Docs Home
vkcs 0.9.3 published on Tuesday, Apr 15, 2025 by vk-cs
vkcs.KeymanagerSecret
Explore with Pulumi AI
Example Usage
Private key for TERMINATED_HTTPS loadbalancer listener
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as vkcs from "@pulumi/vkcs";
const privKey = new vkcs.KeymanagerSecret("privKey", {
secretType: "private",
payloadContentType: "text/plain",
payload: fs.readFileSync(`${path.module}/private-key.key`, "utf8"),
});
import pulumi
import pulumi_vkcs as vkcs
priv_key = vkcs.KeymanagerSecret("privKey",
secret_type="private",
payload_content_type="text/plain",
payload=(lambda path: open(path).read())(f"{path['module']}/private-key.key"))
package main
import (
"fmt"
"os"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/vkcs/vkcs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := vkcs.NewKeymanagerSecret(ctx, "privKey", &vkcs.KeymanagerSecretArgs{
SecretType: pulumi.String("private"),
PayloadContentType: pulumi.String("text/plain"),
Payload: pulumi.String(readFileOrPanic(fmt.Sprintf("%v/private-key.key", path.Module))),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Vkcs = Pulumi.Vkcs;
return await Deployment.RunAsync(() =>
{
var privKey = new Vkcs.KeymanagerSecret("privKey", new()
{
SecretType = "private",
PayloadContentType = "text/plain",
Payload = File.ReadAllText($"{path.Module}/private-key.key"),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vkcs.KeymanagerSecret;
import com.pulumi.vkcs.KeymanagerSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var privKey = new KeymanagerSecret("privKey", KeymanagerSecretArgs.builder()
.secretType("private")
.payloadContentType("text/plain")
.payload(Files.readString(Paths.get(String.format("%s/private-key.key", path.module()))))
.build());
}
}
resources:
privKey:
type: vkcs:KeymanagerSecret
properties:
secretType: private
payloadContentType: text/plain
payload:
fn::readFile: ${path.module}/private-key.key
Certificate for TERMINATED_HTTPS loadbalancer listener
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as vkcs from "@pulumi/vkcs";
const certificate = new vkcs.KeymanagerSecret("certificate", {
secretType: "certificate",
payloadContentType: "text/plain",
payload: fs.readFileSync(`${path.module}/certificate.pem`, "utf8"),
});
import pulumi
import pulumi_vkcs as vkcs
certificate = vkcs.KeymanagerSecret("certificate",
secret_type="certificate",
payload_content_type="text/plain",
payload=(lambda path: open(path).read())(f"{path['module']}/certificate.pem"))
package main
import (
"fmt"
"os"
"github.com/pulumi/pulumi-terraform-provider/sdks/go/vkcs/vkcs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := vkcs.NewKeymanagerSecret(ctx, "certificate", &vkcs.KeymanagerSecretArgs{
SecretType: pulumi.String("certificate"),
PayloadContentType: pulumi.String("text/plain"),
Payload: pulumi.String(readFileOrPanic(fmt.Sprintf("%v/certificate.pem", path.Module))),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Vkcs = Pulumi.Vkcs;
return await Deployment.RunAsync(() =>
{
var certificate = new Vkcs.KeymanagerSecret("certificate", new()
{
SecretType = "certificate",
PayloadContentType = "text/plain",
Payload = File.ReadAllText($"{path.Module}/certificate.pem"),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vkcs.KeymanagerSecret;
import com.pulumi.vkcs.KeymanagerSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var certificate = new KeymanagerSecret("certificate", KeymanagerSecretArgs.builder()
.secretType("certificate")
.payloadContentType("text/plain")
.payload(Files.readString(Paths.get(String.format("%s/certificate.pem", path.module()))))
.build());
}
}
resources:
certificate:
type: vkcs:KeymanagerSecret
properties:
secretType: certificate
payloadContentType: text/plain
payload:
fn::readFile: ${path.module}/certificate.pem
Create KeymanagerSecret Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new KeymanagerSecret(name: string, args?: KeymanagerSecretArgs, opts?: CustomResourceOptions);@overload
def KeymanagerSecret(resource_name: str,
args: Optional[KeymanagerSecretArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def KeymanagerSecret(resource_name: str,
opts: Optional[ResourceOptions] = None,
acl: Optional[KeymanagerSecretAclArgs] = None,
algorithm: Optional[str] = None,
bit_length: Optional[float] = None,
expiration: Optional[str] = None,
keymanager_secret_id: Optional[str] = None,
metadata: Optional[Mapping[str, str]] = None,
mode: Optional[str] = None,
name: Optional[str] = None,
payload: Optional[str] = None,
payload_content_encoding: Optional[str] = None,
payload_content_type: Optional[str] = None,
region: Optional[str] = None,
secret_type: Optional[str] = None,
timeouts: Optional[KeymanagerSecretTimeoutsArgs] = None)func NewKeymanagerSecret(ctx *Context, name string, args *KeymanagerSecretArgs, opts ...ResourceOption) (*KeymanagerSecret, error)public KeymanagerSecret(string name, KeymanagerSecretArgs? args = null, CustomResourceOptions? opts = null)
public KeymanagerSecret(String name, KeymanagerSecretArgs args)
public KeymanagerSecret(String name, KeymanagerSecretArgs args, CustomResourceOptions options)
type: vkcs:KeymanagerSecret
