pulumi-alicloud-kotlin/com.pulumi.alicloud.kms.kotlin/SecretArgs

SecretArgs

data class SecretArgs(val description: Output<String>? = null, val dkmsInstanceId: Output<String>? = null, val enableAutomaticRotation: Output<Boolean>? = null, val encryptionKeyId: Output<String>? = null, val extendedConfig: Output<String>? = null, val forceDeleteWithoutRecovery: Output<Boolean>? = null, val recoveryWindowInDays: Output<Int>? = null, val rotationInterval: Output<String>? = null, val secretData: Output<String>? = null, val secretDataType: Output<String>? = null, val secretName: Output<String>? = null, val secretType: Output<String>? = null, val tags: Output<Map<String, Any>>? = null, val versionId: Output<String>? = null, val versionStages: Output<List<String>>? = null) : ConvertibleToJava<SecretArgs>

This resouce used to create a secret and store its initial version.

NOTE: Available in 1.76.0+.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.Secret;
import com.pulumi.alicloud.kms.SecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new Secret("default", SecretArgs.builder()
            .description("from terraform")
            .forceDeleteWithoutRecovery(true)
            .secretData("Secret data.")
            .secretName("secret-foo")
            .versionId("000000000001")
            .build());
    }
}
Content copied to clipboard

Import

KMS secret can be imported using the id, e.g.

$ pulumi import alicloud:kms/secret:Secret default <id>
Content copied to clipboard

Constructors

Link copied to clipboard
fun SecretArgs(description: Output<String>? = null, dkmsInstanceId: Output<String>? = null, enableAutomaticRotation: Output<Boolean>? = null, encryptionKeyId: Output<String>? = null, extendedConfig: Output<String>? = null, forceDeleteWithoutRecovery: Output<Boolean>? = null, recoveryWindowInDays: Output<Int>? = null, rotationInterval: Output<String>? = null, secretData: Output<String>? = null, secretDataType: Output<String>? = null, secretName: Output<String>? = null, secretType: Output<String>? = null, tags: Output<Map<String, Any>>? = null, versionId: Output<String>? = null, versionStages: Output<List<String>>? = null)

Functions

Link copied to clipboard
open override fun toJava(): SecretArgs

Properties

Link copied to clipboard
val description: Output<String>? = null

The description of the secret.

Link copied to clipboard
val dkmsInstanceId: Output<String>? = null

The instance ID of the exclusive KMS instance.

Link copied to clipboard
val enableAutomaticRotation: Output<Boolean>? = null

Whether to enable automatic key rotation.

Link copied to clipboard
val encryptionKeyId: Output<String>? = null

The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.

Link copied to clipboard
val extendedConfig: Output<String>? = null

The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see How to use it.

Link copied to clipboard
val forceDeleteWithoutRecovery: Output<Boolean>? = null

Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.

Link copied to clipboard
val recoveryWindowInDays: Output<Int>? = null

Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when force_delete_without_recovery is true.

Link copied to clipboard
val rotationInterval: Output<String>? = null

The time period of automatic rotation. The format is integerunit, where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.

Link copied to clipboard
val secretData: Output<String>? = null

The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. NOTE: From version 1.204.1, attribute secret_data updating diff will be ignored when secret_type is not Generic.

Link copied to clipboard
val secretDataType: Output<String>? = null

The type of the secret value. Valid values: text, binary. Default to "text".

Link copied to clipboard
val secretName: Output<String>? = null

The name of the secret.

Link copied to clipboard
val secretType: Output<String>? = null

The type of the secret. Valid values:

Link copied to clipboard
val tags: Output<Map<String, Any>>? = null

A mapping of tags to assign to the resource.

Link copied to clipboard
val versionId: Output<String>? = null

The version number of the initial version. Version numbers are unique in each secret object.

Link copied to clipboard
val versionStages: Output<List<String>>? = null

) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".