pulumi-aws-kotlin/com.pulumi.aws.secretsmanager.kotlin/SecretVersionArgs

SecretVersionArgs

data class SecretVersionArgs(val secretBinary: Output<String>? = null, val secretId: Output<String>? = null, val secretString: Output<String>? = null, val versionStages: Output<List<String>>? = null) : ConvertibleToJava<SecretVersionArgs>

Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the aws.secretsmanager.Secret resource.

NOTE: If the AWSCURRENT staging label is present on this version during resource deletion, that label cannot be removed and will be skipped to prevent errors when fully deleting the secret. That label will leave this secret version active even after the resource is deleted from this provider unless the secret itself is deleted. Move the AWSCURRENT staging label before or after deleting this resource from this provider to fully trigger version deprecation if necessary.

Example Usage

Simple String Value

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.secretsmanager.SecretVersion;
import com.pulumi.aws.secretsmanager.SecretVersionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new SecretVersion("example", SecretVersionArgs.builder()
            .secretId(aws_secretsmanager_secret.example().id())
            .secretString("example-string-to-protect")
            .build());
    }
}
Content copied to clipboard

Import

aws_secretsmanager_secret_version can be imported by using the secret ID and version ID, e.g.,

$ pulumi import aws:secretsmanager/secretVersion:SecretVersion example 'arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456|xxxxx-xxxxxxx-xxxxxxx-xxxxx'
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(secretBinary: Output<String>? = null, secretId: Output<String>? = null, secretString: Output<String>? = null, versionStages: Output<List<String>>? = null)

Properties

Link copied to clipboard
val secretBinary: Output<String>? = null

Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.

Link copied to clipboard
val secretId: Output<String>? = null

Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.

Link copied to clipboard
val secretString: Output<String>? = null

Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.

Link copied to clipboard
val versionStages: Output<List<String>>? = null

Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label AWSCURRENT to this new version on creation.

Functions

Link copied to clipboard
open override fun toJava(): SecretVersionArgs