ibm 1.85.0-beta0, Oct 29 25

ibm 1.85.0-beta0 published on Wednesday, Oct 29, 2025 by ibm-cloud

ibm.getSmKvSecret

ibm 1.85.0-beta0 published on Wednesday, Oct 29, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

Example Usage

By secret id

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const kvSecret = ibm.getSmKvSecret({
    instanceId: ibm_resource_instance.sm_instance.guid,
    region: "us-south",
    secretId: "0b5571f7-21e6-42b7-91c5-3f5ac9793a46",
});

import pulumi
import pulumi_ibm as ibm

kv_secret = ibm.get_sm_kv_secret(instance_id=ibm_resource_instance["sm_instance"]["guid"],
    region="us-south",
    secret_id="0b5571f7-21e6-42b7-91c5-3f5ac9793a46")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.LookupSmKvSecret(ctx, &ibm.LookupSmKvSecretArgs{
			InstanceId: ibm_resource_instance.Sm_instance.Guid,
			Region:     pulumi.StringRef("us-south"),
			SecretId:   pulumi.StringRef("0b5571f7-21e6-42b7-91c5-3f5ac9793a46"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var kvSecret = Ibm.GetSmKvSecret.Invoke(new()
    {
        InstanceId = ibm_resource_instance.Sm_instance.Guid,
        Region = "us-south",
        SecretId = "0b5571f7-21e6-42b7-91c5-3f5ac9793a46",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetSmKvSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var kvSecret = IbmFunctions.getSmKvSecret(GetSmKvSecretArgs.builder()
            .instanceId(ibm_resource_instance.sm_instance().guid())
            .region("us-south")
            .secretId("0b5571f7-21e6-42b7-91c5-3f5ac9793a46")
            .build());

    }
}

variables:
  kvSecret:
    fn::invoke:
      function: ibm:getSmKvSecret
      arguments:
        instanceId: ${ibm_resource_instance.sm_instance.guid}
        region: us-south
        secretId: 0b5571f7-21e6-42b7-91c5-3f5ac9793a46

By secret name and group name

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const kvSecret = ibm.getSmKvSecret({
    instanceId: ibm_resource_instance.sm_instance.guid,
    region: "us-south",
    name: "secret-name",
    secretGroupName: "group-name",
});

import pulumi
import pulumi_ibm as ibm

kv_secret = ibm.get_sm_kv_secret(instance_id=ibm_resource_instance["sm_instance"]["guid"],
    region="us-south",
    name="secret-name",
    secret_group_name="group-name")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.LookupSmKvSecret(ctx, &ibm.LookupSmKvSecretArgs{
			InstanceId:      ibm_resource_instance.Sm_instance.Guid,
			Region:          pulumi.StringRef("us-south"),
			Name:            pulumi.StringRef("secret-name"),
			SecretGroupName: pulumi.StringRef("group-name"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var kvSecret = Ibm.GetSmKvSecret.Invoke(new()
    {
        InstanceId = ibm_resource_instance.Sm_instance.Guid,
        Region = "us-south",
        Name = "secret-name",
        SecretGroupName = "group-name",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetSmKvSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var kvSecret = IbmFunctions.getSmKvSecret(GetSmKvSecretArgs.builder()
            .instanceId(ibm_resource_instance.sm_instance().guid())
            .region("us-south")
            .name("secret-name")
            .secretGroupName("group-name")
            .build());

    }
}

variables:
  kvSecret:
    fn::invoke:
      function: ibm:getSmKvSecret
      arguments:
        instanceId: ${ibm_resource_instance.sm_instance.guid}
        region: us-south
        name: secret-name
        secretGroupName: group-name

Using getSmKvSecret

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSmKvSecret(args: GetSmKvSecretArgs, opts?: InvokeOptions): Promise<GetSmKvSecretResult>
function getSmKvSecretOutput(args: GetSmKvSecretOutputArgs, opts?: InvokeOptions): Output<GetSmKvSecretResult>

def get_sm_kv_secret(endpoint_type: Optional[str] = None,
                     id: Optional[str] = None,
                     instance_id: Optional[str] = None,
                     name: Optional[str] = None,
                     region: Optional[str] = None,
                     secret_group_name: Optional[str] = None,
                     secret_id: Optional[str] = None,
                     opts: Optional[InvokeOptions] = None) -> GetSmKvSecretResult
def get_sm_kv_secret_output(endpoint_type: Optional[pulumi.Input[str]] = None,
                     id: Optional[pulumi.Input[str]] = None,
                     instance_id: Optional[pulumi.Input[str]] = None,
                     name: Optional[pulumi.Input[str]] = None,
                     region: Optional[pulumi.Input[str]] = None,
                     secret_group_name: Optional[pulumi.Input[str]] = None,
                     secret_id: Optional[pulumi.Input[str]] = None,
                     opts: Optional[InvokeOptions] = None) -> Output[GetSmKvSecretResult]

func LookupSmKvSecret(ctx *Context, args *LookupSmKvSecretArgs, opts ...InvokeOption) (*LookupSmKvSecretResult, error)
func LookupSmKvSecretOutput(ctx *Context, args *LookupSmKvSecretOutputArgs, opts ...InvokeOption) LookupSmKvSecretResultOutput

> Note: This function is named LookupSmKvSecret in the Go SDK.

public static class GetSmKvSecret 
{
    public static Task<GetSmKvSecretResult> InvokeAsync(GetSmKvSecretArgs args, InvokeOptions? opts = null)
    public static Output<GetSmKvSecretResult> Invoke(GetSmKvSecretInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSmKvSecretResult> getSmKvSecret(GetSmKvSecretArgs args, InvokeOptions options)
public static Output<GetSmKvSecretResult> getSmKvSecret(GetSmKvSecretArgs args, InvokeOptions options)

fn::invoke:
  function: ibm:index/getSmKvSecret:getSmKvSecret
  arguments:
    # arguments dictionary

The following arguments are supported:

InstanceId string

The GUID of the Secrets Manager instance.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

Id string

The unique identifier of the data source.

Name string

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

SecretGroupName string

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

SecretId string

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

InstanceId string

The GUID of the Secrets Manager instance.

EndpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

Id string

The unique identifier of the data source.

Name string

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

Region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

SecretGroupName string

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

SecretId string

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

instanceId String

The GUID of the Secrets Manager instance.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

id String

The unique identifier of the data source.

name String

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

secretGroupName String

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

secretId String

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

instanceId string

The GUID of the Secrets Manager instance.

endpointType string

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

id string

The unique identifier of the data source.

name string

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

region string

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

secretGroupName string

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

secretId string

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

instance_id str

The GUID of the Secrets Manager instance.

endpoint_type str

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

id str

The unique identifier of the data source.

name str

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

region str

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

secret_group_name str

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

secret_id str

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

instanceId String

The GUID of the Secrets Manager instance.

endpointType String

The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

Constraints: Allowable values are: private, public.

id String

The unique identifier of the data source.

name String

The human-readable name of your secret. To be used in combination with secret_group_name.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.

region String

The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.

secretGroupName String

The name of your existing secret group. To be used in combination with name.

Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.

secretId String

The ID of the secret.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

getSmKvSecret Result

The following output properties are available:

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

CustomMetadata Dictionary<string, string>

Data Dictionary<string, string>

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

Description string

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

Id string

The unique identifier of the data source.

InstanceId string

Labels List<string>

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

LocksTotal double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

Name string

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

Region string

RetrievedAt string

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

SecretGroupId string

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SecretId string

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

State double

(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

VersionsTotal double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

EndpointType string

SecretGroupName string

CreatedAt string

(String) The date when a resource was created. The date format follows RFC 3339.

CreatedBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

Crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

CustomMetadata map[string]string

Data map[string]string

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

Description string

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

Downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

Id string

The unique identifier of the data source.

InstanceId string

Labels []string

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

LocksTotal float64

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

Name string

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

Region string

RetrievedAt string

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

SecretGroupId string

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

SecretId string

SecretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

State float64

Constraints: Allowable values are: 0, 1, 2, 3, 5.

StateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

UpdatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

VersionsTotal float64

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

EndpointType string

SecretGroupName string

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

customMetadata Map<String,String>

data Map<String,String>

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

description String

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

id String

The unique identifier of the data source.

instanceId String

labels List<String>

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal Double

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name String

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

region String

retrievedAt String

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

secretGroupId String

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId String

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

state Double

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription String

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updatedAt String

(String) The date when a resource was recently modified. The date format follows RFC 3339.

versionsTotal Double

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

endpointType String

secretGroupName String

createdAt string

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy string

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn string

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

customMetadata {[key: string]: string}

data {[key: string]: string}

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

description string

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

id string

The unique identifier of the data source.

instanceId string

labels string[]

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name string

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

region string

retrievedAt string

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

secretGroupId string

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId string

secretType string

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

state number

Constraints: Allowable values are: 0, 1, 2, 3, 5.

stateDescription string

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updatedAt string

(String) The date when a resource was recently modified. The date format follows RFC 3339.

versionsTotal number

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

endpointType string

secretGroupName string

created_at str

(String) The date when a resource was created. The date format follows RFC 3339.

created_by str

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn str

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

custom_metadata Mapping[str, str]

data Mapping[str, str]

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

description str

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded bool

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

id str

The unique identifier of the data source.

instance_id str

labels Sequence[str]

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locks_total float

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name str

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

region str

retrieved_at str

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

secret_group_id str

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secret_id str

secret_type str

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.

state float

Constraints: Allowable values are: 0, 1, 2, 3, 5.

state_description str

(String) A text representation of the secret state.

Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.

updated_at str

(String) The date when a resource was recently modified. The date format follows RFC 3339.

versions_total float

(Integer) The number of versions of the secret.

Constraints: The maximum value is 50. The minimum value is 0.

endpoint_type str

secret_group_name str

createdAt String

(String) The date when a resource was created. The date format follows RFC 3339.

createdBy String

(String) The unique identifier that is associated with the entity that created the secret.

Constraints: The maximum length is 128 characters. The minimum length is 4 characters.

crn String

(String) A CRN that uniquely identifies an IBM Cloud resource.

Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.

customMetadata Map<String>

data Map<String>

(Map) The payload data of a key-value secret.

Constraints: The minimum length is 1 item.

description String

(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.

downloaded Boolean

(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.

id String

The unique identifier of the data source.

instanceId String

labels List<String>

(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.

locksTotal Number

(Integer) The number of locks of the secret.

Constraints: The maximum value is 1000. The minimum value is 0.

name String

(String) The human-readable name of your secret.

Constraints: The maximum length is 256 characters. The minimum length is 2 characters.

region String

retrievedAt String

(String) The date when the data of the secret was last retrieved. The date format follows RFC 3339. Epoch date if there is no record of secret data retrieval.

secretGroupId String

(String) A UUID identifier, or default secret group.

Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.

secretId String

secretType String

(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.