kms

package
v2.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 18, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Alias 

type Alias struct {
	pulumi.CustomResourceState

	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringOutput `pulumi:"aliasName"`
	// The id of the key.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
}

Create an alias for the master key (CMK).

> **NOTE:** Available in v1.77.0+.

func GetAlias 

func GetAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AliasState, opts ...pulumi.ResourceOption) (*Alias, error)

GetAlias gets an existing Alias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAlias 

func NewAlias(ctx *pulumi.Context,
	name string, args *AliasArgs, opts ...pulumi.ResourceOption) (*Alias, error)

NewAlias registers a new resource with the given unique name, arguments, and options.

type AliasArgs 

type AliasArgs struct {
	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringInput
	// The id of the key.
	KeyId pulumi.StringInput
}

The set of arguments for constructing a Alias resource.

func (AliasArgs) ElementType 

func (AliasArgs) ElementType() reflect.Type

type AliasState 

type AliasState struct {
	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringPtrInput
	// The id of the key.
	KeyId pulumi.StringPtrInput
}

func (AliasState) ElementType 

func (AliasState) ElementType() reflect.Type

type Ciphertext 

type Ciphertext struct {
	pulumi.CustomResourceState

	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob pulumi.StringOutput `pulumi:"ciphertextBlob"`
	// -
	// (Optional, ForceNew) The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapOutput `pulumi:"encryptionContext"`
	// The globally unique ID of the CMK.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringOutput `pulumi:"plaintext"`
}

func GetCiphertext 

func GetCiphertext(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CiphertextState, opts ...pulumi.ResourceOption) (*Ciphertext, error)

GetCiphertext gets an existing Ciphertext resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCiphertext 

func NewCiphertext(ctx *pulumi.Context,
	name string, args *CiphertextArgs, opts ...pulumi.ResourceOption) (*Ciphertext, error)

NewCiphertext registers a new resource with the given unique name, arguments, and options.

type CiphertextArgs 

type CiphertextArgs struct {
	// -
	// (Optional, ForceNew) The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput
	// The globally unique ID of the CMK.
	KeyId pulumi.StringInput
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringInput
}

The set of arguments for constructing a Ciphertext resource.

func (CiphertextArgs) ElementType 

func (CiphertextArgs) ElementType() reflect.Type

type CiphertextState 

type CiphertextState struct {
	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob pulumi.StringPtrInput
	// -
	// (Optional, ForceNew) The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput
	// The globally unique ID of the CMK.
	KeyId pulumi.StringPtrInput
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringPtrInput
}

func (CiphertextState) ElementType 

func (CiphertextState) ElementType() reflect.Type

type GetAliasesAlias added in v2.1.0 

type GetAliasesAlias struct {
	// The unique identifier of the alias.
	AliasName string `pulumi:"aliasName"`
	// ID of the alias. The value is same as KMS alias_name.
	Id string `pulumi:"id"`
	// ID of the key.
	KeyId string `pulumi:"keyId"`
}

type GetAliasesAliasArgs added in v2.1.0 

type GetAliasesAliasArgs struct {
	// The unique identifier of the alias.
	AliasName pulumi.StringInput `pulumi:"aliasName"`
	// ID of the alias. The value is same as KMS alias_name.
	Id pulumi.StringInput `pulumi:"id"`
	// ID of the key.
	KeyId pulumi.StringInput `pulumi:"keyId"`
}

func (GetAliasesAliasArgs) ElementType added in v2.1.0 

func (GetAliasesAliasArgs) ElementType() reflect.Type

func (GetAliasesAliasArgs) ToGetAliasesAliasOutput added in v2.1.0 

func (i GetAliasesAliasArgs) ToGetAliasesAliasOutput() GetAliasesAliasOutput

func (GetAliasesAliasArgs) ToGetAliasesAliasOutputWithContext added in v2.1.0 

func (i GetAliasesAliasArgs) ToGetAliasesAliasOutputWithContext(ctx context.Context) GetAliasesAliasOutput

type GetAliasesAliasArray added in v2.1.0 

type GetAliasesAliasArray []GetAliasesAliasInput

func (GetAliasesAliasArray) ElementType added in v2.1.0 

func (GetAliasesAliasArray) ElementType() reflect.Type

func (GetAliasesAliasArray) ToGetAliasesAliasArrayOutput added in v2.1.0 

func (i GetAliasesAliasArray) ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput

func (GetAliasesAliasArray) ToGetAliasesAliasArrayOutputWithContext added in v2.1.0 

func (i GetAliasesAliasArray) ToGetAliasesAliasArrayOutputWithContext(ctx context.Context) GetAliasesAliasArrayOutput

type GetAliasesAliasArrayInput added in v2.1.0 

type GetAliasesAliasArrayInput interface {
	pulumi.Input

	ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput
	ToGetAliasesAliasArrayOutputWithContext(context.Context) GetAliasesAliasArrayOutput
}

GetAliasesAliasArrayInput is an input type that accepts GetAliasesAliasArray and GetAliasesAliasArrayOutput values. You can construct a concrete instance of `GetAliasesAliasArrayInput` via: 

GetAliasesAliasArray{ GetAliasesAliasArgs{...} }

type GetAliasesAliasArrayOutput added in v2.1.0 

type GetAliasesAliasArrayOutput struct{ *pulumi.OutputState }

func (GetAliasesAliasArrayOutput) ElementType added in v2.1.0 

func (GetAliasesAliasArrayOutput) ElementType() reflect.Type

func (GetAliasesAliasArrayOutput) Index added in v2.1.0 

func (o GetAliasesAliasArrayOutput) Index(i pulumi.IntInput) GetAliasesAliasOutput

func (GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutput added in v2.1.0 

func (o GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput

func (GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutputWithContext added in v2.1.0 

func (o GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutputWithContext(ctx context.Context) GetAliasesAliasArrayOutput

type GetAliasesAliasInput added in v2.1.0 

type GetAliasesAliasInput interface {
	pulumi.Input

	ToGetAliasesAliasOutput() GetAliasesAliasOutput
	ToGetAliasesAliasOutputWithContext(context.Context) GetAliasesAliasOutput
}

GetAliasesAliasInput is an input type that accepts GetAliasesAliasArgs and GetAliasesAliasOutput values. You can construct a concrete instance of `GetAliasesAliasInput` via: 

GetAliasesAliasArgs{...}

type GetAliasesAliasOutput added in v2.1.0 

type GetAliasesAliasOutput struct{ *pulumi.OutputState }

func (GetAliasesAliasOutput) AliasName added in v2.1.0 

func (o GetAliasesAliasOutput) AliasName() pulumi.StringOutput

The unique identifier of the alias.

func (GetAliasesAliasOutput) ElementType added in v2.1.0 

func (GetAliasesAliasOutput) ElementType() reflect.Type

func (GetAliasesAliasOutput) Id added in v2.1.0 

func (o GetAliasesAliasOutput) Id() pulumi.StringOutput

ID of the alias. The value is same as KMS alias_name.

func (GetAliasesAliasOutput) KeyId added in v2.1.0 

func (o GetAliasesAliasOutput) KeyId() pulumi.StringOutput

ID of the key.

func (GetAliasesAliasOutput) ToGetAliasesAliasOutput added in v2.1.0 

func (o GetAliasesAliasOutput) ToGetAliasesAliasOutput() GetAliasesAliasOutput

func (GetAliasesAliasOutput) ToGetAliasesAliasOutputWithContext added in v2.1.0 

func (o GetAliasesAliasOutput) ToGetAliasesAliasOutputWithContext(ctx context.Context) GetAliasesAliasOutput

type GetAliasesArgs added in v2.1.0 

type GetAliasesArgs struct {
	// A list of KMS aliases IDs. The value is same as KMS alias_name.
	Ids []string `pulumi:"ids"`
	// A regex string to filter the results by the KMS alias name.
	NameRegex  *string `pulumi:"nameRegex"`
	OutputFile *string `pulumi:"outputFile"`
}

A collection of arguments for invoking getAliases.

type GetAliasesResult added in v2.1.0 

type GetAliasesResult struct {
	// A list of KMS User alias. Each element contains the following attributes:
	Aliases []GetAliasesAlias `pulumi:"aliases"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of kms aliases IDs. The value is same as KMS alias_name.
	Ids       []string `pulumi:"ids"`
	NameRegex *string  `pulumi:"nameRegex"`
	// A list of KMS alias name.
	Names      []string `pulumi:"names"`
	OutputFile *string  `pulumi:"outputFile"`
}

A collection of values returned by getAliases.

func GetAliases added in v2.1.0 

func GetAliases(ctx *pulumi.Context, args *GetAliasesArgs, opts ...pulumi.InvokeOption) (*GetAliasesResult, error)

This data source provides a list of KMS aliases in an Alibaba Cloud account according to the specified filters.

> **NOTE:** Available in v1.79.0+.

type GetKeysArgs 

type GetKeysArgs struct {
	// A regex string to filter the results by the KMS key description.
	DescriptionRegex *string `pulumi:"descriptionRegex"`
	// A list of KMS key IDs.
	Ids        []string `pulumi:"ids"`
	OutputFile *string  `pulumi:"outputFile"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status *string `pulumi:"status"`
}

A collection of arguments for invoking getKeys.

type GetKeysKey 

type GetKeysKey struct {
	// The Alibaba Cloud Resource Name (ARN) of the key.
	Arn string `pulumi:"arn"`
	// Creation date of key.
	CreationDate string `pulumi:"creationDate"`
	// The owner of the key.
	Creator string `pulumi:"creator"`
	// Deletion date of key.
	DeleteDate string `pulumi:"deleteDate"`
	// Description of the key.
	Description string `pulumi:"description"`
	// ID of the key.
	Id string `pulumi:"id"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status string `pulumi:"status"`
}

type GetKeysKeyArgs 

type GetKeysKeyArgs struct {
	// The Alibaba Cloud Resource Name (ARN) of the key.
	Arn pulumi.StringInput `pulumi:"arn"`
	// Creation date of key.
	CreationDate pulumi.StringInput `pulumi:"creationDate"`
	// The owner of the key.
	Creator pulumi.StringInput `pulumi:"creator"`
	// Deletion date of key.
	DeleteDate pulumi.StringInput `pulumi:"deleteDate"`
	// Description of the key.
	Description pulumi.StringInput `pulumi:"description"`
	// ID of the key.
	Id pulumi.StringInput `pulumi:"id"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status pulumi.StringInput `pulumi:"status"`
}

func (GetKeysKeyArgs) ElementType 

func (GetKeysKeyArgs) ElementType() reflect.Type

func (GetKeysKeyArgs) ToGetKeysKeyOutput 

func (i GetKeysKeyArgs) ToGetKeysKeyOutput() GetKeysKeyOutput

func (GetKeysKeyArgs) ToGetKeysKeyOutputWithContext 

func (i GetKeysKeyArgs) ToGetKeysKeyOutputWithContext(ctx context.Context) GetKeysKeyOutput

type GetKeysKeyArray 

type GetKeysKeyArray []GetKeysKeyInput

func (GetKeysKeyArray) ElementType 

func (GetKeysKeyArray) ElementType() reflect.Type

func (GetKeysKeyArray) ToGetKeysKeyArrayOutput 

func (i GetKeysKeyArray) ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput

func (GetKeysKeyArray) ToGetKeysKeyArrayOutputWithContext 

func (i GetKeysKeyArray) ToGetKeysKeyArrayOutputWithContext(ctx context.Context) GetKeysKeyArrayOutput

type GetKeysKeyArrayInput 

type GetKeysKeyArrayInput interface {
	pulumi.Input

	ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput
	ToGetKeysKeyArrayOutputWithContext(context.Context) GetKeysKeyArrayOutput
}

GetKeysKeyArrayInput is an input type that accepts GetKeysKeyArray and GetKeysKeyArrayOutput values. You can construct a concrete instance of `GetKeysKeyArrayInput` via: 

GetKeysKeyArray{ GetKeysKeyArgs{...} }

type GetKeysKeyArrayOutput 

type GetKeysKeyArrayOutput struct{ *pulumi.OutputState }

func (GetKeysKeyArrayOutput) ElementType 

func (GetKeysKeyArrayOutput) ElementType() reflect.Type

func (GetKeysKeyArrayOutput) Index 

func (o GetKeysKeyArrayOutput) Index(i pulumi.IntInput) GetKeysKeyOutput

func (GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutput 

func (o GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput

func (GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutputWithContext 

func (o GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutputWithContext(ctx context.Context) GetKeysKeyArrayOutput

type GetKeysKeyInput 

type GetKeysKeyInput interface {
	pulumi.Input

	ToGetKeysKeyOutput() GetKeysKeyOutput
	ToGetKeysKeyOutputWithContext(context.Context) GetKeysKeyOutput
}

GetKeysKeyInput is an input type that accepts GetKeysKeyArgs and GetKeysKeyOutput values. You can construct a concrete instance of `GetKeysKeyInput` via: 

GetKeysKeyArgs{...}

type GetKeysKeyOutput 

type GetKeysKeyOutput struct{ *pulumi.OutputState }

func (GetKeysKeyOutput) Arn 

func (o GetKeysKeyOutput) Arn() pulumi.StringOutput

The Alibaba Cloud Resource Name (ARN) of the key.

func (GetKeysKeyOutput) CreationDate 

func (o GetKeysKeyOutput) CreationDate() pulumi.StringOutput

Creation date of key.

func (GetKeysKeyOutput) Creator 

func (o GetKeysKeyOutput) Creator() pulumi.StringOutput

The owner of the key.

func (GetKeysKeyOutput) DeleteDate 

func (o GetKeysKeyOutput) DeleteDate() pulumi.StringOutput

Deletion date of key.

func (GetKeysKeyOutput) Description 

func (o GetKeysKeyOutput) Description() pulumi.StringOutput

Description of the key.

func (GetKeysKeyOutput) ElementType 

func (GetKeysKeyOutput) ElementType() reflect.Type

func (GetKeysKeyOutput) Id 

func (o GetKeysKeyOutput) Id() pulumi.StringOutput

ID of the key.

func (GetKeysKeyOutput) Status 

func (o GetKeysKeyOutput) Status() pulumi.StringOutput

Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.

func (GetKeysKeyOutput) ToGetKeysKeyOutput 

func (o GetKeysKeyOutput) ToGetKeysKeyOutput() GetKeysKeyOutput

func (GetKeysKeyOutput) ToGetKeysKeyOutputWithContext 

func (o GetKeysKeyOutput) ToGetKeysKeyOutputWithContext(ctx context.Context) GetKeysKeyOutput

type GetKeysResult 

type GetKeysResult struct {
	DescriptionRegex *string `pulumi:"descriptionRegex"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of KMS key IDs.
	Ids []string `pulumi:"ids"`
	// A list of KMS keys. Each element contains the following attributes:
	Keys       []GetKeysKey `pulumi:"keys"`
	OutputFile *string      `pulumi:"outputFile"`
	// Status of the key. Possible values: `Enabled`, `Disabled` and `PendingDeletion`.
	Status *string `pulumi:"status"`
}

A collection of values returned by getKeys.

func GetKeys 

func GetKeys(ctx *pulumi.Context, args *GetKeysArgs, opts ...pulumi.InvokeOption) (*GetKeysResult, error)

This data source provides a list of KMS keys in an Alibaba Cloud account according to the specified filters.

type GetPlaintextArgs 

type GetPlaintextArgs struct {
	// The ciphertext to be decrypted.
	CiphertextBlob string `pulumi:"ciphertextBlob"`
	// -
	// (Optional) The Encryption context. If you specify this parameter in the Encrypt or GenerateDataKey API operation, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
}

A collection of arguments for invoking getPlaintext.

type GetPlaintextResult 

type GetPlaintextResult struct {
	CiphertextBlob    string            `pulumi:"ciphertextBlob"`
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The globally unique ID of the CMK. It is the ID of the CMK used to decrypt ciphertext.
	KeyId string `pulumi:"keyId"`
	// The decrypted plaintext.
	Plaintext string `pulumi:"plaintext"`
}

A collection of values returned by getPlaintext.

func GetPlaintext 

func GetPlaintext(ctx *pulumi.Context, args *GetPlaintextArgs, opts ...pulumi.InvokeOption) (*GetPlaintextResult, error)

type Key 

type Key struct {
	pulumi.CustomResourceState

	// The Alicloud Resource Name (ARN) of the key.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Duration in days after which the key is deleted
	// after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.
	DeletionWindowInDays pulumi.IntPtrOutput `pulumi:"deletionWindowInDays"`
	// The description of the key.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Specifies whether the key is enabled. Defaults to true.
	IsEnabled pulumi.BoolPtrOutput `pulumi:"isEnabled"`
	// Specifies the usage of CMK. Currently, default to 'ENCRYPT/DECRYPT', indicating that CMK is used for encryption and decryption.
	KeyUsage pulumi.StringPtrOutput `pulumi:"keyUsage"`
}

A kms key can help user to protect data security in the transmission process.

func GetKey 

func GetKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *KeyState, opts ...pulumi.ResourceOption) (*Key, error)

GetKey gets an existing Key resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKey 

func NewKey(ctx *pulumi.Context,
	name string, args *KeyArgs, opts ...pulumi.ResourceOption) (*Key, error)

NewKey registers a new resource with the given unique name, arguments, and options.

type KeyArgs 

type KeyArgs struct {
	// Duration in days after which the key is deleted
	// after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.
	DeletionWindowInDays pulumi.IntPtrInput
	// The description of the key.
	Description pulumi.StringPtrInput
	// Specifies whether the key is enabled. Defaults to true.
	IsEnabled pulumi.BoolPtrInput
	// Specifies the usage of CMK. Currently, default to 'ENCRYPT/DECRYPT', indicating that CMK is used for encryption and decryption.
	KeyUsage pulumi.StringPtrInput
}

The set of arguments for constructing a Key resource.

func (KeyArgs) ElementType 

func (KeyArgs) ElementType() reflect.Type

type KeyState 

type KeyState struct {
	// The Alicloud Resource Name (ARN) of the key.
	Arn pulumi.StringPtrInput
	// Duration in days after which the key is deleted
	// after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days.
	DeletionWindowInDays pulumi.IntPtrInput
	// The description of the key.
	Description pulumi.StringPtrInput
	// Specifies whether the key is enabled. Defaults to true.
	IsEnabled pulumi.BoolPtrInput
	// Specifies the usage of CMK. Currently, default to 'ENCRYPT/DECRYPT', indicating that CMK is used for encryption and decryption.
	KeyUsage pulumi.StringPtrInput
}

func (KeyState) ElementType 

func (KeyState) ElementType() reflect.Type

type LookupCiphertextArgs 

type LookupCiphertextArgs struct {
	// -
	// (Optional) The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The globally unique ID of the CMK.
	KeyId string `pulumi:"keyId"`
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext string `pulumi:"plaintext"`
}

A collection of arguments for invoking getCiphertext.

type LookupCiphertextResult 

type LookupCiphertextResult struct {
	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob    string            `pulumi:"ciphertextBlob"`
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The provider-assigned unique ID for this managed resource.
	Id        string `pulumi:"id"`
	KeyId     string `pulumi:"keyId"`
	Plaintext string `pulumi:"plaintext"`
}

A collection of values returned by getCiphertext.

func LookupCiphertext 

func LookupCiphertext(ctx *pulumi.Context, args *LookupCiphertextArgs, opts ...pulumi.InvokeOption) (*LookupCiphertextResult, error)

type Secret 

type Secret struct {
	pulumi.CustomResourceState

	// The Alicloud Resource Name (ARN) of the secret.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The description of the secret.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrOutput `pulumi:"encryptionKeyId"`
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrOutput `pulumi:"forceDeleteWithoutRecovery"`
	// The time when the secret is scheduled to be deleted.
	PlannedDeleteTime pulumi.StringOutput `pulumi:"plannedDeleteTime"`
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrOutput `pulumi:"recoveryWindowInDays"`
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version.
	SecretData pulumi.StringOutput `pulumi:"secretData"`
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrOutput `pulumi:"secretDataType"`
	// The name of the secret.
	SecretName pulumi.StringOutput `pulumi:"secretName"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapOutput `pulumi:"tags"`
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringOutput `pulumi:"versionId"`
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayOutput `pulumi:"versionStages"`
}

This resouce used to create a secret and store its initial version.

> **NOTE:** Available in 1.76.0+.

func GetSecret 

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret 

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

type SecretArgs 

type SecretArgs struct {
	// The description of the secret.
	Description pulumi.StringPtrInput
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrInput
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrInput
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrInput
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version.
	SecretData pulumi.StringInput
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrInput
	// The name of the secret.
	SecretName pulumi.StringInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringInput
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType 

func (SecretArgs) ElementType() reflect.Type

type SecretState 

type SecretState struct {
	// The Alicloud Resource Name (ARN) of the secret.
	Arn pulumi.StringPtrInput
	// The description of the secret.
	Description pulumi.StringPtrInput
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrInput
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrInput
	// The time when the secret is scheduled to be deleted.
	PlannedDeleteTime pulumi.StringPtrInput
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrInput
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version.
	SecretData pulumi.StringPtrInput
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrInput
	// The name of the secret.
	SecretName pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringPtrInput
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayInput
}

func (SecretState) ElementType 

func (SecretState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.