Docs Home
OpenStack v5.0.4 published on Tuesday, Apr 29, 2025 by Pulumi
openstack.keymanager.getSecret
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";
const example = openstack.keymanager.getSecret({
mode: "cbc",
secretType: "passphrase",
});
import pulumi
import pulumi_openstack as openstack
example = openstack.keymanager.get_secret(mode="cbc",
secret_type="passphrase")
package main
import (
"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := keymanager.GetSecret(ctx, &keymanager.GetSecretArgs{
Mode: pulumi.StringRef("cbc"),
SecretType: pulumi.StringRef("passphrase"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;
return await Deployment.RunAsync(() =>
{
var example = OpenStack.KeyManager.GetSecret.Invoke(new()
{
Mode = "cbc",
SecretType = "passphrase",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.keymanager.KeymanagerFunctions;
import com.pulumi.openstack.keymanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = KeymanagerFunctions.getSecret(GetSecretArgs.builder()
.mode("cbc")
.secretType("passphrase")
.build());
}
}
variables:
example:
fn::invoke:
function: openstack:keymanager:getSecret
arguments:
mode: cbc
secretType: passphrase
Date Filters
The values for the expiration_filter, created_at_filter, and
updated_at_filter parameters are comma-separated lists of time stamps in
RFC3339 format. The time stamps can be prefixed with any of these comparison
operators: gt: (greater-than), gte: (greater-than-or-equal), lt:
(less-than), lte: (less-than-or-equal).
For example, to get a passphrase a Secret with CBC moda, that will expire in January of 2020:
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";
const dateFilterExample = openstack.keymanager.getSecret({
mode: "cbc",
secretType: "passphrase",
expirationFilter: "gt:2020-01-01T00:00:00Z",
});
import pulumi
import pulumi_openstack as openstack
date_filter_example = openstack.keymanager.get_secret(mode="cbc",
secret_type="passphrase",
expiration_filter="gt:2020-01-01T00:00:00Z")
package main
import (
"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := keymanager.GetSecret(ctx, &keymanager.GetSecretArgs{
Mode: pulumi.StringRef("cbc"),
SecretType: pulumi.StringRef("passphrase"),
ExpirationFilter: pulumi.StringRef("gt:2020-01-01T00:00:00Z"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;
return await Deployment.RunAsync(() =>
{
var dateFilterExample = OpenStack.KeyManager.GetSecret.Invoke(new()
{
Mode = "cbc",
SecretType = "passphrase",
ExpirationFilter = "gt:2020-01-01T00:00:00Z",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.keymanager.KeymanagerFunctions;
import com.pulumi.openstack.keymanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var dateFilterExample = KeymanagerFunctions.getSecret(GetSecretArgs.builder()
.mode("cbc")
.secretType("passphrase")
.expirationFilter("gt:2020-01-01T00:00:00Z")
.build());
}
}
variables:
dateFilterExample:
fn::invoke:
function: openstack:keymanager:getSecret
arguments:
mode: cbc
secretType: passphrase
expirationFilter: gt:2020-01-01T00:00:00Z
Using getSecret
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecret(args: GetSecretArgs, opts?: InvokeOptions): Promise<GetSecretResult>
function getSecretOutput(args: GetSecretOutputArgs, opts?: InvokeOptions): Output<GetSecretResult>def get_secret(acl_only: Optional[bool] = None,
algorithm: Optional[str] = None,
bit_length: Optional[int] = None,
created_at_filter: Optional[str] = None,
expiration_filter: Optional[str] = None,
mode: Optional[str] = None,
name: Optional[str] = None,
region: Optional[str] = None,
secret_type: Optional[str] = None,
updated_at_filter: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretResult
def get_secret_output(acl_only: Optional[pulumi.Input[bool]] = None,
algorithm: Optional[pulumi.Input[str]] = None,
bit_length: Optional[pulumi.Input[int]] = None,
created_at_filter: Optional[pulumi.Input[str]] = None,
expiration_filter: Optional[pulumi.Input[str]] = None,
mode: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
region: Optional[pulumi.Input[str]] = None,
secret_type: Optional[pulumi.Input[str]] = None,
updated_at_filter: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretResult]func GetSecret(ctx *Context, args *GetSecretArgs, opts ...InvokeOption) (*GetSecretResult, error)
func GetSecretOutput(ctx *Context, args *GetSecretOutputArgs, opts ...InvokeOption) GetSecretResultOutput> Note: This function is named GetSecret in the Go SDK.
public static class GetSecret
{
public static Task<GetSecretResult> InvokeAsync(GetSecretArgs args, InvokeOptions? opts = null)
public static Output<GetSecretResult> Invoke(GetSecretInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
public static Output<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
fn::invoke:
function: openstack:keymanager/getSecret:getSecret
arguments:
# arguments dictionaryThe following arguments are supported:
- Acl
Only bool - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - Algorithm string
- The Secret algorithm.
- Bit
Length int - The Secret bit length.
- Created
At stringFilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- Expiration
Filter string - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- Mode string
- The Secret mode.
- Name string
- The Secret name.
- Region string
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - Secret
Type string - The Secret type. For more information see Secret types.
- Updated
At stringFilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
- Acl
Only bool - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - Algorithm string
- The Secret algorithm.
- Bit
Length int - The Secret bit length.
- Created
At stringFilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- Expiration
Filter string - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- Mode string
- The Secret mode.
- Name string
- The Secret name.
- Region string
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - Secret
Type string - The Secret type. For more information see Secret types.
- Updated
At stringFilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
- acl
Only Boolean - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - algorithm String
- The Secret algorithm.
- bit
Length Integer - The Secret bit length.
- created
At StringFilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- expiration
Filter String - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- mode String
- The Secret mode.
- name String
- The Secret name.
- region String
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - secret
Type String - The Secret type. For more information see Secret types.
- updated
At StringFilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
- acl
Only boolean - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - algorithm string
- The Secret algorithm.
- bit
Length number - The Secret bit length.
- created
At stringFilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- expiration
Filter string - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- mode string
- The Secret mode.
- name string
- The Secret name.
- region string
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - secret
Type string - The Secret type. For more information see Secret types.
- updated
At stringFilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
- acl_
only bool - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - algorithm str
- The Secret algorithm.
- bit_
length int - The Secret bit length.
- created_
at_ strfilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- expiration_
filter str - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- mode str
- The Secret mode.
- name str
- The Secret name.
- region str
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - secret_
type str - The Secret type. For more information see Secret types.
- updated_
at_ strfilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
- acl
Only Boolean - Select the Secret with an ACL that contains the user.
Project scope is ignored. Defaults to
false. - algorithm String
- The Secret algorithm.
- bit
Length Number - The Secret bit length.
- created
At StringFilter - Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
- expiration
Filter String - Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
- mode String
- The Secret mode.
- name String
- The Secret name.
- region String
- The region in which to obtain the V1 KeyManager client.
A KeyManager client is needed to fetch a secret. If omitted, the
regionargument of the provider is used. - secret
Type String - The Secret type. For more information see Secret types.
- updated
At StringFilter - Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
getSecret Result
The following output properties are available:
- Acls
List<Pulumi.
Open Stack. Key Manager. Outputs. Get Secret Acl> - The list of ACLs assigned to a secret. The
readstructure is described below. - Content
Types Dictionary<string, string> - The map of the content types, assigned on the secret.
- Created
At string - The date the secret ACL was created.
- Creator
Id string - The creator of the secret.
- Expiration string
- The date the secret will expire.
- Id string
- The provider-assigned unique ID for this managed resource.
- Metadata Dictionary<string, string>
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Payload string
- The secret payload.
- Payload
Content stringEncoding - The Secret encoding.
- Payload
Content stringType - The Secret content type.
- Secret
Ref string - The secret reference / where to find the secret.
- Status string
- The status of the secret.
- Updated
At string - The date the secret ACL was last updated.
- Acl
Only bool - See Argument Reference above.
- Algorithm string
- See Argument Reference above.
- Bit
Length int - See Argument Reference above.
- Created
At stringFilter - See Argument Reference above.
- Expiration
Filter string - See Argument Reference above.
- Mode string
- See Argument Reference above.
- Name string
- See Argument Reference above.
- Region string
- See Argument Reference above.
- Secret
Type string - See Argument Reference above.
- Updated
At stringFilter - See Argument Reference above.
- Acls
[]Get
Secret Acl - The list of ACLs assigned to a secret. The
readstructure is described below. - Content
Types map[string]string - The map of the content types, assigned on the secret.
- Created
At string - The date the secret ACL was created.
- Creator
Id string - The creator of the secret.
- Expiration string
- The date the secret will expire.
- Id string
- The provider-assigned unique ID for this managed resource.
- Metadata map[string]string
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Payload string
- The secret payload.
- Payload
Content stringEncoding - The Secret encoding.
- Payload
Content stringType - The Secret content type.
- Secret
Ref string - The secret reference / where to find the secret.
- Status string
- The status of the secret.
- Updated
At string - The date the secret ACL was last updated.
- Acl
Only bool - See Argument Reference above.
- Algorithm string
- See Argument Reference above.
- Bit
Length int - See Argument Reference above.
- Created
At stringFilter - See Argument Reference above.
- Expiration
Filter string - See Argument Reference above.
- Mode string
- See Argument Reference above.
- Name string
- See Argument Reference above.
- Region string
- See Argument Reference above.
- Secret
Type string - See Argument Reference above.
- Updated
At stringFilter - See Argument Reference above.
- acls
List<Get
Secret Acl> - The list of ACLs assigned to a secret. The
readstructure is described below. - content
Types Map<String,String> - The map of the content types, assigned on the secret.
- created
At String - The date the secret ACL was created.
- creator
Id String - The creator of the secret.
- expiration String
- The date the secret will expire.
- id String
- The provider-assigned unique ID for this managed resource.
- metadata Map<String,String>
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- payload String
- The secret payload.
- payload
Content StringEncoding - The Secret encoding.
- payload
Content StringType - The Secret content type.
- secret
Ref String - The secret reference / where to find the secret.
- status String
- The status of the secret.
- updated
At String - The date the secret ACL was last updated.
- acl
Only Boolean - See Argument Reference above.
- algorithm String
- See Argument Reference above.
- bit
Length Integer - See Argument Reference above.
- created
At StringFilter - See Argument Reference above.
- expiration
Filter String - See Argument Reference above.
- mode String
- See Argument Reference above.
- name String
- See Argument Reference above.
- region String
- See Argument Reference above.
- secret
Type String - See Argument Reference above.
- updated
At StringFilter - See Argument Reference above.
- acls
Get
Secret Acl[] - The list of ACLs assigned to a secret. The
readstructure is described below. - content
Types {[key: string]: string} - The map of the content types, assigned on the secret.
- created
At string - The date the secret ACL was created.
- creator
Id string - The creator of the secret.
- expiration string
- The date the secret will expire.
- id string
- The provider-assigned unique ID for this managed resource.
- metadata {[key: string]: string}
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- payload string
- The secret payload.
- payload
Content stringEncoding - The Secret encoding.
- payload
Content stringType - The Secret content type.
- secret
Ref string - The secret reference / where to find the secret.
- status string
- The status of the secret.
- updated
At string - The date the secret ACL was last updated.
- acl
Only boolean - See Argument Reference above.
- algorithm string
- See Argument Reference above.
- bit
Length number - See Argument Reference above.
- created
At stringFilter - See Argument Reference above.
- expiration
Filter string - See Argument Reference above.
