- Ciphertext
Blob string Base64 encoded ciphertext
- Id string
The provider-assigned unique ID for this managed resource.
- Key
Id string - Plaintext string
- Context map[string]string
- ciphertext
Blob String Base64 encoded ciphertext
- id String
The provider-assigned unique ID for this managed resource.
- key
Id String - plaintext String
- context Map<String,String>
- ciphertext
Blob string Base64 encoded ciphertext
- id string
The provider-assigned unique ID for this managed resource.
- key
Id string - plaintext string
- context {[key: string]: string}
- ciphertext_
blob str Base64 encoded ciphertext
- id str
The provider-assigned unique ID for this managed resource.
- key_
id str - plaintext str
- context Mapping[str, str]
- ciphertext
Blob String Base64 encoded ciphertext
- id String
The provider-assigned unique ID for this managed resource.
- key
Id String - plaintext String
- context Map<String>
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.