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args KeymanagerSecretArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args KeymanagerSecretArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args KeymanagerSecretArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args KeymanagerSecretArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args KeymanagerSecretArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var keymanagerSecretResource = new Vkcs.KeymanagerSecret("keymanagerSecretResource", new()
{
Acl = new Vkcs.Inputs.KeymanagerSecretAclArgs
{
Read = new Vkcs.Inputs.KeymanagerSecretAclReadArgs
{
CreatedAt = "string",
ProjectAccess = false,
UpdatedAt = "string",
Users = new[]
{
"string",
},
},
},
Algorithm = "string",
BitLength = 0,
Expiration = "string",
KeymanagerSecretId = "string",
Metadata =
{
{ "string", "string" },
},
Mode = "string",
Name = "string",
Payload = "string",
PayloadContentEncoding = "string",
PayloadContentType = "string",
Region = "string",
SecretType = "string",
Timeouts = new Vkcs.Inputs.KeymanagerSecretTimeoutsArgs
{
Create = "string",
Delete = "string",
Update = "string",
},
});
example, err := vkcs.NewKeymanagerSecret(ctx, "keymanagerSecretResource", &vkcs.KeymanagerSecretArgs{
Acl: &.KeymanagerSecretAclArgs{
Read: &.KeymanagerSecretAclReadArgs{
CreatedAt: pulumi.String("string"),
ProjectAccess: pulumi.Bool(false),
UpdatedAt: pulumi.String("string"),
Users: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Algorithm: pulumi.String("string"),
BitLength: pulumi.Float64(0),
Expiration: pulumi.String("string"),
KeymanagerSecretId: pulumi.String("string"),
Metadata: pulumi.StringMap{
"string": pulumi.String("string"),
},
Mode: pulumi.String("string"),
Name: pulumi.String("string"),
Payload: pulumi.String("string"),
PayloadContentEncoding: pulumi.String("string"),
PayloadContentType: pulumi.String("string"),
Region: pulumi.String("string"),
SecretType: pulumi.String("string"),
Timeouts: &.KeymanagerSecretTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
Update: pulumi.String("string"),
},
})
var keymanagerSecretResource = new KeymanagerSecret("keymanagerSecretResource", KeymanagerSecretArgs.builder()
.acl(KeymanagerSecretAclArgs.builder()
.read(KeymanagerSecretAclReadArgs.builder()
.createdAt("string")
.projectAccess(false)
.updatedAt("string")
.users("string")
.build())
.build())
.algorithm("string")
.bitLength(0)
.expiration("string")
.keymanagerSecretId("string")
.metadata(Map.of("string", "string"))
.mode("string")
.name("string")
.payload("string")
.payloadContentEncoding("string")
.payloadContentType("string")
.region("string")
.secretType("string")
.timeouts(KeymanagerSecretTimeoutsArgs.builder()
.create("string")
.delete("string")
.update("string")
.build())
.build());
keymanager_secret_resource = vkcs.KeymanagerSecret("keymanagerSecretResource",
acl={
"read": {
"created_at": "string",
"project_access": False,
"updated_at": "string",
"users": ["string"],
},
},
algorithm="string",
bit_length=0,
expiration="string",
keymanager_secret_id="string",
metadata={
"string": "string",
},
mode="string",
name="string",
payload="string",
payload_content_encoding="string",
payload_content_type="string",
region="string",
secret_type="string",
timeouts={
"create": "string",
"delete": "string",
"update": "string",
})
const keymanagerSecretResource = new vkcs.KeymanagerSecret("keymanagerSecretResource", {
acl: {
read: {
createdAt: "string",
projectAccess: false,
updatedAt: "string",
users: ["string"],
},
},
algorithm: "string",
bitLength: 0,
expiration: "string",
keymanagerSecretId: "string",
metadata: {
string: "string",
},
mode: "string",
name: "string",
payload: "string",
payloadContentEncoding: "string",
payloadContentType: "string",
region: "string",
secretType: "string",
timeouts: {
create: "string",
"delete": "string",
update: "string",
},
});
type: vkcs:KeymanagerSecret
properties:
acl:
read:
createdAt: string
projectAccess: false
updatedAt: string
users:
- string
algorithm: string
bitLength: 0
expiration: string
keymanagerSecretId: string
metadata:
string: string
mode: string
name: string
payload: string
payloadContentEncoding: string
payloadContentType: string
region: string
secretType: string
timeouts:
create: string
delete: string
update: string
KeymanagerSecret Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The KeymanagerSecret resource accepts the following input properties:
- Acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - Algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- Bit
Length double - optional number → Metadata provided by a user or system for informational purposes.
- Expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - Keymanager
Secret stringId - string → ID of the resource.
- Metadata Dictionary<string, string>
- optional map of string → Additional Metadata for the secret.
- Mode string
- optional string → Metadata provided by a user or system for informational purposes.