- mode string
- See Argument Reference above.
- name string
- See Argument Reference above.
- region string
- See Argument Reference above.
- secret
Type string - See Argument Reference above.
- updated
At stringFilter - See Argument Reference above.
- acls
Sequence[Get
Secret Acl] - The list of ACLs assigned to a secret. The
readstructure is described below. - content_
types Mapping[str, str] - The map of the content types, assigned on the secret.
- created_
at str - The date the secret ACL was created.
- creator_
id str - The creator of the secret.
- expiration str
- The date the secret will expire.
- id str
- The provider-assigned unique ID for this managed resource.
- metadata Mapping[str, str]
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- payload str
- The secret payload.
- payload_
content_ strencoding - The Secret encoding.
- payload_
content_ strtype - The Secret content type.
- secret_
ref str - The secret reference / where to find the secret.
- status str
- The status of the secret.
- updated_
at str - The date the secret ACL was last updated.
- acl_
only bool - See Argument Reference above.
- algorithm str
- See Argument Reference above.
- bit_
length int - See Argument Reference above.
- created_
at_ strfilter - See Argument Reference above.
- expiration_
filter str - See Argument Reference above.
- mode str
- See Argument Reference above.
- name str
- See Argument Reference above.
- region str
- See Argument Reference above.
- secret_
type str - See Argument Reference above.
- updated_
at_ strfilter - See Argument Reference above.
- acls List<Property Map>
- The list of ACLs assigned to a secret. The
readstructure is described below. - content
Types Map<String> - The map of the content types, assigned on the secret.
- created
At String - The date the secret ACL was created.
- creator
Id String - The creator of the secret.
- expiration String
- The date the secret will expire.
- id String
- The provider-assigned unique ID for this managed resource.
- metadata Map<String>
- The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- payload String
- The secret payload.
- payload
Content StringEncoding - The Secret encoding.
- payload
Content StringType - The Secret content type.
- secret
Ref String - The secret reference / where to find the secret.
- status String
- The status of the secret.
- updated
At String - The date the secret ACL was last updated.
- acl
Only Boolean - See Argument Reference above.
- algorithm String
- See Argument Reference above.
- bit
Length Number - See Argument Reference above.
- created
At StringFilter - See Argument Reference above.
- expiration
Filter String - See Argument Reference above.
- mode String
- See Argument Reference above.
- name String
- See Argument Reference above.
- region String
- See Argument Reference above.
- secret
Type String - See Argument Reference above.
- updated
At StringFilter - See Argument Reference above.
Supporting Types
GetSecretAcl
GetSecretAclRead
- Created
At string - The date the secret ACL was created.
- Updated
At string - The date the secret ACL was last updated.
- Project
Access bool - Whether the secret is accessible project wide.
- Users List<string>
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
- Created
At string - The date the secret ACL was created.
- Updated
At string - The date the secret ACL was last updated.
- Project
Access bool - Whether the secret is accessible project wide.
- Users []string
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
- created
At String - The date the secret ACL was created.
- updated
At String - The date the secret ACL was last updated.
- project
Access Boolean - Whether the secret is accessible project wide.
- users List<String>
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
- created
At string - The date the secret ACL was created.
- updated
At string - The date the secret ACL was last updated.
- project
Access boolean - Whether the secret is accessible project wide.
- users string[]
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
- created_
at str - The date the secret ACL was created.
- updated_
at str - The date the secret ACL was last updated.
- project_
access bool - Whether the secret is accessible project wide.
- users Sequence[str]
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
- created
At String - The date the secret ACL was created.
- updated
At String - The date the secret ACL was last updated.
- project
Access Boolean - Whether the secret is accessible project wide.
- users List<String>
- The list of user IDs, which are allowed to access the secret, when
project_accessis set tofalse.
Package Details
- Repository
- OpenStack pulumi/pulumi-openstack
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
openstackTerraform Provider.