1. Packages
  2. Harness
  3. API Docs
  4. EncryptedText
Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs

harness.EncryptedText

Explore with Pulumi AI

harness logo
Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs

    Resource for creating an encrypted text secret

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Harness = Lbrlabs.PulumiPackage.Harness;
    using Harness = Pulumi.Harness;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = Harness.GetSecretManager.Invoke(new()
        {
            Default = true,
        });
    
        var example = new Harness.EncryptedText("example", new()
        {
            Value = "someval",
            SecretManagerId = @default.Apply(@default => @default.Apply(getSecretManagerResult => getSecretManagerResult.Id)),
            UsageScopes = new[]
            {
                new Harness.Inputs.EncryptedTextUsageScopeArgs
                {
                    EnvironmentFilterType = "PRODUCTION_ENVIRONMENTS",
                },
                new Harness.Inputs.EncryptedTextUsageScopeArgs
                {
                    EnvironmentFilterType = "NON_PRODUCTION_ENVIRONMENTS",
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/lbrlabs/pulumi-harness/sdk/go/harness"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_default, err := harness.GetSecretManager(ctx, &harness.GetSecretManagerArgs{
    			Default: pulumi.BoolRef(true),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = harness.NewEncryptedText(ctx, "example", &harness.EncryptedTextArgs{
    			Value:           pulumi.String("someval"),
    			SecretManagerId: *pulumi.String(_default.Id),
    			UsageScopes: harness.EncryptedTextUsageScopeArray{
    				&harness.EncryptedTextUsageScopeArgs{
    					EnvironmentFilterType: pulumi.String("PRODUCTION_ENVIRONMENTS"),
    				},
    				&harness.EncryptedTextUsageScopeArgs{
    					EnvironmentFilterType: pulumi.String("NON_PRODUCTION_ENVIRONMENTS"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.harness.HarnessFunctions;
    import com.pulumi.harness.inputs.GetSecretManagerArgs;
    import com.pulumi.harness.EncryptedText;
    import com.pulumi.harness.EncryptedTextArgs;
    import com.pulumi.harness.inputs.EncryptedTextUsageScopeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var default = HarnessFunctions.getSecretManager(GetSecretManagerArgs.builder()
                .default_(true)
                .build());
    
            var example = new EncryptedText("example", EncryptedTextArgs.builder()        
                .value("someval")
                .secretManagerId(default_.id())
                .usageScopes(            
                    EncryptedTextUsageScopeArgs.builder()
                        .environmentFilterType("PRODUCTION_ENVIRONMENTS")
                        .build(),
                    EncryptedTextUsageScopeArgs.builder()
                        .environmentFilterType("NON_PRODUCTION_ENVIRONMENTS")
                        .build())
                .build());
    
        }
    }
    
    import pulumi
    import lbrlabs_pulumi_harness as harness
    import pulumi_harness as harness
    
    default = harness.get_secret_manager(default=True)
    example = harness.EncryptedText("example",
        value="someval",
        secret_manager_id=default.id,
        usage_scopes=[
            harness.EncryptedTextUsageScopeArgs(
                environment_filter_type="PRODUCTION_ENVIRONMENTS",
            ),
            harness.EncryptedTextUsageScopeArgs(
                environment_filter_type="NON_PRODUCTION_ENVIRONMENTS",
            ),
        ])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as harness from "@lbrlabs/pulumi-harness";
    import * as harness from "@pulumi/harness";
    
    const default = harness.getSecretManager({
        "default": true,
    });
    const example = new harness.EncryptedText("example", {
        value: "someval",
        secretManagerId: _default.then(_default => _default.id),
        usageScopes: [
            {
                environmentFilterType: "PRODUCTION_ENVIRONMENTS",
            },
            {
                environmentFilterType: "NON_PRODUCTION_ENVIRONMENTS",
            },
        ],
    });
    
    resources:
      example:
        type: harness:EncryptedText
        properties:
          value: someval
          secretManagerId: ${default.id}
          usageScopes:
            - environmentFilterType: PRODUCTION_ENVIRONMENTS
            - environmentFilterType: NON_PRODUCTION_ENVIRONMENTS
    variables:
      default:
        fn::invoke:
          Function: harness:getSecretManager
          Arguments:
            default: true
    