- Name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- Payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- Payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - Payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - Region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - Secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- Timeouts
Keymanager
Secret Timeouts
- Acl
Keymanager
Secret Acl Args - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - Algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- Bit
Length float64 - optional number → Metadata provided by a user or system for informational purposes.
- Expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - Keymanager
Secret stringId - string → ID of the resource.
- Metadata map[string]string
- optional map of string → Additional Metadata for the secret.
- Mode string
- optional string → Metadata provided by a user or system for informational purposes.
- Name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- Payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- Payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - Payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - Region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - Secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- Timeouts
Keymanager
Secret Timeouts Args
- acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm String
- optional string → Metadata provided by a user or system for informational purposes.
- bit
Length Double - optional number → Metadata provided by a user or system for informational purposes.
- expiration String
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret StringId - string → ID of the resource.
- metadata Map<String,String>
- optional map of string → Additional Metadata for the secret.
- mode String
- optional string → Metadata provided by a user or system for informational purposes.
- name String
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload String
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content StringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content StringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region String
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Type String - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- timeouts
Keymanager
Secret Timeouts
- acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- bit
Length number - optional number → Metadata provided by a user or system for informational purposes.
- expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret stringId - string → ID of the resource.
- metadata {[key: string]: string}
- optional map of string → Additional Metadata for the secret.
- mode string
- optional string → Metadata provided by a user or system for informational purposes.
- name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- timeouts
Keymanager
Secret Timeouts
- acl
Keymanager
Secret Acl Args - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm str
- optional string → Metadata provided by a user or system for informational purposes.
- bit_
length float - optional number → Metadata provided by a user or system for informational purposes.
- expiration str
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager_
secret_ strid - string → ID of the resource.
- metadata Mapping[str, str]
- optional map of string → Additional Metadata for the secret.
- mode str
- optional string → Metadata provided by a user or system for informational purposes.
- name str
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload str
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload_
content_ strencoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload_
content_ strtype - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region str
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret_
type str - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- timeouts
Keymanager
Secret Timeouts Args
- acl Property Map
- optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm String
- optional string → Metadata provided by a user or system for informational purposes.
- bit
Length Number - optional number → Metadata provided by a user or system for informational purposes.
- expiration String
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret StringId - string → ID of the resource.
- metadata Map<String>
- optional map of string → Additional Metadata for the secret.
- mode String
- optional string → Metadata provided by a user or system for informational purposes.
- name String
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload String
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content StringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content StringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region String
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Type String - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- timeouts Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the KeymanagerSecret resource produces the following output properties:
- All
Metadata Dictionary<string, string> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Content
Types Dictionary<string, string> - map of string → The map of the content types, assigned on the secret.
