Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
Retrieve metadata information about a Secrets Manager secret. To retrieve a secret value, see the aws.secretsmanager.SecretVersion data source.
Example Usage
ARN
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var by_arn = Aws.SecretsManager.GetSecret.Invoke(new()
{
Arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456",
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := secretsmanager.LookupSecret(ctx, &secretsmanager.LookupSecretArgs{
Arn: pulumi.StringRef("arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456"),
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;
import com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var by-arn = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()
.arn("arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const by-arn = aws.secretsmanager.getSecret({
arn: "arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456",
});
import pulumi
import pulumi_aws as aws
by_arn = aws.secretsmanager.get_secret(arn="arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456")
variables:
by-arn:
fn::invoke:
Function: aws:secretsmanager:getSecret
Arguments:
arn: arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456
Name
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var by_name = Aws.SecretsManager.GetSecret.Invoke(new()
{
Name = "example",
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := secretsmanager.LookupSecret(ctx, &secretsmanager.LookupSecretArgs{
Name: pulumi.StringRef("example"),
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.secretsmanager.SecretsmanagerFunctions;
import com.pulumi.aws.secretsmanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var by-name = SecretsmanagerFunctions.getSecret(GetSecretArgs.builder()
.name("example")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const by-name = aws.secretsmanager.getSecret({
name: "example",
});
import pulumi
import pulumi_aws as aws
by_name = aws.secretsmanager.get_secret(name="example")
variables:
by-name:
fn::invoke:
Function: aws:secretsmanager:getSecret
Arguments:
name: example
Using getSecret
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecret(args: GetSecretArgs, opts?: InvokeOptions): Promise<GetSecretResult>
function getSecretOutput(args: GetSecretOutputArgs, opts?: InvokeOptions): Output<GetSecretResult>def get_secret(arn: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretResult
def get_secret_output(arn: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretResult]func LookupSecret(ctx *Context, args *LookupSecretArgs, opts ...InvokeOption) (*LookupSecretResult, error)
func LookupSecretOutput(ctx *Context, args *LookupSecretOutputArgs, opts ...InvokeOption) LookupSecretResultOutput> Note: This function is named LookupSecret in the Go SDK.
public static class GetSecret
{
public static Task<GetSecretResult> InvokeAsync(GetSecretArgs args, InvokeOptions? opts = null)
public static Output<GetSecretResult> Invoke(GetSecretInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
public static Output<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
fn::invoke:
function: aws:secretsmanager/getSecret:getSecret
arguments:
# arguments dictionaryThe following arguments are supported:
getSecret Result
The following output properties are available:
- Arn string
- ARN of the secret.
- Description string
- Description of the secret.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kms
Key stringId - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- Name string
- Policy string
- Resource-based policy document that's attached to the secret.
- Rotation
Enabled bool - Whether rotation is enabled or not.
- Rotation
Lambda stringArn - Rotation Lambda function ARN if rotation is enabled.
- Rotation
Rules List<GetSecret Rotation Rule> - Rotation rules if rotation is enabled.
- Dictionary<string, string>
- Tags of the secret.
- Arn string
- ARN of the secret.
- Description string
- Description of the secret.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kms
Key stringId - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- Name string
- Policy string
- Resource-based policy document that's attached to the secret.
- Rotation
Enabled bool - Whether rotation is enabled or not.
- Rotation
Lambda stringArn - Rotation Lambda function ARN if rotation is enabled.
- Rotation
Rules []GetSecret Rotation Rule - Rotation rules if rotation is enabled.
- map[string]string
- Tags of the secret.
- arn String
- ARN of the secret.
- description String
- Description of the secret.
- id String
- The provider-assigned unique ID for this managed resource.
- kms
Key StringId - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- name String
- policy String
- Resource-based policy document that's attached to the secret.
- rotation
Enabled Boolean - Whether rotation is enabled or not.
- rotation
Lambda StringArn - Rotation Lambda function ARN if rotation is enabled.
- rotation
Rules List<GetSecret Rotation Rule> - Rotation rules if rotation is enabled.
- Map<String,String>
- Tags of the secret.
- arn string
- ARN of the secret.
- description string
- Description of the secret.
- id string
- The provider-assigned unique ID for this managed resource.
- kms
Key stringId - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- name string
- policy string
- Resource-based policy document that's attached to the secret.
- rotation
Enabled boolean - Whether rotation is enabled or not.
- rotation
Lambda stringArn - Rotation Lambda function ARN if rotation is enabled.
- rotation
Rules GetSecret Rotation Rule[] - Rotation rules if rotation is enabled.
- {[key: string]: string}
- Tags of the secret.
- arn str
- ARN of the secret.
- description str
- Description of the secret.
- id str
- The provider-assigned unique ID for this managed resource.
- kms_
key_ strid - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- name str
- policy str
- Resource-based policy document that's attached to the secret.
- rotation_
enabled bool - Whether rotation is enabled or not.
- rotation_
lambda_ strarn - Rotation Lambda function ARN if rotation is enabled.
- rotation_
rules Sequence[GetSecret Rotation Rule] - Rotation rules if rotation is enabled.
- Mapping[str, str]
- Tags of the secret.
- arn String
- ARN of the secret.
- description String
- Description of the secret.
- id String
- The provider-assigned unique ID for this managed resource.
- kms
Key StringId - Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
- name String
- policy String
- Resource-based policy document that's attached to the secret.
- rotation
Enabled Boolean - Whether rotation is enabled or not.
- rotation
Lambda StringArn - Rotation Lambda function ARN if rotation is enabled.
- rotation
Rules List<Property Map> - Rotation rules if rotation is enabled.
- Map<String>
- Tags of the secret.
Supporting Types
GetSecretRotationRule
- Automatically
After intDays - Duration string
- Schedule
Expression string
- Automatically
After intDays - Duration string
- Schedule
Expression string
- automatically
After IntegerDays - duration String
- schedule
Expression String
- automatically
After numberDays - duration string
- schedule
Expression string
- automatically
After NumberDays - duration String
- schedule
Expression String
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Viewing docs for AWS v5.43.0 (Older version)
published on Tuesday, Mar 10, 2026 by Pulumi
published on Tuesday, Mar 10, 2026 by Pulumi
