pulumi-aws-kotlin/com.pulumi.aws.secretsmanager.kotlin/SecretArgs

SecretArgs

data class SecretArgs(val description: Output<String>? = null, val forceOverwriteReplicaSecret: Output<Boolean>? = null, val kmsKeyId: Output<String>? = null, val name: Output<String>? = null, val namePrefix: Output<String>? = null, val policy: Output<String>? = null, val recoveryWindowInDays: Output<Int>? = null, val replicas: Output<List<SecretReplicaArgs>>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<SecretArgs>

Provides a resource to manage AWS Secrets Manager secret metadata. To manage secret rotation, see the aws.secretsmanager.SecretRotation resource. To manage a secret value, see the aws.secretsmanager.SecretVersion resource.

Example Usage

Basic

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.secretsmanager.Secret("example", {name: "example"});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.secretsmanager.Secret("example", name="example")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.SecretsManager.Secret("example", new()
    {
        Name = "example",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.NewSecret(ctx, "example", &secretsmanager.SecretArgs{
			Name: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.secretsmanager.Secret;
import com.pulumi.aws.secretsmanager.SecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Secret("example", SecretArgs.builder()
            .name("example")
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:secretsmanager:Secret
    properties:
      name: example
Content copied to clipboard

Import

Using pulumi import, import aws_secretsmanager_secret using the secret Amazon Resource Name (ARN). For example:

$ pulumi import aws:secretsmanager/secret:Secret example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(description: Output<String>? = null, forceOverwriteReplicaSecret: Output<Boolean>? = null, kmsKeyId: Output<String>? = null, name: Output<String>? = null, namePrefix: Output<String>? = null, policy: Output<String>? = null, recoveryWindowInDays: Output<Int>? = null, replicas: Output<List<SecretReplicaArgs>>? = null, tags: Output<Map<String, String>>? = null)

Properties

Link copied to clipboard
val description: Output<String>? = null

Description of the secret.

Link copied to clipboard
val forceOverwriteReplicaSecret: Output<Boolean>? = null

Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.

Link copied to clipboard
val kmsKeyId: Output<String>? = null

ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named aws/secretsmanager). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.

Link copied to clipboard
val name: Output<String>? = null

Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: /_+=.@- Conflicts with name_prefix.

Link copied to clipboard
val namePrefix: Output<String>? = null

Creates a unique name beginning with the specified prefix. Conflicts with name.

Link copied to clipboard
val policy: Output<String>? = null

Valid JSON document representing a resource policy. Removing policy from your configuration or setting policy to null or an empty string (i.e., policy = "") will not delete the policy since it could have been set by aws.secretsmanager.SecretPolicy. To delete the policy, set it to "{}" (an empty JSON document).

Link copied to clipboard
val recoveryWindowInDays: Output<Int>? = null

Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be 0 to force deletion without recovery or range from 7 to 30 days. The default value is 30.

Link copied to clipboard
val replicas: Output<List<SecretReplicaArgs>>? = null

Configuration block to support secret replication. See details below.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

Key-value map of user-defined tags that are attached to the secret. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Functions

Link copied to clipboard
open override fun toJava(): SecretArgs