HashiCorp Vault

Pulumi Official
Package maintained by Pulumi
v5.5.0 published on Tuesday, May 31, 2022 by Pulumi

getDecrypt

This is a data source which can be used to decrypt ciphertext using a Vault Transit key.

Example Usage

using Pulumi;
using Vault = Pulumi.Vault;

class MyStack : Stack
{
    public MyStack()
    {
        var test = Output.Create(Vault.Transit.GetDecrypt.InvokeAsync(new Vault.Transit.GetDecryptArgs
        {
            Backend = "transit",
            Ciphertext = "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==",
            Key = "test",
        }));
    }

}
package main

import (
	"github.com/pulumi/pulumi-vault/sdk/v5/go/vault/transit"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := transit.GetDecrypt(ctx, &transit.GetDecryptArgs{
			Backend:    "transit",
			Ciphertext: "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==",
			Key:        "test",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import pulumi
import pulumi_vault as vault

test = vault.transit.get_decrypt(backend="transit",
    ciphertext="vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==",
    key="test")
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";

const test = pulumi.output(vault.transit.getDecrypt({
    backend: "transit",
    ciphertext: "vault:v1:S3GtnJ5GUNCWV+/pdL9+g1Feu/nzAv+RlmTmE91Tu0rBkeIU8MEb2nSspC/1IQ==",
    key: "test",
}));

Coming soon!

Using getDecrypt

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDecrypt(args: GetDecryptArgs, opts?: InvokeOptions): Promise<GetDecryptResult>
function getDecryptOutput(args: GetDecryptOutputArgs, opts?: InvokeOptions): Output<GetDecryptResult>
def get_decrypt(backend: Optional[str] = None,
                ciphertext: Optional[str] = None,
                context: Optional[str] = None,
                key: Optional[str] = None,
                opts: Optional[InvokeOptions] = None) -> GetDecryptResult
def get_decrypt_output(backend: Optional[pulumi.Input[str]] = None,
                ciphertext: Optional[pulumi.Input[str]] = None,
                context: Optional[pulumi.Input[str]] = None,
                key: Optional[pulumi.Input[str]] = None,
                opts: Optional[InvokeOptions] = None) -> Output[GetDecryptResult]
func GetDecrypt(ctx *Context, args *GetDecryptArgs, opts ...InvokeOption) (*GetDecryptResult, error)
func GetDecryptOutput(ctx *Context, args *GetDecryptOutputArgs, opts ...InvokeOption) GetDecryptResultOutput

> Note: This function is named GetDecrypt in the Go SDK.

public static class GetDecrypt 
{
    public static Task<GetDecryptResult> InvokeAsync(GetDecryptArgs args, InvokeOptions? opts = null)
    public static Output<GetDecryptResult> Invoke(GetDecryptInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetDecryptResult> getDecrypt(GetDecryptArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
  Function: vault:transit/getDecrypt:getDecrypt
  Arguments:
    # Arguments dictionary

The following arguments are supported:

Backend string

The path the transit secret backend is mounted at, with no leading or trailing /.

Ciphertext string

Ciphertext to be decoded.

Key string

Specifies the name of the transit key to decrypt against.

Context string

Context for key derivation. This is required if key derivation is enabled for this key.

Backend string

The path the transit secret backend is mounted at, with no leading or trailing /.

Ciphertext string

Ciphertext to be decoded.

Key string

Specifies the name of the transit key to decrypt against.

Context string

Context for key derivation. This is required if key derivation is enabled for this key.

backend String

The path the transit secret backend is mounted at, with no leading or trailing /.

ciphertext String

Ciphertext to be decoded.

key String

Specifies the name of the transit key to decrypt against.

context String

Context for key derivation. This is required if key derivation is enabled for this key.

backend string

The path the transit secret backend is mounted at, with no leading or trailing /.

ciphertext string

Ciphertext to be decoded.

key string

Specifies the name of the transit key to decrypt against.

context string

Context for key derivation. This is required if key derivation is enabled for this key.

backend str

The path the transit secret backend is mounted at, with no leading or trailing /.

ciphertext str

Ciphertext to be decoded.

key str

Specifies the name of the transit key to decrypt against.

context str

Context for key derivation. This is required if key derivation is enabled for this key.

backend String

The path the transit secret backend is mounted at, with no leading or trailing /.

ciphertext String

Ciphertext to be decoded.

key String

Specifies the name of the transit key to decrypt against.

context String

Context for key derivation. This is required if key derivation is enabled for this key.

getDecrypt Result

The following output properties are available:

Backend string
Ciphertext string
Id string

The provider-assigned unique ID for this managed resource.

Key string
Plaintext string

Decrypted plaintext returned from Vault

Context string
Backend string
Ciphertext string
Id string

The provider-assigned unique ID for this managed resource.

Key string
Plaintext string

Decrypted plaintext returned from Vault

Context string
backend String
ciphertext String
id String

The provider-assigned unique ID for this managed resource.

key String
plaintext String

Decrypted plaintext returned from Vault

context String
backend string
ciphertext string
id string

The provider-assigned unique ID for this managed resource.

key string
plaintext string

Decrypted plaintext returned from Vault

context string
backend str
ciphertext str
id str

The provider-assigned unique ID for this managed resource.

key str
plaintext str

Decrypted plaintext returned from Vault

context str
backend String
ciphertext String
id String

The provider-assigned unique ID for this managed resource.

key String
plaintext String

Decrypted plaintext returned from Vault

context String

Package Details

Repository
https://github.com/pulumi/pulumi-vault
License
Apache-2.0
Notes

This Pulumi package is based on the vault Terraform Provider.