pulumi-aws-kotlin/com.pulumi.aws.secretsmanager.kotlin/SecretArgs

SecretArgs

data class SecretArgs(val description: Output<String>? = null, val forceOverwriteReplicaSecret: Output<Boolean>? = null, val kmsKeyId: Output<String>? = null, val name: Output<String>? = null, val namePrefix: Output<String>? = null, val policy: Output<String>? = null, val recoveryWindowInDays: Output<Int>? = null, val replicas: Output<List<SecretReplicaArgs>>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<SecretArgs>

Provides a resource to manage AWS Secrets Manager secret metadata. To manage secret rotation, see the aws.secretsmanager.SecretRotation resource. To manage a secret value, see the aws.secretsmanager.SecretVersion resource.

Example Usage

Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.secretsmanager.Secret;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Secret("example");
    }
}

Import

Using pulumi import, import aws_secretsmanager_secret using the secret Amazon Resource Name (ARN). For example:

$ pulumi import aws:secretsmanager/secret:Secret example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456

Constructors

SecretArgs

fun SecretArgs(description: Output<String>? = null, forceOverwriteReplicaSecret: Output<Boolean>? = null, kmsKeyId: Output<String>? = null, name: Output<String>? = null, namePrefix: Output<String>? = null, policy: Output<String>? = null, recoveryWindowInDays: Output<Int>? = null, replicas: Output<List<SecretReplicaArgs>>? = null, tags: Output<Map<String, String>>? = null)

Functions

toJava

open override fun toJava(): SecretArgs

Properties

description

val description: Output<String>? = null

Description of the secret.

forceOverwriteReplicaSecret

val forceOverwriteReplicaSecret: Output<Boolean>? = null

Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.

kmsKeyId

val kmsKeyId: Output<String>? = null

ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named aws/secretsmanager). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.

name

val name: Output<String>? = null

Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: /_+=.@- Conflicts with name_prefix.

namePrefix

val namePrefix: Output<String>? = null

Creates a unique name beginning with the specified prefix. Conflicts with name.

policy

val policy: Output<String>? = null

Valid JSON document representing a resource policy. Removing policy from your configuration or setting policy to null or an empty string (i.e., policy = "") will not delete the policy since it could have been set by aws.secretsmanager.SecretPolicy. To delete the policy, set it to "{}" (an empty JSON document).

recoveryWindowInDays

val recoveryWindowInDays: Output<Int>? = null

Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be 0 to force deletion without recovery or range from 7 to 30 days. The default value is 30.

replicas

val replicas: Output<List<SecretReplicaArgs>>? = null

Configuration block to support secret replication. See details below.