pulumi-alicloud-kotlin/com.pulumi.alicloud.kms.kotlin/Secret

Secret

class Secret : KotlinCustomResource

This resouce used to create a secret and store its initial version.

NOTE: Available in 1.76.0+.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.Secret;
import com.pulumi.alicloud.kms.SecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new Secret("default", SecretArgs.builder()
            .description("from terraform")
            .forceDeleteWithoutRecovery(true)
            .secretData("Secret data.")
            .secretName("secret-foo")
            .versionId("000000000001")
            .build());
    }
}

Import

KMS secret can be imported using the id, e.g.

$ pulumi import alicloud:kms/secret:Secret default <id>

Properties

arn

val arn: Output<String>

The Alicloud Resource Name (ARN) of the secret.

description

val description: Output<String>?

The description of the secret.

dkmsInstanceId

val dkmsInstanceId: Output<String>?

The instance ID of the exclusive KMS instance.

enableAutomaticRotation

val enableAutomaticRotation: Output<Boolean>?

Whether to enable automatic key rotation.

encryptionKeyId

val encryptionKeyId: Output<String>?

The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.

extendedConfig

val extendedConfig: Output<String>?

The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see How to use it.

forceDeleteWithoutRecovery

val forceDeleteWithoutRecovery: Output<Boolean>?

Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.

val id: Output<String>

plannedDeleteTime

val plannedDeleteTime: Output<String>

The time when the secret is scheduled to be deleted.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

recoveryWindowInDays

val recoveryWindowInDays: Output<Int>?

Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when force_delete_without_recovery is true.

rotationInterval

val rotationInterval: Output<String>?

The time period of automatic rotation. The format is integerunit, where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.

secretData

val secretData: Output<String>

The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. NOTE: From version 1.204.1, attribute secret_data updating diff will be ignored when secret_type is not Generic.

secretDataType

val secretDataType: Output<String>?

The type of the secret value. Valid values: text, binary. Default to "text".

secretName

val secretName: Output<String>

The name of the secret.

secretType

val secretType: Output<String>

The type of the secret. Valid values: