Google Cloud (GCP) Classic

v6.44.0 published on Tuesday, Nov 29, 2022 by Pulumi

getKMSSecret

This data source allows you to use data encrypted with Google Cloud KMS within your resource definitions.

For more information see the official documentation.

NOTE: Using this data provider will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.

Using getKMSSecret

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getKMSSecret(args: GetKMSSecretArgs, opts?: InvokeOptions): Promise<GetKMSSecretResult>
function getKMSSecretOutput(args: GetKMSSecretOutputArgs, opts?: InvokeOptions): Output<GetKMSSecretResult>
def get_kms_secret(additional_authenticated_data: Optional[str] = None,
                   ciphertext: Optional[str] = None,
                   crypto_key: Optional[str] = None,
                   opts: Optional[InvokeOptions] = None) -> GetKMSSecretResult
def get_kms_secret_output(additional_authenticated_data: Optional[pulumi.Input[str]] = None,
                   ciphertext: Optional[pulumi.Input[str]] = None,
                   crypto_key: Optional[pulumi.Input[str]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetKMSSecretResult]
func GetKMSSecret(ctx *Context, args *GetKMSSecretArgs, opts ...InvokeOption) (*GetKMSSecretResult, error)
func GetKMSSecretOutput(ctx *Context, args *GetKMSSecretOutputArgs, opts ...InvokeOption) GetKMSSecretResultOutput

> Note: This function is named GetKMSSecret in the Go SDK.

public static class GetKMSSecret 
{
    public static Task<GetKMSSecretResult> InvokeAsync(GetKMSSecretArgs args, InvokeOptions? opts = null)
    public static Output<GetKMSSecretResult> Invoke(GetKMSSecretInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetKMSSecretResult> getKMSSecret(GetKMSSecretArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: gcp:kms/getKMSSecret:getKMSSecret
  arguments:
    # arguments dictionary

The following arguments are supported:

Ciphertext string

The ciphertext to be decrypted, encoded in base64

CryptoKey string

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

AdditionalAuthenticatedData string

The additional authenticated data used for integrity checks during encryption and decryption.

Ciphertext string

The ciphertext to be decrypted, encoded in base64

CryptoKey string

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

AdditionalAuthenticatedData string

The additional authenticated data used for integrity checks during encryption and decryption.

ciphertext String

The ciphertext to be decrypted, encoded in base64

cryptoKey String

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

additionalAuthenticatedData String

The additional authenticated data used for integrity checks during encryption and decryption.

ciphertext string

The ciphertext to be decrypted, encoded in base64

cryptoKey string

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

additionalAuthenticatedData string

The additional authenticated data used for integrity checks during encryption and decryption.

ciphertext str

The ciphertext to be decrypted, encoded in base64

crypto_key str

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

additional_authenticated_data str

The additional authenticated data used for integrity checks during encryption and decryption.

ciphertext String

The ciphertext to be decrypted, encoded in base64

cryptoKey String

The id of the CryptoKey that will be used to decrypt the provided ciphertext. This is represented by the format {projectId}/{location}/{keyRingName}/{cryptoKeyName}.

additionalAuthenticatedData String

The additional authenticated data used for integrity checks during encryption and decryption.

getKMSSecret Result

The following output properties are available:

Ciphertext string
CryptoKey string
Id string

The provider-assigned unique ID for this managed resource.

Plaintext string

Contains the result of decrypting the provided ciphertext.

AdditionalAuthenticatedData string
Ciphertext string
CryptoKey string
Id string

The provider-assigned unique ID for this managed resource.

Plaintext string

Contains the result of decrypting the provided ciphertext.

AdditionalAuthenticatedData string
ciphertext String
cryptoKey String
id String

The provider-assigned unique ID for this managed resource.

plaintext String

Contains the result of decrypting the provided ciphertext.

additionalAuthenticatedData String
ciphertext string
cryptoKey string
id string

The provider-assigned unique ID for this managed resource.

plaintext string

Contains the result of decrypting the provided ciphertext.

additionalAuthenticatedData string
ciphertext str
crypto_key str
id str

The provider-assigned unique ID for this managed resource.

plaintext str

Contains the result of decrypting the provided ciphertext.

additional_authenticated_data str
ciphertext String
cryptoKey String
id String

The provider-assigned unique ID for this managed resource.

plaintext String

Contains the result of decrypting the provided ciphertext.

additionalAuthenticatedData String

Package Details

Repository
https://github.com/pulumi/pulumi-gcp
License
Apache-2.0
Notes

This Pulumi package is based on the google-beta Terraform Provider.