1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. secretmanager
  5. getSecret
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

gcp.secretmanager.getSecret

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

    Use this data source to get information about a Secret Manager Secret

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const qa = gcp.secretmanager.getSecret({
        secretId: "foobar",
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    qa = gcp.secretmanager.get_secret(secret_id="foobar")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/secretmanager"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := secretmanager.LookupSecret(ctx, &secretmanager.LookupSecretArgs{
    			SecretId: "foobar",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var qa = Gcp.SecretManager.GetSecret.Invoke(new()
        {
            SecretId = "foobar",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.secretmanager.SecretmanagerFunctions;
    import com.pulumi.gcp.secretmanager.inputs.GetSecretArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var qa = SecretmanagerFunctions.getSecret(GetSecretArgs.builder()
                .secretId("foobar")
                .build());
    
        }
    }
    
    variables:
      qa:
        fn::invoke:
          Function: gcp:secretmanager:getSecret
          Arguments:
            secretId: foobar
    

    Using getSecret

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSecret(args: GetSecretArgs, opts?: InvokeOptions): Promise<GetSecretResult>
    function getSecretOutput(args: GetSecretOutputArgs, opts?: InvokeOptions): Output<GetSecretResult>
    def get_secret(project: Optional[str] = None,
                   secret_id: Optional[str] = None,
                   opts: Optional[InvokeOptions] = None) -> GetSecretResult
    def get_secret_output(project: Optional[pulumi.Input[str]] = None,
                   secret_id: Optional[pulumi.Input[str]] = None,
                   opts: Optional[InvokeOptions] = None) -> Output[GetSecretResult]
    func LookupSecret(ctx *Context, args *LookupSecretArgs, opts ...InvokeOption) (*LookupSecretResult, error)
    func LookupSecretOutput(ctx *Context, args *LookupSecretOutputArgs, opts ...InvokeOption) LookupSecretResultOutput

    > Note: This function is named LookupSecret in the Go SDK.

    public static class GetSecret 
    {
        public static Task<GetSecretResult> InvokeAsync(GetSecretArgs args, InvokeOptions? opts = null)
        public static Output<GetSecretResult> Invoke(GetSecretInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: gcp:secretmanager/getSecret:getSecret
      arguments:
        # arguments dictionary

    The following arguments are supported:

    SecretId string
    The name of the secret.
    Project string
    The ID of the project in which the resource belongs.
    SecretId string
    The name of the secret.
    Project string
    The ID of the project in which the resource belongs.
    secretId String
    The name of the secret.
    project String
    The ID of the project in which the resource belongs.
    secretId string
    The name of the secret.
    project string
    The ID of the project in which the resource belongs.
    secret_id str
    The name of the secret.
    project str
    The ID of the project in which the resource belongs.
    secretId String
    The name of the secret.
    project String
    The ID of the project in which the resource belongs.

    getSecret Result

    The following output properties are available:

    Annotations Dictionary<string, string>
    CreateTime string
    EffectiveAnnotations Dictionary<string, string>
    EffectiveLabels Dictionary<string, string>
    ExpireTime string
    Id string
    The provider-assigned unique ID for this managed resource.
    Labels Dictionary<string, string>
    Name string
    PulumiLabels Dictionary<string, string>
    Replications List<GetSecretReplication>
    Rotations List<GetSecretRotation>
    SecretId string
    Topics List<GetSecretTopic>
    Ttl string
    VersionAliases Dictionary<string, string>
    Project string
    Annotations map[string]string
    CreateTime string
    EffectiveAnnotations map[string]string
    EffectiveLabels map[string]string
    ExpireTime string
    Id string
    The provider-assigned unique ID for this managed resource.
    Labels map[string]string
    Name string
    PulumiLabels map[string]string
    Replications []GetSecretReplication
    Rotations []GetSecretRotation
    SecretId string
    Topics []GetSecretTopic
    Ttl string
    VersionAliases map[string]string
    Project string
    annotations Map<String,String>
    createTime String
    effectiveAnnotations Map<String,String>
    effectiveLabels Map<String,String>
    expireTime String
    id String
    The provider-assigned unique ID for this managed resource.
    labels Map<String,String>
    name String
    pulumiLabels Map<String,String>
    replications List<GetSecretReplication>
    rotations List<GetSecretRotation>
    secretId String
    topics List<GetSecretTopic>
    ttl String
    versionAliases Map<String,String>
    project String
    annotations {[key: string]: string}
    createTime string
    effectiveAnnotations {[key: string]: string}
    effectiveLabels {[key: string]: string}
    expireTime string
    id string
    The provider-assigned unique ID for this managed resource.
    labels {[key: string]: string}
    name string
    pulumiLabels {[key: string]: string}
    replications GetSecretReplication[]
    rotations GetSecretRotation[]
    secretId string
    topics GetSecretTopic[]
    ttl string
    versionAliases {[key: string]: string}
    project string
    annotations Mapping[str, str]
    create_time str
    effective_annotations Mapping[str, str]
    effective_labels Mapping[str, str]
    expire_time str
    id str
    The provider-assigned unique ID for this managed resource.
    labels Mapping[str, str]
    name str
    pulumi_labels Mapping[str, str]
    replications Sequence[GetSecretReplication]
    rotations Sequence[GetSecretRotation]
    secret_id str
    topics Sequence[GetSecretTopic]
    ttl str
    version_aliases Mapping[str, str]
    project str
    annotations Map<String>
    createTime String
    effectiveAnnotations Map<String>
    effectiveLabels Map<String>
    expireTime String
    id String
    The provider-assigned unique ID for this managed resource.
    labels Map<String>
    name String
    pulumiLabels Map<String>
    replications List<Property Map>
    rotations List<Property Map>
    secretId String
    topics List<Property Map>
    ttl String
    versionAliases Map<String>
    project String

