Secret
Provides a KMS Secret resource. For information about KMS Secret and how to use it, see What is Secret.
NOTE: Available since v1.76.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = new alicloud.kms.Secret("default", {
secretName: name,
secretData: "Secret data",
versionId: "v1",
forceDeleteWithoutRecovery: true,
});import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.kms.Secret("default",
secret_name=name,
secret_data="Secret data",
version_id="v1",
force_delete_without_recovery=True)using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = new AliCloud.Kms.Secret("default", new()
{
SecretName = name,
SecretData = "Secret data",
VersionId = "v1",
ForceDeleteWithoutRecovery = true,
});
});package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_, err := kms.NewSecret(ctx, "default", &kms.SecretArgs{
SecretName: pulumi.String(name),
SecretData: pulumi.String("Secret data"),
VersionId: pulumi.String("v1"),
ForceDeleteWithoutRecovery: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.Secret;
import com.pulumi.alicloud.kms.SecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var default_ = new Secret("default", SecretArgs.builder()
.secretName(name)
.secretData("Secret data")
.versionId("v1")
.forceDeleteWithoutRecovery(true)
.build());
}
}configuration:
name:
type: string
default: terraform-example
resources:
default:
type: alicloud:kms:Secret
properties:
secretName: ${name}
secretData: Secret data
versionId: v1
forceDeleteWithoutRecovery: trueImport
KMS Secret can be imported using the id, e.g.
$ pulumi import alicloud:kms/secret:Secret example <id>Constructors
Properties
The description of the secret.
The ID of the KMS instance.
Specifies whether to enable automatic rotation. Default value: false. Valid values: true, false.
The ID of the KMS key.
The extended configuration of the secret. For more information, see How to use it.
Specifies whether to immediately delete a secret. Default value: false. Valid values: true, false.
The content of the secret policy. The value is in the JSON format. The value can be up to 32,768 bytes in length. For more information, see How to use it.
Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. NOTE: If force_delete_without_recovery is set to true, recovery_window_in_days will be ignored.
The interval for automatic rotation.
The data of the secret. NOTE: From version 1.204.1, attribute secret_data updating diff will be ignored when secret_type is not Generic.
The type of the secret value. Default value: text. Valid values: text, binary.
The name of the secret.
The type of the secret. Valid values:
The stage label that is used to mark the new version.