- Created
At string - string → The date the secret ACL was created.
- Creator
Id string - string → The creator of the secret.
- Id string
- The provider-assigned unique ID for this managed resource.
- Secret
Ref string - string → The secret reference / where to find the secret.
- Status string
- string → The status of the secret.
- Updated
At string - string → The date the secret ACL was last updated.
- All
Metadata map[string]string - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Content
Types map[string]string - map of string → The map of the content types, assigned on the secret.
- Created
At string - string → The date the secret ACL was created.
- Creator
Id string - string → The creator of the secret.
- Id string
- The provider-assigned unique ID for this managed resource.
- Secret
Ref string - string → The secret reference / where to find the secret.
- Status string
- string → The status of the secret.
- Updated
At string - string → The date the secret ACL was last updated.
- all
Metadata Map<String,String> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- content
Types Map<String,String> - map of string → The map of the content types, assigned on the secret.
- created
At String - string → The date the secret ACL was created.
- creator
Id String - string → The creator of the secret.
- id String
- The provider-assigned unique ID for this managed resource.
- secret
Ref String - string → The secret reference / where to find the secret.
- status String
- string → The status of the secret.
- updated
At String - string → The date the secret ACL was last updated.
- all
Metadata {[key: string]: string} - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- content
Types {[key: string]: string} - map of string → The map of the content types, assigned on the secret.
- created
At string - string → The date the secret ACL was created.
- creator
Id string - string → The creator of the secret.
- id string
- The provider-assigned unique ID for this managed resource.
- secret
Ref string - string → The secret reference / where to find the secret.
- status string
- string → The status of the secret.
- updated
At string - string → The date the secret ACL was last updated.
- all_
metadata Mapping[str, str] - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- content_
types Mapping[str, str] - map of string → The map of the content types, assigned on the secret.
- created_
at str - string → The date the secret ACL was created.
- creator_
id str - string → The creator of the secret.
- id str
- The provider-assigned unique ID for this managed resource.
- secret_
ref str - string → The secret reference / where to find the secret.
- status str
- string → The status of the secret.
- updated_
at str - string → The date the secret ACL was last updated.
- all
Metadata Map<String> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- content
Types Map<String> - map of string → The map of the content types, assigned on the secret.
- created
At String - string → The date the secret ACL was created.
- creator
Id String - string → The creator of the secret.
- id String
- The provider-assigned unique ID for this managed resource.
- secret
Ref String - string → The secret reference / where to find the secret.
- status String
- string → The status of the secret.
- updated
At String - string → The date the secret ACL was last updated.
Look up Existing KeymanagerSecret Resource
Get an existing KeymanagerSecret resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: KeymanagerSecretState, opts?: CustomResourceOptions): KeymanagerSecret@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
acl: Optional[KeymanagerSecretAclArgs] = None,
algorithm: Optional[str] = None,
all_metadata: Optional[Mapping[str, str]] = None,
bit_length: Optional[float] = None,
content_types: Optional[Mapping[str, str]] = None,
created_at: Optional[str] = None,
creator_id: Optional[str] = None,
expiration: Optional[str] = None,
keymanager_secret_id: Optional[str] = None,
metadata: Optional[Mapping[str, str]] = None,
mode: Optional[str] = None,
name: Optional[str] = None,
payload: Optional[str] = None,
payload_content_encoding: Optional[str] = None,
payload_content_type: Optional[str] = None,
region: Optional[str] = None,
secret_ref: Optional[str] = None,
secret_type: Optional[str] = None,
status: Optional[str] = None,
timeouts: Optional[KeymanagerSecretTimeoutsArgs] = None,
updated_at: Optional[str] = None) -> KeymanagerSecretfunc GetKeymanagerSecret(ctx *Context, name string, id IDInput, state *KeymanagerSecretState, opts ...ResourceOption) (*KeymanagerSecret, error)public static KeymanagerSecret Get(string name, Input<string> id, KeymanagerSecretState? state, CustomResourceOptions? opts = null)public static KeymanagerSecret get(String name, Output<String> id, KeymanagerSecretState state, CustomResourceOptions options)resources: _: type: vkcs:KeymanagerSecret get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - Algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- All
Metadata Dictionary<string, string> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Bit
Length double - optional number → Metadata provided by a user or system for informational purposes.