    Create EncryptedText Resource

    new EncryptedText(name: string, args: EncryptedTextArgs, opts?: CustomResourceOptions);
    @overload
    def EncryptedText(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      inherit_scopes_from_secret_manager: Optional[bool] = None,
                      name: Optional[str] = None,
                      scoped_to_account: Optional[bool] = None,
                      secret_manager_id: Optional[str] = None,
                      secret_reference: Optional[str] = None,
                      usage_scopes: Optional[Sequence[EncryptedTextUsageScopeArgs]] = None,
                      value: Optional[str] = None)
    @overload
    def EncryptedText(resource_name: str,
                      args: EncryptedTextArgs,
                      opts: Optional[ResourceOptions] = None)
    func NewEncryptedText(ctx *Context, name string, args EncryptedTextArgs, opts ...ResourceOption) (*EncryptedText, error)
    public EncryptedText(string name, EncryptedTextArgs args, CustomResourceOptions? opts = null)
    public EncryptedText(String name, EncryptedTextArgs args)
    public EncryptedText(String name, EncryptedTextArgs args, CustomResourceOptions options)
    
    type: harness:EncryptedText
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args EncryptedTextArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args EncryptedTextArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args EncryptedTextArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args EncryptedTextArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args EncryptedTextArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    EncryptedText Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The EncryptedText resource accepts the following input properties:

    SecretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    InheritScopesFromSecretManager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    Name string
    Name of the encrypted text secret
    ScopedToAccount bool
    Boolean that indicates whether or not the secret is scoped to the account
    SecretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    UsageScopes List<Lbrlabs.PulumiPackage.Harness.Inputs.EncryptedTextUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    Value string
    The value of the secret.
    SecretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    InheritScopesFromSecretManager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    Name string
    Name of the encrypted text secret
    ScopedToAccount bool
    Boolean that indicates whether or not the secret is scoped to the account
    SecretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    UsageScopes []EncryptedTextUsageScopeArgs
    This block is used for scoping the resource to a specific set of applications or environments.
    Value string
    The value of the secret.
    secretManagerId String
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    inheritScopesFromSecretManager Boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name String
    Name of the encrypted text secret
    scopedToAccount Boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretReference String
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes List<EncryptedTextUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    value String
    The value of the secret.
    secretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    inheritScopesFromSecretManager boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name string
    Name of the encrypted text secret
    scopedToAccount boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes EncryptedTextUsageScope[]
    This block is used for scoping the resource to a specific set of applications or environments.
    value string
    The value of the secret.
    secret_manager_id str
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    inherit_scopes_from_secret_manager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name str
    Name of the encrypted text secret
    scoped_to_account bool
    Boolean that indicates whether or not the secret is scoped to the account
    secret_reference str
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usage_scopes Sequence[EncryptedTextUsageScopeArgs]
    This block is used for scoping the resource to a specific set of applications or environments.
    value str
    The value of the secret.
    secretManagerId String
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    inheritScopesFromSecretManager Boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name String
    Name of the encrypted text secret
    scopedToAccount Boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretReference String
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes List<Property Map>
    This block is used for scoping the resource to a specific set of applications or environments.
    value String
    The value of the secret.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the EncryptedText resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing EncryptedText Resource

    Get an existing EncryptedText resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: EncryptedTextState, opts?: CustomResourceOptions): EncryptedText
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            inherit_scopes_from_secret_manager: Optional[bool] = None,
            name: Optional[str] = None,
            scoped_to_account: Optional[bool] = None,
            secret_manager_id: Optional[str] = None,
            secret_reference: Optional[str] = None,
            usage_scopes: Optional[Sequence[EncryptedTextUsageScopeArgs]] = None,
            value: Optional[str] = None) -> EncryptedText
    func GetEncryptedText(ctx *Context, name string, id IDInput, state *EncryptedTextState, opts ...ResourceOption) (*EncryptedText, error)
    public static EncryptedText Get(string name, Input<string> id, EncryptedTextState? state, CustomResourceOptions? opts = null)
    public static EncryptedText get(String name, Output<String> id, EncryptedTextState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    InheritScopesFromSecretManager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    Name string
    Name of the encrypted text secret
    ScopedToAccount bool
    Boolean that indicates whether or not the secret is scoped to the account
    SecretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    SecretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    UsageScopes List<Lbrlabs.PulumiPackage.Harness.Inputs.EncryptedTextUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    Value string
    The value of the secret.
    InheritScopesFromSecretManager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    Name string
    Name of the encrypted text secret
    ScopedToAccount bool
    Boolean that indicates whether or not the secret is scoped to the account
    SecretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    SecretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    UsageScopes []EncryptedTextUsageScopeArgs
    This block is used for scoping the resource to a specific set of applications or environments.
    Value string
    The value of the secret.
    inheritScopesFromSecretManager Boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name String
    Name of the encrypted text secret
    scopedToAccount Boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretManagerId String
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    secretReference String
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes List<EncryptedTextUsageScope>
    This block is used for scoping the resource to a specific set of applications or environments.
    value String
    The value of the secret.
    inheritScopesFromSecretManager boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name string
    Name of the encrypted text secret
    scopedToAccount boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretManagerId string
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    secretReference string
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes EncryptedTextUsageScope[]
    This block is used for scoping the resource to a specific set of applications or environments.
    value string
    The value of the secret.
    inherit_scopes_from_secret_manager bool
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name str
    Name of the encrypted text secret
    scoped_to_account bool
    Boolean that indicates whether or not the secret is scoped to the account
    secret_manager_id str
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    secret_reference str
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usage_scopes Sequence[EncryptedTextUsageScopeArgs]
    This block is used for scoping the resource to a specific set of applications or environments.
    value str
    The value of the secret.
    inheritScopesFromSecretManager Boolean
    Boolean that indicates whether or not to inherit the usage scopes from the secret manager
    name String
    Name of the encrypted text secret
    scopedToAccount Boolean
    Boolean that indicates whether or not the secret is scoped to the account
    secretManagerId String
    The id of the secret manager to associate the secret with. Once set, this field cannot be changed.
    secretReference String
    Name of the existing secret. If you already have secrets created in a secrets manager such as HashiCorp Vault or AWS Secrets Manager, you do not need to re-create the existing secrets in Harness.
    usageScopes List<Property Map>
    This block is used for scoping the resource to a specific set of applications or environments.
    value String
    The value of the secret.

    Supporting Types

    EncryptedTextUsageScope, EncryptedTextUsageScopeArgs

    ApplicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    EnvironmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    EnvironmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    ApplicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    EnvironmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    EnvironmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId String
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType String
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId String
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId string
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType string
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId string
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    application_id str
    Id of the application to scope to. If empty then this scope applies to all applications.
    environment_filter_type str
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environment_id str
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.
    applicationId String
    Id of the application to scope to. If empty then this scope applies to all applications.
    environmentFilterType String
    Type of environment filter applied. Cannot be used with environment_id. Valid options are NONPRODUCTIONENVIRONMENTS, PRODUCTION_ENVIRONMENTS.
    environmentId String
    Id of the id of the specific environment to scope to. Cannot be used with environment_filter_type.

    Import

    Import using the Harness encrypted text format. NOTEThe secret value cannot be decrypted and imported.

     $ pulumi import harness:index/encryptedText:EncryptedText example <secret_id>
    

    Package Details

    Repository
    harness lbrlabs/pulumi-harness
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the harness Terraform Provider.
    harness logo
    Harness v0.0.6 published on Saturday, Jul 1, 2023 by lbrlabs