    Supporting Types

    GetSecretReplication

    Autos List<GetSecretReplicationAuto>
    The Secret will automatically be replicated without any restrictions.
    UserManageds List<GetSecretReplicationUserManaged>
    The Secret will be replicated to the regions specified by the user.
    Autos []GetSecretReplicationAuto
    The Secret will automatically be replicated without any restrictions.
    UserManageds []GetSecretReplicationUserManaged
    The Secret will be replicated to the regions specified by the user.
    autos List<GetSecretReplicationAuto>
    The Secret will automatically be replicated without any restrictions.
    userManageds List<GetSecretReplicationUserManaged>
    The Secret will be replicated to the regions specified by the user.
    autos GetSecretReplicationAuto[]
    The Secret will automatically be replicated without any restrictions.
    userManageds GetSecretReplicationUserManaged[]
    The Secret will be replicated to the regions specified by the user.
    autos Sequence[GetSecretReplicationAuto]
    The Secret will automatically be replicated without any restrictions.
    user_manageds Sequence[GetSecretReplicationUserManaged]
    The Secret will be replicated to the regions specified by the user.
    autos List<Property Map>
    The Secret will automatically be replicated without any restrictions.
    userManageds List<Property Map>
    The Secret will be replicated to the regions specified by the user.

    GetSecretReplicationAuto

    CustomerManagedEncryptions List<GetSecretReplicationAutoCustomerManagedEncryption>
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.
    CustomerManagedEncryptions []GetSecretReplicationAutoCustomerManagedEncryption
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.
    customerManagedEncryptions List<GetSecretReplicationAutoCustomerManagedEncryption>
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.
    customerManagedEncryptions GetSecretReplicationAutoCustomerManagedEncryption[]
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.
    customer_managed_encryptions Sequence[GetSecretReplicationAutoCustomerManagedEncryption]
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.
    customerManagedEncryptions List<Property Map>
    The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.

    GetSecretReplicationAutoCustomerManagedEncryption

    KmsKeyName string
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
    KmsKeyName string
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
    kmsKeyName String
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
    kmsKeyName string
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
    kms_key_name str
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
    kmsKeyName String
    The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

    GetSecretReplicationUserManaged

    Replicas List<GetSecretReplicationUserManagedReplica>
    The list of Replicas for this Secret. Cannot be empty.
    Replicas []GetSecretReplicationUserManagedReplica
    The list of Replicas for this Secret. Cannot be empty.
    replicas List<GetSecretReplicationUserManagedReplica>
    The list of Replicas for this Secret. Cannot be empty.
    replicas GetSecretReplicationUserManagedReplica[]
    The list of Replicas for this Secret. Cannot be empty.
    replicas Sequence[GetSecretReplicationUserManagedReplica]
    The list of Replicas for this Secret. Cannot be empty.
    replicas List<Property Map>
    The list of Replicas for this Secret. Cannot be empty.

    GetSecretReplicationUserManagedReplica

    CustomerManagedEncryptions List<GetSecretReplicationUserManagedReplicaCustomerManagedEncryption>
    Customer Managed Encryption for the secret.
    Location string
    The canonical IDs of the location to replicate data. For example: "us-east1".
    CustomerManagedEncryptions []GetSecretReplicationUserManagedReplicaCustomerManagedEncryption
    Customer Managed Encryption for the secret.
    Location string
    The canonical IDs of the location to replicate data. For example: "us-east1".
    customerManagedEncryptions List<GetSecretReplicationUserManagedReplicaCustomerManagedEncryption>
    Customer Managed Encryption for the secret.
    location String
    The canonical IDs of the location to replicate data. For example: "us-east1".
    customerManagedEncryptions GetSecretReplicationUserManagedReplicaCustomerManagedEncryption[]
    Customer Managed Encryption for the secret.
    location string
    The canonical IDs of the location to replicate data. For example: "us-east1".
    customer_managed_encryptions Sequence[GetSecretReplicationUserManagedReplicaCustomerManagedEncryption]
    Customer Managed Encryption for the secret.
    location str
    The canonical IDs of the location to replicate data. For example: "us-east1".
    customerManagedEncryptions List<Property Map>
    Customer Managed Encryption for the secret.
    location String
    The canonical IDs of the location to replicate data. For example: "us-east1".

    GetSecretReplicationUserManagedReplicaCustomerManagedEncryption

    KmsKeyName string
    Describes the Cloud KMS encryption key that will be used to protect destination secret.
    KmsKeyName string
    Describes the Cloud KMS encryption key that will be used to protect destination secret.
    kmsKeyName String
    Describes the Cloud KMS encryption key that will be used to protect destination secret.
    kmsKeyName string
    Describes the Cloud KMS encryption key that will be used to protect destination secret.
    kms_key_name str
    Describes the Cloud KMS encryption key that will be used to protect destination secret.
    kmsKeyName String
    Describes the Cloud KMS encryption key that will be used to protect destination secret.

    GetSecretRotation

    NextRotationTime string
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    RotationPeriod string
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
    NextRotationTime string
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    RotationPeriod string
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
    nextRotationTime String
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    rotationPeriod String
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
    nextRotationTime string
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    rotationPeriod string
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
    next_rotation_time str
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    rotation_period str
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
    nextRotationTime String
    Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
    rotationPeriod String
    The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.

    GetSecretTopic

    Name string
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
    Name string
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
    name String
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
    name string
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
    name str
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
    name String
    The resource name of the Pub/Sub topic that will be published to, in the following format: projects//topics/. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi