secretsmanager

package
v3.30.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 24, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetSecretRotationRotationRule

type GetSecretRotationRotationRule struct {
	AutomaticallyAfterDays int `pulumi:"automaticallyAfterDays"`
}

type GetSecretRotationRotationRuleArgs

type GetSecretRotationRotationRuleArgs struct {
	AutomaticallyAfterDays pulumi.IntInput `pulumi:"automaticallyAfterDays"`
}

func (GetSecretRotationRotationRuleArgs) ElementType

func (GetSecretRotationRotationRuleArgs) ToGetSecretRotationRotationRuleOutput

func (i GetSecretRotationRotationRuleArgs) ToGetSecretRotationRotationRuleOutput() GetSecretRotationRotationRuleOutput

func (GetSecretRotationRotationRuleArgs) ToGetSecretRotationRotationRuleOutputWithContext

func (i GetSecretRotationRotationRuleArgs) ToGetSecretRotationRotationRuleOutputWithContext(ctx context.Context) GetSecretRotationRotationRuleOutput

type GetSecretRotationRotationRuleArray

type GetSecretRotationRotationRuleArray []GetSecretRotationRotationRuleInput

func (GetSecretRotationRotationRuleArray) ElementType

func (GetSecretRotationRotationRuleArray) ToGetSecretRotationRotationRuleArrayOutput

func (i GetSecretRotationRotationRuleArray) ToGetSecretRotationRotationRuleArrayOutput() GetSecretRotationRotationRuleArrayOutput

func (GetSecretRotationRotationRuleArray) ToGetSecretRotationRotationRuleArrayOutputWithContext

func (i GetSecretRotationRotationRuleArray) ToGetSecretRotationRotationRuleArrayOutputWithContext(ctx context.Context) GetSecretRotationRotationRuleArrayOutput

type GetSecretRotationRotationRuleArrayInput

type GetSecretRotationRotationRuleArrayInput interface {
	pulumi.Input

	ToGetSecretRotationRotationRuleArrayOutput() GetSecretRotationRotationRuleArrayOutput
	ToGetSecretRotationRotationRuleArrayOutputWithContext(context.Context) GetSecretRotationRotationRuleArrayOutput
}

GetSecretRotationRotationRuleArrayInput is an input type that accepts GetSecretRotationRotationRuleArray and GetSecretRotationRotationRuleArrayOutput values. You can construct a concrete instance of `GetSecretRotationRotationRuleArrayInput` via:

GetSecretRotationRotationRuleArray{ GetSecretRotationRotationRuleArgs{...} }

type GetSecretRotationRotationRuleArrayOutput

type GetSecretRotationRotationRuleArrayOutput struct{ *pulumi.OutputState }

func (GetSecretRotationRotationRuleArrayOutput) ElementType

func (GetSecretRotationRotationRuleArrayOutput) Index

func (GetSecretRotationRotationRuleArrayOutput) ToGetSecretRotationRotationRuleArrayOutput

func (o GetSecretRotationRotationRuleArrayOutput) ToGetSecretRotationRotationRuleArrayOutput() GetSecretRotationRotationRuleArrayOutput

func (GetSecretRotationRotationRuleArrayOutput) ToGetSecretRotationRotationRuleArrayOutputWithContext

func (o GetSecretRotationRotationRuleArrayOutput) ToGetSecretRotationRotationRuleArrayOutputWithContext(ctx context.Context) GetSecretRotationRotationRuleArrayOutput

type GetSecretRotationRotationRuleInput

type GetSecretRotationRotationRuleInput interface {
	pulumi.Input

	ToGetSecretRotationRotationRuleOutput() GetSecretRotationRotationRuleOutput
	ToGetSecretRotationRotationRuleOutputWithContext(context.Context) GetSecretRotationRotationRuleOutput
}

GetSecretRotationRotationRuleInput is an input type that accepts GetSecretRotationRotationRuleArgs and GetSecretRotationRotationRuleOutput values. You can construct a concrete instance of `GetSecretRotationRotationRuleInput` via:

GetSecretRotationRotationRuleArgs{...}

type GetSecretRotationRotationRuleOutput

type GetSecretRotationRotationRuleOutput struct{ *pulumi.OutputState }

func (GetSecretRotationRotationRuleOutput) AutomaticallyAfterDays

func (o GetSecretRotationRotationRuleOutput) AutomaticallyAfterDays() pulumi.IntOutput

func (GetSecretRotationRotationRuleOutput) ElementType

func (GetSecretRotationRotationRuleOutput) ToGetSecretRotationRotationRuleOutput

func (o GetSecretRotationRotationRuleOutput) ToGetSecretRotationRotationRuleOutput() GetSecretRotationRotationRuleOutput

func (GetSecretRotationRotationRuleOutput) ToGetSecretRotationRotationRuleOutputWithContext

func (o GetSecretRotationRotationRuleOutput) ToGetSecretRotationRotationRuleOutputWithContext(ctx context.Context) GetSecretRotationRotationRuleOutput

type GetSecretRotationRule

type GetSecretRotationRule struct {
	AutomaticallyAfterDays int `pulumi:"automaticallyAfterDays"`
}

type GetSecretRotationRuleArgs

type GetSecretRotationRuleArgs struct {
	AutomaticallyAfterDays pulumi.IntInput `pulumi:"automaticallyAfterDays"`
}

func (GetSecretRotationRuleArgs) ElementType

func (GetSecretRotationRuleArgs) ElementType() reflect.Type

func (GetSecretRotationRuleArgs) ToGetSecretRotationRuleOutput

func (i GetSecretRotationRuleArgs) ToGetSecretRotationRuleOutput() GetSecretRotationRuleOutput

func (GetSecretRotationRuleArgs) ToGetSecretRotationRuleOutputWithContext

func (i GetSecretRotationRuleArgs) ToGetSecretRotationRuleOutputWithContext(ctx context.Context) GetSecretRotationRuleOutput

type GetSecretRotationRuleArray

type GetSecretRotationRuleArray []GetSecretRotationRuleInput

func (GetSecretRotationRuleArray) ElementType

func (GetSecretRotationRuleArray) ElementType() reflect.Type

func (GetSecretRotationRuleArray) ToGetSecretRotationRuleArrayOutput

func (i GetSecretRotationRuleArray) ToGetSecretRotationRuleArrayOutput() GetSecretRotationRuleArrayOutput

func (GetSecretRotationRuleArray) ToGetSecretRotationRuleArrayOutputWithContext

func (i GetSecretRotationRuleArray) ToGetSecretRotationRuleArrayOutputWithContext(ctx context.Context) GetSecretRotationRuleArrayOutput

type GetSecretRotationRuleArrayInput

type GetSecretRotationRuleArrayInput interface {
	pulumi.Input

	ToGetSecretRotationRuleArrayOutput() GetSecretRotationRuleArrayOutput
	ToGetSecretRotationRuleArrayOutputWithContext(context.Context) GetSecretRotationRuleArrayOutput
}

GetSecretRotationRuleArrayInput is an input type that accepts GetSecretRotationRuleArray and GetSecretRotationRuleArrayOutput values. You can construct a concrete instance of `GetSecretRotationRuleArrayInput` via:

GetSecretRotationRuleArray{ GetSecretRotationRuleArgs{...} }

type GetSecretRotationRuleArrayOutput

type GetSecretRotationRuleArrayOutput struct{ *pulumi.OutputState }

func (GetSecretRotationRuleArrayOutput) ElementType

func (GetSecretRotationRuleArrayOutput) Index

func (GetSecretRotationRuleArrayOutput) ToGetSecretRotationRuleArrayOutput

func (o GetSecretRotationRuleArrayOutput) ToGetSecretRotationRuleArrayOutput() GetSecretRotationRuleArrayOutput

func (GetSecretRotationRuleArrayOutput) ToGetSecretRotationRuleArrayOutputWithContext

func (o GetSecretRotationRuleArrayOutput) ToGetSecretRotationRuleArrayOutputWithContext(ctx context.Context) GetSecretRotationRuleArrayOutput

type GetSecretRotationRuleInput

type GetSecretRotationRuleInput interface {
	pulumi.Input

	ToGetSecretRotationRuleOutput() GetSecretRotationRuleOutput
	ToGetSecretRotationRuleOutputWithContext(context.Context) GetSecretRotationRuleOutput
}

GetSecretRotationRuleInput is an input type that accepts GetSecretRotationRuleArgs and GetSecretRotationRuleOutput values. You can construct a concrete instance of `GetSecretRotationRuleInput` via:

GetSecretRotationRuleArgs{...}

type GetSecretRotationRuleOutput

type GetSecretRotationRuleOutput struct{ *pulumi.OutputState }

func (GetSecretRotationRuleOutput) AutomaticallyAfterDays

func (o GetSecretRotationRuleOutput) AutomaticallyAfterDays() pulumi.IntOutput

func (GetSecretRotationRuleOutput) ElementType

func (GetSecretRotationRuleOutput) ToGetSecretRotationRuleOutput

func (o GetSecretRotationRuleOutput) ToGetSecretRotationRuleOutput() GetSecretRotationRuleOutput

func (GetSecretRotationRuleOutput) ToGetSecretRotationRuleOutputWithContext

func (o GetSecretRotationRuleOutput) ToGetSecretRotationRuleOutputWithContext(ctx context.Context) GetSecretRotationRuleOutput

type LookupSecretArgs

type LookupSecretArgs struct {
	// The Amazon Resource Name (ARN) of the secret to retrieve.
	Arn *string `pulumi:"arn"`
	// The name of the secret to retrieve.
	Name *string `pulumi:"name"`
}

A collection of arguments for invoking getSecret.

type LookupSecretResult

type LookupSecretResult struct {
	// The Amazon Resource Name (ARN) of the secret.
	Arn string `pulumi:"arn"`
	// A description of the secret.
	Description string `pulumi:"description"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
	KmsKeyId string `pulumi:"kmsKeyId"`
	Name     string `pulumi:"name"`
	// The resource-based policy document that's attached to the secret.
	Policy string `pulumi:"policy"`
	// Whether rotation is enabled or not.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation data source instead
	RotationEnabled bool `pulumi:"rotationEnabled"`
	// Rotation Lambda function Amazon Resource Name (ARN) if rotation is enabled.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation data source instead
	RotationLambdaArn string `pulumi:"rotationLambdaArn"`
	// Rotation rules if rotation is enabled.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation data source instead
	RotationRules []GetSecretRotationRule `pulumi:"rotationRules"`
	// Tags of the secret.
	Tags map[string]string `pulumi:"tags"`
}

A collection of values returned by getSecret.

func LookupSecret

func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error)

Retrieve metadata information about a Secrets Manager secret. To retrieve a secret value, see the `secretsmanager.SecretVersion`.

## Example Usage ### ARN

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456"
		_, err := secretsmanager.LookupSecret(ctx, &secretsmanager.LookupSecretArgs{
			Arn: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Name

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "example"
		_, err := secretsmanager.LookupSecret(ctx, &secretsmanager.LookupSecretArgs{
			Name: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretRotationArgs

type LookupSecretRotationArgs struct {
	// Specifies the secret containing the version that you want to retrieve. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.
	SecretId string `pulumi:"secretId"`
}

A collection of arguments for invoking getSecretRotation.

type LookupSecretRotationResult

type LookupSecretRotationResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The ARN of the secret.
	RotationEnabled bool `pulumi:"rotationEnabled"`
	// The decrypted part of the protected secret information that was originally provided as a string.
	RotationLambdaArn string `pulumi:"rotationLambdaArn"`
	// The decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.
	RotationRules []GetSecretRotationRotationRule `pulumi:"rotationRules"`
	SecretId      string                          `pulumi:"secretId"`
}

A collection of values returned by getSecretRotation.

func LookupSecretRotation

func LookupSecretRotation(ctx *pulumi.Context, args *LookupSecretRotationArgs, opts ...pulumi.InvokeOption) (*LookupSecretRotationResult, error)

Retrieve information about a Secrets Manager secret rotation. To retrieve secret metadata, see the [`secretsmanager.Secret` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret.html). To retrieve a secret value, see the [`secretsmanager.SecretVersion` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret_version.html).

## Example Usage ### Retrieve Secret Rotation Configuration

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.LookupSecretRotation(ctx, &secretsmanager.LookupSecretRotationArgs{
			SecretId: data.Aws_secretsmanager_secret.Example.Id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretVersionArgs

type LookupSecretVersionArgs struct {
	// Specifies the secret containing the version that you want to retrieve. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.
	SecretId string `pulumi:"secretId"`
	// Specifies the unique identifier of the version of the secret that you want to retrieve. Overrides `versionStage`.
	VersionId *string `pulumi:"versionId"`
	// Specifies the secret version that you want to retrieve by the staging label attached to the version. Defaults to `AWSCURRENT`.
	VersionStage *string `pulumi:"versionStage"`
}

A collection of arguments for invoking getSecretVersion.

type LookupSecretVersionResult

type LookupSecretVersionResult struct {
	// The ARN of the secret.
	Arn string `pulumi:"arn"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.
	SecretBinary string `pulumi:"secretBinary"`
	SecretId     string `pulumi:"secretId"`
	// The decrypted part of the protected secret information that was originally provided as a string.
	SecretString string `pulumi:"secretString"`
	// The unique identifier of this version of the secret.
	VersionId     string   `pulumi:"versionId"`
	VersionStage  *string  `pulumi:"versionStage"`
	VersionStages []string `pulumi:"versionStages"`
}

A collection of values returned by getSecretVersion.

func LookupSecretVersion

func LookupSecretVersion(ctx *pulumi.Context, args *LookupSecretVersionArgs, opts ...pulumi.InvokeOption) (*LookupSecretVersionResult, error)

Retrieve information about a Secrets Manager secret version, including its secret value. To retrieve secret metadata, see the `secretsmanager.Secret` data source.

## Example Usage ### Retrieve Current Secret Version

By default, this data sources retrieves information based on the `AWSCURRENT` staging label.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.LookupSecretVersion(ctx, &secretsmanager.LookupSecretVersionArgs{
			SecretId: data.Aws_secretsmanager_secret.Example.Id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Retrieve Specific Secret Version

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		opt0 := "example"
		_, err := secretsmanager.LookupSecretVersion(ctx, &secretsmanager.LookupSecretVersionArgs{
			SecretId:     data.Aws_secretsmanager_secret.Example.Id,
			VersionStage: &opt0,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type Secret

type Secret struct {
	pulumi.CustomResourceState

	// Amazon Resource Name (ARN) of the secret.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// A description of the secret.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Specifies the ARN or Id of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
	KmsKeyId pulumi.StringPtrOutput `pulumi:"kmsKeyId"`
	// Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `namePrefix`.
	Name pulumi.StringOutput `pulumi:"name"`
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringOutput `pulumi:"namePrefix"`
	// A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).
	Policy pulumi.StringOutput `pulumi:"policy"`
	// Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
	RecoveryWindowInDays pulumi.IntPtrOutput `pulumi:"recoveryWindowInDays"`
	// Specifies whether automatic rotation is enabled for this secret.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationEnabled pulumi.BoolOutput `pulumi:"rotationEnabled"`
	// Specifies the ARN of the Lambda function that can rotate the secret. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationLambdaArn pulumi.StringOutput `pulumi:"rotationLambdaArn"`
	// A structure that defines the rotation configuration for this secret. Defined below. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationRules SecretRotationRulesOutput `pulumi:"rotationRules"`
	// Specifies a key-value map of user-defined tags that are attached to the secret.
	Tags pulumi.StringMapOutput `pulumi:"tags"`
}

Provides a resource to manage AWS Secrets Manager secret metadata. To manage secret rotation, see the `secretsmanager.SecretRotation` resource. To manage a secret value, see the `secretsmanager.SecretVersion` resource.

## Example Usage ### Basic

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.NewSecret(ctx, "example", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Rotation Configuration

To enable automatic secret rotation, the Secrets Manager service requires usage of a Lambda function. The [Rotate Secrets section in the Secrets Manager User Guide](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) provides additional information about deploying a prebuilt Lambda functions for supported credential rotation (e.g. RDS) or deploying a custom Lambda function.

> **NOTE:** Configuring rotation causes the secret to rotate once as soon as you store the secret. Before you do this, you must ensure that all of your applications that use the credentials stored in the secret are updated to retrieve the secret from AWS Secrets Manager. The old credentials might no longer be usable after the initial rotation and any applications that you fail to update will break as soon as the old credentials are no longer valid.

> **NOTE:** If you cancel a rotation that is in progress (by removing the `rotation` configuration), it can leave the VersionStage labels in an unexpected state. Depending on what step of the rotation was in progress, you might need to remove the staging label AWSPENDING from the partially created version, specified by the SecretVersionId response value. You should also evaluate the partially rotated new version to see if it should be deleted, which you can do by removing all staging labels from the new version's VersionStage field.

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.NewSecret(ctx, "rotation_example", &secretsmanager.SecretArgs{
			RotationLambdaArn: pulumi.Any(aws_lambda_function.Example.Arn),
			RotationRules: &secretsmanager.SecretRotationRulesArgs{
				AutomaticallyAfterDays: pulumi.Int(7),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

`aws_secretsmanager_secret` can be imported by using the secret Amazon Resource Name (ARN), e.g.

```sh

$ pulumi import aws:secretsmanager/secret:Secret example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456

```

func GetSecret

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ElementType added in v3.13.0

func (*Secret) ElementType() reflect.Type

func (*Secret) ToSecretOutput added in v3.13.0

func (i *Secret) ToSecretOutput() SecretOutput

func (*Secret) ToSecretOutputWithContext added in v3.13.0

func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput

func (*Secret) ToSecretPtrOutput added in v3.25.0

func (i *Secret) ToSecretPtrOutput() SecretPtrOutput

func (*Secret) ToSecretPtrOutputWithContext added in v3.25.0

func (i *Secret) ToSecretPtrOutputWithContext(ctx context.Context) SecretPtrOutput

type SecretArgs

type SecretArgs struct {
	// A description of the secret.
	Description pulumi.StringPtrInput
	// Specifies the ARN or Id of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
	KmsKeyId pulumi.StringPtrInput
	// Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `namePrefix`.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).
	Policy pulumi.StringPtrInput
	// Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
	RecoveryWindowInDays pulumi.IntPtrInput
	// Specifies the ARN of the Lambda function that can rotate the secret. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationLambdaArn pulumi.StringPtrInput
	// A structure that defines the rotation configuration for this secret. Defined below. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationRules SecretRotationRulesPtrInput
	// Specifies a key-value map of user-defined tags that are attached to the secret.
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType

func (SecretArgs) ElementType() reflect.Type

type SecretArray added in v3.25.0

type SecretArray []SecretInput

func (SecretArray) ElementType added in v3.25.0

func (SecretArray) ElementType() reflect.Type

func (SecretArray) ToSecretArrayOutput added in v3.25.0

func (i SecretArray) ToSecretArrayOutput() SecretArrayOutput

func (SecretArray) ToSecretArrayOutputWithContext added in v3.25.0

func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretArrayInput added in v3.25.0

type SecretArrayInput interface {
	pulumi.Input

	ToSecretArrayOutput() SecretArrayOutput
	ToSecretArrayOutputWithContext(context.Context) SecretArrayOutput
}

SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. You can construct a concrete instance of `SecretArrayInput` via:

SecretArray{ SecretArgs{...} }

type SecretArrayOutput added in v3.25.0

type SecretArrayOutput struct{ *pulumi.OutputState }

func (SecretArrayOutput) ElementType added in v3.25.0

func (SecretArrayOutput) ElementType() reflect.Type

func (SecretArrayOutput) Index added in v3.25.0

func (SecretArrayOutput) ToSecretArrayOutput added in v3.25.0

func (o SecretArrayOutput) ToSecretArrayOutput() SecretArrayOutput

func (SecretArrayOutput) ToSecretArrayOutputWithContext added in v3.25.0

func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretInput added in v3.13.0

type SecretInput interface {
	pulumi.Input

	ToSecretOutput() SecretOutput
	ToSecretOutputWithContext(ctx context.Context) SecretOutput
}

type SecretMap added in v3.25.0

type SecretMap map[string]SecretInput

func (SecretMap) ElementType added in v3.25.0

func (SecretMap) ElementType() reflect.Type

func (SecretMap) ToSecretMapOutput added in v3.25.0

func (i SecretMap) ToSecretMapOutput() SecretMapOutput

func (SecretMap) ToSecretMapOutputWithContext added in v3.25.0

func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretMapInput added in v3.25.0

type SecretMapInput interface {
	pulumi.Input

	ToSecretMapOutput() SecretMapOutput
	ToSecretMapOutputWithContext(context.Context) SecretMapOutput
}

SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. You can construct a concrete instance of `SecretMapInput` via:

SecretMap{ "key": SecretArgs{...} }

type SecretMapOutput added in v3.25.0

type SecretMapOutput struct{ *pulumi.OutputState }

func (SecretMapOutput) ElementType added in v3.25.0

func (SecretMapOutput) ElementType() reflect.Type

func (SecretMapOutput) MapIndex added in v3.25.0

func (SecretMapOutput) ToSecretMapOutput added in v3.25.0

func (o SecretMapOutput) ToSecretMapOutput() SecretMapOutput

func (SecretMapOutput) ToSecretMapOutputWithContext added in v3.25.0

func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretOutput added in v3.13.0

type SecretOutput struct {
	*pulumi.OutputState
}

func (SecretOutput) ElementType added in v3.13.0

func (SecretOutput) ElementType() reflect.Type

func (SecretOutput) ToSecretOutput added in v3.13.0

func (o SecretOutput) ToSecretOutput() SecretOutput

func (SecretOutput) ToSecretOutputWithContext added in v3.13.0

func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutput

func (SecretOutput) ToSecretPtrOutput added in v3.25.0

func (o SecretOutput) ToSecretPtrOutput() SecretPtrOutput

func (SecretOutput) ToSecretPtrOutputWithContext added in v3.25.0

func (o SecretOutput) ToSecretPtrOutputWithContext(ctx context.Context) SecretPtrOutput

type SecretPolicy added in v3.12.0

type SecretPolicy struct {
	pulumi.CustomResourceState

	// Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.
	BlockPublicPolicy pulumi.BoolPtrOutput `pulumi:"blockPublicPolicy"`
	Policy            pulumi.StringOutput  `pulumi:"policy"`
	// Secret ARN.
	SecretArn pulumi.StringOutput `pulumi:"secretArn"`
}

Provides a resource to manage AWS Secrets Manager secret policy.

## Example Usage ### Basic

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleSecret, err := secretsmanager.NewSecret(ctx, "exampleSecret", nil)
		if err != nil {
			return err
		}
		_, err = secretsmanager.NewSecretPolicy(ctx, "exampleSecretPolicy", &secretsmanager.SecretPolicyArgs{
			SecretArn: exampleSecret.Arn,
			Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "	{\n", "	  \"Sid\": \"EnableAllPermissions\",\n", "	  \"Effect\": \"Allow\",\n", "	  \"Principal\": {\n", "		\"AWS\": \"*\"\n", "	  },\n", "	  \"Action\": \"secretsmanager:GetSecretValue\",\n", "	  \"Resource\": \"*\"\n", "	}\n", "  ]\n", "}\n")),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

`aws_secretsmanager_secret_policy` can be imported by using the secret Amazon Resource Name (ARN), e.g.

```sh

$ pulumi import aws:secretsmanager/secretPolicy:SecretPolicy example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456

```

func GetSecretPolicy added in v3.12.0

func GetSecretPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretPolicyState, opts ...pulumi.ResourceOption) (*SecretPolicy, error)

GetSecretPolicy gets an existing SecretPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretPolicy added in v3.12.0

func NewSecretPolicy(ctx *pulumi.Context,
	name string, args *SecretPolicyArgs, opts ...pulumi.ResourceOption) (*SecretPolicy, error)

NewSecretPolicy registers a new resource with the given unique name, arguments, and options.

func (*SecretPolicy) ElementType added in v3.13.0

func (*SecretPolicy) ElementType() reflect.Type

func (*SecretPolicy) ToSecretPolicyOutput added in v3.13.0

func (i *SecretPolicy) ToSecretPolicyOutput() SecretPolicyOutput

func (*SecretPolicy) ToSecretPolicyOutputWithContext added in v3.13.0

func (i *SecretPolicy) ToSecretPolicyOutputWithContext(ctx context.Context) SecretPolicyOutput

func (*SecretPolicy) ToSecretPolicyPtrOutput added in v3.25.0

func (i *SecretPolicy) ToSecretPolicyPtrOutput() SecretPolicyPtrOutput

func (*SecretPolicy) ToSecretPolicyPtrOutputWithContext added in v3.25.0

func (i *SecretPolicy) ToSecretPolicyPtrOutputWithContext(ctx context.Context) SecretPolicyPtrOutput

type SecretPolicyArgs added in v3.12.0

type SecretPolicyArgs struct {
	// Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.
	BlockPublicPolicy pulumi.BoolPtrInput
	Policy            pulumi.StringInput
	// Secret ARN.
	SecretArn pulumi.StringInput
}

The set of arguments for constructing a SecretPolicy resource.

func (SecretPolicyArgs) ElementType added in v3.12.0

func (SecretPolicyArgs) ElementType() reflect.Type

type SecretPolicyArray added in v3.25.0

type SecretPolicyArray []SecretPolicyInput

func (SecretPolicyArray) ElementType added in v3.25.0

func (SecretPolicyArray) ElementType() reflect.Type

func (SecretPolicyArray) ToSecretPolicyArrayOutput added in v3.25.0

func (i SecretPolicyArray) ToSecretPolicyArrayOutput() SecretPolicyArrayOutput

func (SecretPolicyArray) ToSecretPolicyArrayOutputWithContext added in v3.25.0

func (i SecretPolicyArray) ToSecretPolicyArrayOutputWithContext(ctx context.Context) SecretPolicyArrayOutput

type SecretPolicyArrayInput added in v3.25.0

type SecretPolicyArrayInput interface {
	pulumi.Input

	ToSecretPolicyArrayOutput() SecretPolicyArrayOutput
	ToSecretPolicyArrayOutputWithContext(context.Context) SecretPolicyArrayOutput
}

SecretPolicyArrayInput is an input type that accepts SecretPolicyArray and SecretPolicyArrayOutput values. You can construct a concrete instance of `SecretPolicyArrayInput` via:

SecretPolicyArray{ SecretPolicyArgs{...} }

type SecretPolicyArrayOutput added in v3.25.0

type SecretPolicyArrayOutput struct{ *pulumi.OutputState }

func (SecretPolicyArrayOutput) ElementType added in v3.25.0

func (SecretPolicyArrayOutput) ElementType() reflect.Type

func (SecretPolicyArrayOutput) Index added in v3.25.0

func (SecretPolicyArrayOutput) ToSecretPolicyArrayOutput added in v3.25.0

func (o SecretPolicyArrayOutput) ToSecretPolicyArrayOutput() SecretPolicyArrayOutput

func (SecretPolicyArrayOutput) ToSecretPolicyArrayOutputWithContext added in v3.25.0

func (o SecretPolicyArrayOutput) ToSecretPolicyArrayOutputWithContext(ctx context.Context) SecretPolicyArrayOutput

type SecretPolicyInput added in v3.13.0

type SecretPolicyInput interface {
	pulumi.Input

	ToSecretPolicyOutput() SecretPolicyOutput
	ToSecretPolicyOutputWithContext(ctx context.Context) SecretPolicyOutput
}

type SecretPolicyMap added in v3.25.0

type SecretPolicyMap map[string]SecretPolicyInput

func (SecretPolicyMap) ElementType added in v3.25.0

func (SecretPolicyMap) ElementType() reflect.Type

func (SecretPolicyMap) ToSecretPolicyMapOutput added in v3.25.0

func (i SecretPolicyMap) ToSecretPolicyMapOutput() SecretPolicyMapOutput

func (SecretPolicyMap) ToSecretPolicyMapOutputWithContext added in v3.25.0

func (i SecretPolicyMap) ToSecretPolicyMapOutputWithContext(ctx context.Context) SecretPolicyMapOutput

type SecretPolicyMapInput added in v3.25.0

type SecretPolicyMapInput interface {
	pulumi.Input

	ToSecretPolicyMapOutput() SecretPolicyMapOutput
	ToSecretPolicyMapOutputWithContext(context.Context) SecretPolicyMapOutput
}

SecretPolicyMapInput is an input type that accepts SecretPolicyMap and SecretPolicyMapOutput values. You can construct a concrete instance of `SecretPolicyMapInput` via:

SecretPolicyMap{ "key": SecretPolicyArgs{...} }

type SecretPolicyMapOutput added in v3.25.0

type SecretPolicyMapOutput struct{ *pulumi.OutputState }

func (SecretPolicyMapOutput) ElementType added in v3.25.0

func (SecretPolicyMapOutput) ElementType() reflect.Type

func (SecretPolicyMapOutput) MapIndex added in v3.25.0

func (SecretPolicyMapOutput) ToSecretPolicyMapOutput added in v3.25.0

func (o SecretPolicyMapOutput) ToSecretPolicyMapOutput() SecretPolicyMapOutput

func (SecretPolicyMapOutput) ToSecretPolicyMapOutputWithContext added in v3.25.0

func (o SecretPolicyMapOutput) ToSecretPolicyMapOutputWithContext(ctx context.Context) SecretPolicyMapOutput

type SecretPolicyOutput added in v3.13.0

type SecretPolicyOutput struct {
	*pulumi.OutputState
}

func (SecretPolicyOutput) ElementType added in v3.13.0

func (SecretPolicyOutput) ElementType() reflect.Type

func (SecretPolicyOutput) ToSecretPolicyOutput added in v3.13.0

func (o SecretPolicyOutput) ToSecretPolicyOutput() SecretPolicyOutput

func (SecretPolicyOutput) ToSecretPolicyOutputWithContext added in v3.13.0

func (o SecretPolicyOutput) ToSecretPolicyOutputWithContext(ctx context.Context) SecretPolicyOutput

func (SecretPolicyOutput) ToSecretPolicyPtrOutput added in v3.25.0

func (o SecretPolicyOutput) ToSecretPolicyPtrOutput() SecretPolicyPtrOutput

func (SecretPolicyOutput) ToSecretPolicyPtrOutputWithContext added in v3.25.0

func (o SecretPolicyOutput) ToSecretPolicyPtrOutputWithContext(ctx context.Context) SecretPolicyPtrOutput

type SecretPolicyPtrInput added in v3.25.0

type SecretPolicyPtrInput interface {
	pulumi.Input

	ToSecretPolicyPtrOutput() SecretPolicyPtrOutput
	ToSecretPolicyPtrOutputWithContext(ctx context.Context) SecretPolicyPtrOutput
}

type SecretPolicyPtrOutput added in v3.25.0

type SecretPolicyPtrOutput struct {
	*pulumi.OutputState
}

func (SecretPolicyPtrOutput) ElementType added in v3.25.0

func (SecretPolicyPtrOutput) ElementType() reflect.Type

func (SecretPolicyPtrOutput) ToSecretPolicyPtrOutput added in v3.25.0

func (o SecretPolicyPtrOutput) ToSecretPolicyPtrOutput() SecretPolicyPtrOutput

func (SecretPolicyPtrOutput) ToSecretPolicyPtrOutputWithContext added in v3.25.0

func (o SecretPolicyPtrOutput) ToSecretPolicyPtrOutputWithContext(ctx context.Context) SecretPolicyPtrOutput

type SecretPolicyState added in v3.12.0

type SecretPolicyState struct {
	// Makes an optional API call to Zelkova to validate the Resource Policy to prevent broad access to your secret.
	BlockPublicPolicy pulumi.BoolPtrInput
	Policy            pulumi.StringPtrInput
	// Secret ARN.
	SecretArn pulumi.StringPtrInput
}

func (SecretPolicyState) ElementType added in v3.12.0

func (SecretPolicyState) ElementType() reflect.Type

type SecretPtrInput added in v3.25.0

type SecretPtrInput interface {
	pulumi.Input

	ToSecretPtrOutput() SecretPtrOutput
	ToSecretPtrOutputWithContext(ctx context.Context) SecretPtrOutput
}

type SecretPtrOutput added in v3.25.0

type SecretPtrOutput struct {
	*pulumi.OutputState
}

func (SecretPtrOutput) ElementType added in v3.25.0

func (SecretPtrOutput) ElementType() reflect.Type

func (SecretPtrOutput) ToSecretPtrOutput added in v3.25.0

func (o SecretPtrOutput) ToSecretPtrOutput() SecretPtrOutput

func (SecretPtrOutput) ToSecretPtrOutputWithContext added in v3.25.0

func (o SecretPtrOutput) ToSecretPtrOutputWithContext(ctx context.Context) SecretPtrOutput

type SecretRotation

type SecretRotation struct {
	pulumi.CustomResourceState

	// Specifies whether automatic rotation is enabled for this secret.
	RotationEnabled pulumi.BoolOutput `pulumi:"rotationEnabled"`
	// Specifies the ARN of the Lambda function that can rotate the secret.
	RotationLambdaArn pulumi.StringOutput `pulumi:"rotationLambdaArn"`
	// A structure that defines the rotation configuration for this secret. Defined below.
	RotationRules SecretRotationRotationRulesOutput `pulumi:"rotationRules"`
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringOutput    `pulumi:"secretId"`
	Tags     pulumi.StringMapOutput `pulumi:"tags"`
}

Provides a resource to manage AWS Secrets Manager secret rotation. To manage a secret, see the [`secretsmanager.Secret` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret.html). To manage a secret value, see the [`secretsmanager.SecretVersion` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret_version.html).

## Example Usage ### Basic

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.NewSecretRotation(ctx, "example", &secretsmanager.SecretRotationArgs{
			SecretId:          pulumi.Any(aws_secretsmanager_secret.Example.Id),
			RotationLambdaArn: pulumi.Any(aws_lambda_function.Example.Arn),
			RotationRules: &secretsmanager.SecretRotationRotationRulesArgs{
				AutomaticallyAfterDays: pulumi.Int(30),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Rotation Configuration

To enable automatic secret rotation, the Secrets Manager service requires usage of a Lambda function. The [Rotate Secrets section in the Secrets Manager User Guide](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) provides additional information about deploying a prebuilt Lambda functions for supported credential rotation (e.g. RDS) or deploying a custom Lambda function.

> **NOTE:** Configuring rotation causes the secret to rotate once as soon as you enable rotation. Before you do this, you must ensure that all of your applications that use the credentials stored in the secret are updated to retrieve the secret from AWS Secrets Manager. The old credentials might no longer be usable after the initial rotation and any applications that you fail to update will break as soon as the old credentials are no longer valid.

> **NOTE:** If you cancel a rotation that is in progress (by removing the `rotation` configuration), it can leave the VersionStage labels in an unexpected state. Depending on what step of the rotation was in progress, you might need to remove the staging label AWSPENDING from the partially created version, specified by the SecretVersionId response value. You should also evaluate the partially rotated new version to see if it should be deleted, which you can do by removing all staging labels from the new version's VersionStage field.

## Import

`aws_secretsmanager_secret_rotation` can be imported by using the secret Amazon Resource Name (ARN), e.g.

```sh

$ pulumi import aws:secretsmanager/secretRotation:SecretRotation example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456

```

func GetSecretRotation

func GetSecretRotation(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretRotationState, opts ...pulumi.ResourceOption) (*SecretRotation, error)

GetSecretRotation gets an existing SecretRotation resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretRotation

func NewSecretRotation(ctx *pulumi.Context,
	name string, args *SecretRotationArgs, opts ...pulumi.ResourceOption) (*SecretRotation, error)

NewSecretRotation registers a new resource with the given unique name, arguments, and options.

func (*SecretRotation) ElementType added in v3.13.0

func (*SecretRotation) ElementType() reflect.Type

func (*SecretRotation) ToSecretRotationOutput added in v3.13.0

func (i *SecretRotation) ToSecretRotationOutput() SecretRotationOutput

func (*SecretRotation) ToSecretRotationOutputWithContext added in v3.13.0

func (i *SecretRotation) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (*SecretRotation) ToSecretRotationPtrOutput added in v3.25.0

func (i *SecretRotation) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (*SecretRotation) ToSecretRotationPtrOutputWithContext added in v3.25.0

func (i *SecretRotation) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationArgs

type SecretRotationArgs struct {
	// Specifies the ARN of the Lambda function that can rotate the secret.
	RotationLambdaArn pulumi.StringInput
	// A structure that defines the rotation configuration for this secret. Defined below.
	RotationRules SecretRotationRotationRulesInput
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringInput
	Tags     pulumi.StringMapInput
}

The set of arguments for constructing a SecretRotation resource.

func (SecretRotationArgs) ElementType

func (SecretRotationArgs) ElementType() reflect.Type

type SecretRotationArray added in v3.25.0

type SecretRotationArray []SecretRotationInput

func (SecretRotationArray) ElementType added in v3.25.0

func (SecretRotationArray) ElementType() reflect.Type

func (SecretRotationArray) ToSecretRotationArrayOutput added in v3.25.0

func (i SecretRotationArray) ToSecretRotationArrayOutput() SecretRotationArrayOutput

func (SecretRotationArray) ToSecretRotationArrayOutputWithContext added in v3.25.0

func (i SecretRotationArray) ToSecretRotationArrayOutputWithContext(ctx context.Context) SecretRotationArrayOutput

type SecretRotationArrayInput added in v3.25.0

type SecretRotationArrayInput interface {
	pulumi.Input

	ToSecretRotationArrayOutput() SecretRotationArrayOutput
	ToSecretRotationArrayOutputWithContext(context.Context) SecretRotationArrayOutput
}

SecretRotationArrayInput is an input type that accepts SecretRotationArray and SecretRotationArrayOutput values. You can construct a concrete instance of `SecretRotationArrayInput` via:

SecretRotationArray{ SecretRotationArgs{...} }

type SecretRotationArrayOutput added in v3.25.0

type SecretRotationArrayOutput struct{ *pulumi.OutputState }

func (SecretRotationArrayOutput) ElementType added in v3.25.0

func (SecretRotationArrayOutput) ElementType() reflect.Type

func (SecretRotationArrayOutput) Index added in v3.25.0

func (SecretRotationArrayOutput) ToSecretRotationArrayOutput added in v3.25.0

func (o SecretRotationArrayOutput) ToSecretRotationArrayOutput() SecretRotationArrayOutput

func (SecretRotationArrayOutput) ToSecretRotationArrayOutputWithContext added in v3.25.0

func (o SecretRotationArrayOutput) ToSecretRotationArrayOutputWithContext(ctx context.Context) SecretRotationArrayOutput

type SecretRotationInput added in v3.13.0

type SecretRotationInput interface {
	pulumi.Input

	ToSecretRotationOutput() SecretRotationOutput
	ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput
}

type SecretRotationMap added in v3.25.0

type SecretRotationMap map[string]SecretRotationInput

func (SecretRotationMap) ElementType added in v3.25.0

func (SecretRotationMap) ElementType() reflect.Type

func (SecretRotationMap) ToSecretRotationMapOutput added in v3.25.0

func (i SecretRotationMap) ToSecretRotationMapOutput() SecretRotationMapOutput

func (SecretRotationMap) ToSecretRotationMapOutputWithContext added in v3.25.0

func (i SecretRotationMap) ToSecretRotationMapOutputWithContext(ctx context.Context) SecretRotationMapOutput

type SecretRotationMapInput added in v3.25.0

type SecretRotationMapInput interface {
	pulumi.Input

	ToSecretRotationMapOutput() SecretRotationMapOutput
	ToSecretRotationMapOutputWithContext(context.Context) SecretRotationMapOutput
}

SecretRotationMapInput is an input type that accepts SecretRotationMap and SecretRotationMapOutput values. You can construct a concrete instance of `SecretRotationMapInput` via:

SecretRotationMap{ "key": SecretRotationArgs{...} }

type SecretRotationMapOutput added in v3.25.0

type SecretRotationMapOutput struct{ *pulumi.OutputState }

func (SecretRotationMapOutput) ElementType added in v3.25.0

func (SecretRotationMapOutput) ElementType() reflect.Type

func (SecretRotationMapOutput) MapIndex added in v3.25.0

func (SecretRotationMapOutput) ToSecretRotationMapOutput added in v3.25.0

func (o SecretRotationMapOutput) ToSecretRotationMapOutput() SecretRotationMapOutput

func (SecretRotationMapOutput) ToSecretRotationMapOutputWithContext added in v3.25.0

func (o SecretRotationMapOutput) ToSecretRotationMapOutputWithContext(ctx context.Context) SecretRotationMapOutput

type SecretRotationOutput added in v3.13.0

type SecretRotationOutput struct {
	*pulumi.OutputState
}

func (SecretRotationOutput) ElementType added in v3.13.0

func (SecretRotationOutput) ElementType() reflect.Type

func (SecretRotationOutput) ToSecretRotationOutput added in v3.13.0

func (o SecretRotationOutput) ToSecretRotationOutput() SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationOutputWithContext added in v3.13.0

func (o SecretRotationOutput) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationPtrOutput added in v3.25.0

func (o SecretRotationOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationOutput) ToSecretRotationPtrOutputWithContext added in v3.25.0

func (o SecretRotationOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationPtrInput added in v3.25.0

type SecretRotationPtrInput interface {
	pulumi.Input

	ToSecretRotationPtrOutput() SecretRotationPtrOutput
	ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput
}

type SecretRotationPtrOutput added in v3.25.0

type SecretRotationPtrOutput struct {
	*pulumi.OutputState
}

func (SecretRotationPtrOutput) ElementType added in v3.25.0

func (SecretRotationPtrOutput) ElementType() reflect.Type

func (SecretRotationPtrOutput) ToSecretRotationPtrOutput added in v3.25.0

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext added in v3.25.0

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationRotationRules

type SecretRotationRotationRules struct {
	// Specifies the number of days between automatic scheduled rotations of the secret.
	AutomaticallyAfterDays int `pulumi:"automaticallyAfterDays"`
}

type SecretRotationRotationRulesArgs

type SecretRotationRotationRulesArgs struct {
	// Specifies the number of days between automatic scheduled rotations of the secret.
	AutomaticallyAfterDays pulumi.IntInput `pulumi:"automaticallyAfterDays"`
}

func (SecretRotationRotationRulesArgs) ElementType

func (SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesOutput

func (i SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesOutput() SecretRotationRotationRulesOutput

func (SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesOutputWithContext

func (i SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesOutputWithContext(ctx context.Context) SecretRotationRotationRulesOutput

func (SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesPtrOutput

func (i SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesPtrOutput() SecretRotationRotationRulesPtrOutput

func (SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesPtrOutputWithContext

func (i SecretRotationRotationRulesArgs) ToSecretRotationRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRotationRulesPtrOutput

type SecretRotationRotationRulesInput

type SecretRotationRotationRulesInput interface {
	pulumi.Input

	ToSecretRotationRotationRulesOutput() SecretRotationRotationRulesOutput
	ToSecretRotationRotationRulesOutputWithContext(context.Context) SecretRotationRotationRulesOutput
}

SecretRotationRotationRulesInput is an input type that accepts SecretRotationRotationRulesArgs and SecretRotationRotationRulesOutput values. You can construct a concrete instance of `SecretRotationRotationRulesInput` via:

SecretRotationRotationRulesArgs{...}

type SecretRotationRotationRulesOutput

type SecretRotationRotationRulesOutput struct{ *pulumi.OutputState }

func (SecretRotationRotationRulesOutput) AutomaticallyAfterDays

func (o SecretRotationRotationRulesOutput) AutomaticallyAfterDays() pulumi.IntOutput

Specifies the number of days between automatic scheduled rotations of the secret.

func (SecretRotationRotationRulesOutput) ElementType

func (SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesOutput

func (o SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesOutput() SecretRotationRotationRulesOutput

func (SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesOutputWithContext

func (o SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesOutputWithContext(ctx context.Context) SecretRotationRotationRulesOutput

func (SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesPtrOutput

func (o SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesPtrOutput() SecretRotationRotationRulesPtrOutput

func (SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesPtrOutputWithContext

func (o SecretRotationRotationRulesOutput) ToSecretRotationRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRotationRulesPtrOutput

type SecretRotationRotationRulesPtrInput

type SecretRotationRotationRulesPtrInput interface {
	pulumi.Input

	ToSecretRotationRotationRulesPtrOutput() SecretRotationRotationRulesPtrOutput
	ToSecretRotationRotationRulesPtrOutputWithContext(context.Context) SecretRotationRotationRulesPtrOutput
}

SecretRotationRotationRulesPtrInput is an input type that accepts SecretRotationRotationRulesArgs, SecretRotationRotationRulesPtr and SecretRotationRotationRulesPtrOutput values. You can construct a concrete instance of `SecretRotationRotationRulesPtrInput` via:

        SecretRotationRotationRulesArgs{...}

or:

        nil

type SecretRotationRotationRulesPtrOutput

type SecretRotationRotationRulesPtrOutput struct{ *pulumi.OutputState }

func (SecretRotationRotationRulesPtrOutput) AutomaticallyAfterDays

func (o SecretRotationRotationRulesPtrOutput) AutomaticallyAfterDays() pulumi.IntPtrOutput

Specifies the number of days between automatic scheduled rotations of the secret.

func (SecretRotationRotationRulesPtrOutput) Elem

func (SecretRotationRotationRulesPtrOutput) ElementType

func (SecretRotationRotationRulesPtrOutput) ToSecretRotationRotationRulesPtrOutput

func (o SecretRotationRotationRulesPtrOutput) ToSecretRotationRotationRulesPtrOutput() SecretRotationRotationRulesPtrOutput

func (SecretRotationRotationRulesPtrOutput) ToSecretRotationRotationRulesPtrOutputWithContext

func (o SecretRotationRotationRulesPtrOutput) ToSecretRotationRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRotationRulesPtrOutput

type SecretRotationRules

type SecretRotationRules struct {
	// Specifies the number of days between automatic scheduled rotations of the secret.
	AutomaticallyAfterDays int `pulumi:"automaticallyAfterDays"`
}

type SecretRotationRulesArgs

type SecretRotationRulesArgs struct {
	// Specifies the number of days between automatic scheduled rotations of the secret.
	AutomaticallyAfterDays pulumi.IntInput `pulumi:"automaticallyAfterDays"`
}

func (SecretRotationRulesArgs) ElementType

func (SecretRotationRulesArgs) ElementType() reflect.Type

func (SecretRotationRulesArgs) ToSecretRotationRulesOutput

func (i SecretRotationRulesArgs) ToSecretRotationRulesOutput() SecretRotationRulesOutput

func (SecretRotationRulesArgs) ToSecretRotationRulesOutputWithContext

func (i SecretRotationRulesArgs) ToSecretRotationRulesOutputWithContext(ctx context.Context) SecretRotationRulesOutput

func (SecretRotationRulesArgs) ToSecretRotationRulesPtrOutput

func (i SecretRotationRulesArgs) ToSecretRotationRulesPtrOutput() SecretRotationRulesPtrOutput

func (SecretRotationRulesArgs) ToSecretRotationRulesPtrOutputWithContext

func (i SecretRotationRulesArgs) ToSecretRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRulesPtrOutput

type SecretRotationRulesInput

type SecretRotationRulesInput interface {
	pulumi.Input

	ToSecretRotationRulesOutput() SecretRotationRulesOutput
	ToSecretRotationRulesOutputWithContext(context.Context) SecretRotationRulesOutput
}

SecretRotationRulesInput is an input type that accepts SecretRotationRulesArgs and SecretRotationRulesOutput values. You can construct a concrete instance of `SecretRotationRulesInput` via:

SecretRotationRulesArgs{...}

type SecretRotationRulesOutput

type SecretRotationRulesOutput struct{ *pulumi.OutputState }

func (SecretRotationRulesOutput) AutomaticallyAfterDays

func (o SecretRotationRulesOutput) AutomaticallyAfterDays() pulumi.IntOutput

Specifies the number of days between automatic scheduled rotations of the secret.

func (SecretRotationRulesOutput) ElementType

func (SecretRotationRulesOutput) ElementType() reflect.Type

func (SecretRotationRulesOutput) ToSecretRotationRulesOutput

func (o SecretRotationRulesOutput) ToSecretRotationRulesOutput() SecretRotationRulesOutput

func (SecretRotationRulesOutput) ToSecretRotationRulesOutputWithContext

func (o SecretRotationRulesOutput) ToSecretRotationRulesOutputWithContext(ctx context.Context) SecretRotationRulesOutput

func (SecretRotationRulesOutput) ToSecretRotationRulesPtrOutput

func (o SecretRotationRulesOutput) ToSecretRotationRulesPtrOutput() SecretRotationRulesPtrOutput

func (SecretRotationRulesOutput) ToSecretRotationRulesPtrOutputWithContext

func (o SecretRotationRulesOutput) ToSecretRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRulesPtrOutput

type SecretRotationRulesPtrInput

type SecretRotationRulesPtrInput interface {
	pulumi.Input

	ToSecretRotationRulesPtrOutput() SecretRotationRulesPtrOutput
	ToSecretRotationRulesPtrOutputWithContext(context.Context) SecretRotationRulesPtrOutput
}

SecretRotationRulesPtrInput is an input type that accepts SecretRotationRulesArgs, SecretRotationRulesPtr and SecretRotationRulesPtrOutput values. You can construct a concrete instance of `SecretRotationRulesPtrInput` via:

        SecretRotationRulesArgs{...}

or:

        nil

type SecretRotationRulesPtrOutput

type SecretRotationRulesPtrOutput struct{ *pulumi.OutputState }

func (SecretRotationRulesPtrOutput) AutomaticallyAfterDays

func (o SecretRotationRulesPtrOutput) AutomaticallyAfterDays() pulumi.IntPtrOutput

Specifies the number of days between automatic scheduled rotations of the secret.

func (SecretRotationRulesPtrOutput) Elem

func (SecretRotationRulesPtrOutput) ElementType

func (SecretRotationRulesPtrOutput) ToSecretRotationRulesPtrOutput

func (o SecretRotationRulesPtrOutput) ToSecretRotationRulesPtrOutput() SecretRotationRulesPtrOutput

func (SecretRotationRulesPtrOutput) ToSecretRotationRulesPtrOutputWithContext

func (o SecretRotationRulesPtrOutput) ToSecretRotationRulesPtrOutputWithContext(ctx context.Context) SecretRotationRulesPtrOutput

type SecretRotationState

type SecretRotationState struct {
	// Specifies whether automatic rotation is enabled for this secret.
	RotationEnabled pulumi.BoolPtrInput
	// Specifies the ARN of the Lambda function that can rotate the secret.
	RotationLambdaArn pulumi.StringPtrInput
	// A structure that defines the rotation configuration for this secret. Defined below.
	RotationRules SecretRotationRotationRulesPtrInput
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringPtrInput
	Tags     pulumi.StringMapInput
}

func (SecretRotationState) ElementType

func (SecretRotationState) ElementType() reflect.Type

type SecretState

type SecretState struct {
	// Amazon Resource Name (ARN) of the secret.
	Arn pulumi.StringPtrInput
	// A description of the secret.
	Description pulumi.StringPtrInput
	// Specifies the ARN or Id of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
	KmsKeyId pulumi.StringPtrInput
	// Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `namePrefix`.
	Name pulumi.StringPtrInput
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix pulumi.StringPtrInput
	// A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html).
	Policy pulumi.StringPtrInput
	// Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
	RecoveryWindowInDays pulumi.IntPtrInput
	// Specifies whether automatic rotation is enabled for this secret.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationEnabled pulumi.BoolPtrInput
	// Specifies the ARN of the Lambda function that can rotate the secret. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationLambdaArn pulumi.StringPtrInput
	// A structure that defines the rotation configuration for this secret. Defined below. Use the `secretsmanager.SecretRotation` resource to manage this configuration instead. As of version 2.67.0, removal of this configuration will no longer remove rotation due to supporting the new resource. Either import the new resource and remove the configuration or manually remove rotation.
	//
	// Deprecated: Use the aws_secretsmanager_secret_rotation resource instead
	RotationRules SecretRotationRulesPtrInput
	// Specifies a key-value map of user-defined tags that are attached to the secret.
	Tags pulumi.StringMapInput
}

func (SecretState) ElementType

func (SecretState) ElementType() reflect.Type

type SecretVersion

type SecretVersion struct {
	pulumi.CustomResourceState

	// The ARN of the secret.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secretString is not set. Needs to be encoded to base64.
	SecretBinary pulumi.StringPtrOutput `pulumi:"secretBinary"`
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// Specifies text data that you want to encrypt and store in this version of the secret. This is required if secretBinary is not set.
	SecretString pulumi.StringPtrOutput `pulumi:"secretString"`
	// The unique identifier of the version of the secret.
	VersionId pulumi.StringOutput `pulumi:"versionId"`
	// Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.
	VersionStages pulumi.StringArrayOutput `pulumi:"versionStages"`
}

Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the `secretsmanager.Secret` resource.

> **NOTE:** If the `AWSCURRENT` staging label is present on this version during resource deletion, that label cannot be removed and will be skipped to prevent errors when fully deleting the secret. That label will leave this secret version active even after the resource is deleted from this provider unless the secret itself is deleted. Move the `AWSCURRENT` staging label before or after deleting this resource from this provider to fully trigger version deprecation if necessary.

## Example Usage ### Simple String Value

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretsmanager.NewSecretVersion(ctx, "example", &secretsmanager.SecretVersionArgs{
			SecretId:     pulumi.Any(aws_secretsmanager_secret.Example.Id),
			SecretString: pulumi.String("example-string-to-protect"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Key-Value Pairs

Secrets Manager also accepts key-value pairs in JSON.

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v3/go/aws/secretsmanager"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
"github.com/pulumi/pulumi/sdk/v2/go/pulumi/config"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		example := map[string]interface{}{
			"key1": "value1",
			"key2": "value2",
		}
		if param := cfg.GetBool("example"); param != nil {
			example = param
		}
		tmpJSON0, err := json.Marshal(example)
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		_, err := secretsmanager.NewSecretVersion(ctx, "exampleSecretVersion", &secretsmanager.SecretVersionArgs{
			SecretId:     pulumi.Any(aws_secretsmanager_secret.Example.Id),
			SecretString: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

`aws_secretsmanager_secret_version` can be imported by using the secret ID and version ID, e.g.

```sh

$ pulumi import aws:secretsmanager/secretVersion:SecretVersion example 'arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456|xxxxx-xxxxxxx-xxxxxxx-xxxxx'

```

func GetSecretVersion

func GetSecretVersion(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretVersionState, opts ...pulumi.ResourceOption) (*SecretVersion, error)

GetSecretVersion gets an existing SecretVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretVersion

func NewSecretVersion(ctx *pulumi.Context,
	name string, args *SecretVersionArgs, opts ...pulumi.ResourceOption) (*SecretVersion, error)

NewSecretVersion registers a new resource with the given unique name, arguments, and options.

func (*SecretVersion) ElementType added in v3.13.0

func (*SecretVersion) ElementType() reflect.Type

func (*SecretVersion) ToSecretVersionOutput added in v3.13.0

func (i *SecretVersion) ToSecretVersionOutput() SecretVersionOutput

func (*SecretVersion) ToSecretVersionOutputWithContext added in v3.13.0

func (i *SecretVersion) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

func (*SecretVersion) ToSecretVersionPtrOutput added in v3.25.0

func (i *SecretVersion) ToSecretVersionPtrOutput() SecretVersionPtrOutput

func (*SecretVersion) ToSecretVersionPtrOutputWithContext added in v3.25.0

func (i *SecretVersion) ToSecretVersionPtrOutputWithContext(ctx context.Context) SecretVersionPtrOutput

type SecretVersionArgs

type SecretVersionArgs struct {
	// Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secretString is not set. Needs to be encoded to base64.
	SecretBinary pulumi.StringPtrInput
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringInput
	// Specifies text data that you want to encrypt and store in this version of the secret. This is required if secretBinary is not set.
	SecretString pulumi.StringPtrInput
	// Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.
	VersionStages pulumi.StringArrayInput
}

The set of arguments for constructing a SecretVersion resource.

func (SecretVersionArgs) ElementType

func (SecretVersionArgs) ElementType() reflect.Type

type SecretVersionArray added in v3.25.0

type SecretVersionArray []SecretVersionInput

func (SecretVersionArray) ElementType added in v3.25.0

func (SecretVersionArray) ElementType() reflect.Type

func (SecretVersionArray) ToSecretVersionArrayOutput added in v3.25.0

func (i SecretVersionArray) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArray) ToSecretVersionArrayOutputWithContext added in v3.25.0

func (i SecretVersionArray) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionArrayInput added in v3.25.0

type SecretVersionArrayInput interface {
	pulumi.Input

	ToSecretVersionArrayOutput() SecretVersionArrayOutput
	ToSecretVersionArrayOutputWithContext(context.Context) SecretVersionArrayOutput
}

SecretVersionArrayInput is an input type that accepts SecretVersionArray and SecretVersionArrayOutput values. You can construct a concrete instance of `SecretVersionArrayInput` via:

SecretVersionArray{ SecretVersionArgs{...} }

type SecretVersionArrayOutput added in v3.25.0

type SecretVersionArrayOutput struct{ *pulumi.OutputState }

func (SecretVersionArrayOutput) ElementType added in v3.25.0

func (SecretVersionArrayOutput) ElementType() reflect.Type

func (SecretVersionArrayOutput) Index added in v3.25.0

func (SecretVersionArrayOutput) ToSecretVersionArrayOutput added in v3.25.0

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext added in v3.25.0

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionInput added in v3.13.0

type SecretVersionInput interface {
	pulumi.Input

	ToSecretVersionOutput() SecretVersionOutput
	ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput
}

type SecretVersionMap added in v3.25.0

type SecretVersionMap map[string]SecretVersionInput

func (SecretVersionMap) ElementType added in v3.25.0

func (SecretVersionMap) ElementType() reflect.Type

func (SecretVersionMap) ToSecretVersionMapOutput added in v3.25.0

func (i SecretVersionMap) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMap) ToSecretVersionMapOutputWithContext added in v3.25.0

func (i SecretVersionMap) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionMapInput added in v3.25.0

type SecretVersionMapInput interface {
	pulumi.Input

	ToSecretVersionMapOutput() SecretVersionMapOutput
	ToSecretVersionMapOutputWithContext(context.Context) SecretVersionMapOutput
}

SecretVersionMapInput is an input type that accepts SecretVersionMap and SecretVersionMapOutput values. You can construct a concrete instance of `SecretVersionMapInput` via:

SecretVersionMap{ "key": SecretVersionArgs{...} }

type SecretVersionMapOutput added in v3.25.0

type SecretVersionMapOutput struct{ *pulumi.OutputState }

func (SecretVersionMapOutput) ElementType added in v3.25.0

func (SecretVersionMapOutput) ElementType() reflect.Type

func (SecretVersionMapOutput) MapIndex added in v3.25.0

func (SecretVersionMapOutput) ToSecretVersionMapOutput added in v3.25.0

func (o SecretVersionMapOutput) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMapOutput) ToSecretVersionMapOutputWithContext added in v3.25.0

func (o SecretVersionMapOutput) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionOutput added in v3.13.0

type SecretVersionOutput struct {
	*pulumi.OutputState
}

func (SecretVersionOutput) ElementType added in v3.13.0

func (SecretVersionOutput) ElementType() reflect.Type

func (SecretVersionOutput) ToSecretVersionOutput added in v3.13.0

func (o SecretVersionOutput) ToSecretVersionOutput() SecretVersionOutput

func (SecretVersionOutput) ToSecretVersionOutputWithContext added in v3.13.0

func (o SecretVersionOutput) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

func (SecretVersionOutput) ToSecretVersionPtrOutput added in v3.25.0

func (o SecretVersionOutput) ToSecretVersionPtrOutput() SecretVersionPtrOutput

func (SecretVersionOutput) ToSecretVersionPtrOutputWithContext added in v3.25.0

func (o SecretVersionOutput) ToSecretVersionPtrOutputWithContext(ctx context.Context) SecretVersionPtrOutput

type SecretVersionPtrInput added in v3.25.0

type SecretVersionPtrInput interface {
	pulumi.Input

	ToSecretVersionPtrOutput() SecretVersionPtrOutput
	ToSecretVersionPtrOutputWithContext(ctx context.Context) SecretVersionPtrOutput
}

type SecretVersionPtrOutput added in v3.25.0

type SecretVersionPtrOutput struct {
	*pulumi.OutputState
}

func (SecretVersionPtrOutput) ElementType added in v3.25.0

func (SecretVersionPtrOutput) ElementType() reflect.Type

func (SecretVersionPtrOutput) ToSecretVersionPtrOutput added in v3.25.0

func (o SecretVersionPtrOutput) ToSecretVersionPtrOutput() SecretVersionPtrOutput

func (SecretVersionPtrOutput) ToSecretVersionPtrOutputWithContext added in v3.25.0

func (o SecretVersionPtrOutput) ToSecretVersionPtrOutputWithContext(ctx context.Context) SecretVersionPtrOutput

type SecretVersionState

type SecretVersionState struct {
	// The ARN of the secret.
	Arn pulumi.StringPtrInput
	// Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secretString is not set. Needs to be encoded to base64.
	SecretBinary pulumi.StringPtrInput
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId pulumi.StringPtrInput
	// Specifies text data that you want to encrypt and store in this version of the secret. This is required if secretBinary is not set.
	SecretString pulumi.StringPtrInput
	// The unique identifier of the version of the secret.
	VersionId pulumi.StringPtrInput
	// Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.
	VersionStages pulumi.StringArrayInput
}

func (SecretVersionState) ElementType

func (SecretVersionState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL