pulumi-kubernetes-kotlin/com.pulumi.kubernetes.core.v1.kotlin.inputs/SecretArgs

SecretArgs

data class SecretArgs(val apiVersion: Output<String>? = null, val data: Output<Map<String, String>>? = null, val immutable: Output<Boolean>? = null, val kind: Output<String>? = null, val metadata: Output<ObjectMetaArgs>? = null, val stringData: Output<Map<String, String>>? = null, val type: Output<String>? = null) : ConvertibleToJava<SecretArgs>

Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes. Note: While Pulumi automatically encrypts the 'data' and 'stringData' fields, this encryption only applies to Pulumi's context, including the state file, the Service, the CLI, etc. Kubernetes does not encrypt Secret resources by default, and the contents are visible to users with access to the Secret in Kubernetes using tools like 'kubectl'. For more information on securing Kubernetes Secrets, see the following links: https://kubernetes.io/docs/concepts/configuration/secret/#security-properties https://kubernetes.io/docs/concepts/configuration/secret/#risks

Constructors

Link copied to clipboard
fun SecretArgs(apiVersion: Output<String>? = null, data: Output<Map<String, String>>? = null, immutable: Output<Boolean>? = null, kind: Output<String>? = null, metadata: Output<ObjectMetaArgs>? = null, stringData: Output<Map<String, String>>? = null, type: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): SecretArgs

Properties

Link copied to clipboard
val apiVersion: Output<String>? = null

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

Link copied to clipboard
val data: Output<Map<String, String>>? = null

Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4

Link copied to clipboard
val immutable: Output<Boolean>? = null

Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil.

Link copied to clipboard
val kind: Output<String>? = null

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

Link copied to clipboard
val metadata: Output<ObjectMetaArgs>? = null

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

Link copied to clipboard
val stringData: Output<Map<String, String>>? = null

stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API.

Link copied to clipboard
val type: Output<String>? = null

Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types