- Content
Types Dictionary<string, string> - map of string → The map of the content types, assigned on the secret.
- Created
At string - string → The date the secret ACL was created.
- Creator
Id string - string → The creator of the secret.
- Expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - Keymanager
Secret stringId - string → ID of the resource.
- Metadata Dictionary<string, string>
- optional map of string → Additional Metadata for the secret.
- Mode string
- optional string → Metadata provided by a user or system for informational purposes.
- Name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- Payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- Payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - Payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - Region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - Secret
Ref string - string → The secret reference / where to find the secret.
- Secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- Status string
- string → The status of the secret.
- Timeouts
Keymanager
Secret Timeouts - Updated
At string - string → The date the secret ACL was last updated.
- Acl
Keymanager
Secret Acl Args - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - Algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- All
Metadata map[string]string - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- Bit
Length float64 - optional number → Metadata provided by a user or system for informational purposes.
- Content
Types map[string]string - map of string → The map of the content types, assigned on the secret.
- Created
At string - string → The date the secret ACL was created.
- Creator
Id string - string → The creator of the secret.
- Expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - Keymanager
Secret stringId - string → ID of the resource.
- Metadata map[string]string
- optional map of string → Additional Metadata for the secret.
- Mode string
- optional string → Metadata provided by a user or system for informational purposes.
- Name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- Payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- Payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - Payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - Region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - Secret
Ref string - string → The secret reference / where to find the secret.
- Secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- Status string
- string → The status of the secret.
- Timeouts
Keymanager
Secret Timeouts Args - Updated
At string - string → The date the secret ACL was last updated.
- acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm String
- optional string → Metadata provided by a user or system for informational purposes.
- all
Metadata Map<String,String> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- bit
Length Double - optional number → Metadata provided by a user or system for informational purposes.
- content
Types Map<String,String> - map of string → The map of the content types, assigned on the secret.
- created
At String - string → The date the secret ACL was created.
- creator
Id String - string → The creator of the secret.
- expiration String
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret StringId - string → ID of the resource.
- metadata Map<String,String>
- optional map of string → Additional Metadata for the secret.
- mode String
- optional string → Metadata provided by a user or system for informational purposes.
- name String
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload String
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content StringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content StringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region String
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Ref String - string → The secret reference / where to find the secret.
- secret
Type String - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- status String
- string → The status of the secret.
- timeouts
Keymanager
Secret Timeouts - updated
At String - string → The date the secret ACL was last updated.
- acl
Keymanager
Secret Acl - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm string
- optional string → Metadata provided by a user or system for informational purposes.
- all
Metadata {[key: string]: string} - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- bit
Length number - optional number → Metadata provided by a user or system for informational purposes.
- content
Types {[key: string]: string} - map of string → The map of the content types, assigned on the secret.
- created
At string - string → The date the secret ACL was created.
- creator
Id string - string → The creator of the secret.
- expiration string
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret stringId - string → ID of the resource.
- metadata {[key: string]: string}
- optional map of string → Additional Metadata for the secret.
- mode string
- optional string → Metadata provided by a user or system for informational purposes.
- name string
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload string
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content stringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content stringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region string
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Ref string - string → The secret reference / where to find the secret.
- secret
Type string - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- status string
- string → The status of the secret.
- timeouts
Keymanager
Secret Timeouts - updated
At string - string → The date the secret ACL was last updated.
- acl
Keymanager
Secret Acl Args - optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm str
- optional string → Metadata provided by a user or system for informational purposes.
- all_
metadata Mapping[str, str] - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- bit_
length float - optional number → Metadata provided by a user or system for informational purposes.
- content_
types Mapping[str, str] - map of string → The map of the content types, assigned on the secret.
- created_
at str - string → The date the secret ACL was created.
- creator_
id str - string → The creator of the secret.
- expiration str
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager_
secret_ strid - string → ID of the resource.
- metadata Mapping[str, str]
- optional map of string → Additional Metadata for the secret.
- mode str
- optional string → Metadata provided by a user or system for informational purposes.
- name str
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload str
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload_
content_ strencoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload_
content_ strtype - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region str
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret_
ref str - string → The secret reference / where to find the secret.
- secret_
type str - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- status str
- string → The status of the secret.
- timeouts
Keymanager
Secret Timeouts Args - updated_
at str - string → The date the secret ACL was last updated.
- acl Property Map
- optional → Allows to control an access to a secret. Currently only the
readoperation is supported. If not specified, the secret is accessible project wide. - algorithm String
- optional string → Metadata provided by a user or system for informational purposes.
- all
Metadata Map<String> - map of string → The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
- bit
Length Number - optional number → Metadata provided by a user or system for informational purposes.
- content
Types Map<String> - map of string → The map of the content types, assigned on the secret.
- created
At String - string → The date the secret ACL was created.
- creator
Id String - string → The creator of the secret.
- expiration String
- optional string → The expiration time of the secret in the RFC3339 timestamp format (e.g.
2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret. - keymanager
Secret StringId - string → ID of the resource.
- metadata Map<String>
- optional map of string → Additional Metadata for the secret.
- mode String
- optional string → Metadata provided by a user or system for informational purposes.
- name String
- optional string → Human-readable name for the Secret. Does not have to be unique.
- payload String
- optional sensitive string → The secret's data to be stored. payload_content_type must also be supplied if payload is included.
- payload
Content StringEncoding - optional string → (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either
base64orbinary. - payload
Content StringType - optional string → (required if payload is included) The media type for the content of the payload. Must be one of
text/plain,text/plain;charset=utf-8,text/plain; charset=utf-8,application/octet-stream,application/pkcs8. - region String
- optional string → The region in which to obtain the KeyManager client. A KeyManager client is needed to create a secret. If omitted, the
regionargument of the provider is used. Changing this creates a new V1 secret. - secret
Ref String - string → The secret reference / where to find the secret.
- secret
Type String - optional string → Used to indicate the type of secret being stored. For more information see Secret types.
- status String
- string → The status of the secret.
- timeouts Property Map
- updated
At String - string → The date the secret ACL was last updated.
Supporting Types
KeymanagerSecretAcl, KeymanagerSecretAclArgs
- Read
Keymanager
Secret Acl Read - optional → Block that describes read operation.
- Read
Keymanager
Secret Acl Read - optional → Block that describes read operation.
- read
Keymanager
Secret Acl Read - optional → Block that describes read operation.
- read
Keymanager
Secret Acl Read - optional → Block that describes read operation.
- read
Keymanager
Secret Acl Read - optional → Block that describes read operation.
- read Property Map
- optional → Block that describes read operation.
KeymanagerSecretAclRead, KeymanagerSecretAclReadArgs
- Created
At string - string → The date the secret ACL was created.
- Project
Access bool - optional boolean → Whether the container is accessible project wide. Defaults to
true. - Updated
At string - string → The date the secret ACL was last updated.
- Users List<string>
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- Created
At string - string → The date the secret ACL was created.
- Project
Access bool - optional boolean → Whether the container is accessible project wide. Defaults to
true. - Updated
At string - string → The date the secret ACL was last updated.
- Users []string
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created
At String - string → The date the secret ACL was created.
- project
Access Boolean - optional boolean → Whether the container is accessible project wide. Defaults to
true. - updated
At String - string → The date the secret ACL was last updated.
- users List<String>
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created
At string - string → The date the secret ACL was created.
- project
Access boolean - optional boolean → Whether the container is accessible project wide. Defaults to
true. - updated
At string - string → The date the secret ACL was last updated.
- users string[]
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created_
at str - string → The date the secret ACL was created.
- project_
access bool - optional boolean → Whether the container is accessible project wide. Defaults to
true. - updated_
at str - string → The date the secret ACL was last updated.
- users Sequence[str]
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
- created
At String - string → The date the secret ACL was created.
- project
Access Boolean - optional boolean → Whether the container is accessible project wide. Defaults to
true. - updated
At String - string → The date the secret ACL was last updated.
- users List<String>
- optional set of string → The list of user IDs, which are allowed to access the container, when
project_accessis set tofalse.
KeymanagerSecretTimeouts, KeymanagerSecretTimeoutsArgs
Import
Secrets can be imported using the secret id (the last part of the secret reference), e.g.:
$ pulumi import vkcs:index/keymanagerSecret:KeymanagerSecret secret_1 8a7a79c2-cf17-4e65-b2ae-ddc8bfcf6c74
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- vkcs vk-cs/terraform-provider-vkcs
- License
- Notes
- This Pulumi package is based on the
vkcsTerraform Provider.