secretmanager

package
v6.67.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 27, 2023 License: Apache-2.0 Imports: 8 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetSecretReplication

type GetSecretReplication struct {
	Automatic    bool                              `pulumi:"automatic"`
	Autos        []GetSecretReplicationAuto        `pulumi:"autos"`
	UserManageds []GetSecretReplicationUserManaged `pulumi:"userManageds"`
}

type GetSecretReplicationArgs

type GetSecretReplicationArgs struct {
	Automatic    pulumi.BoolInput                          `pulumi:"automatic"`
	Autos        GetSecretReplicationAutoArrayInput        `pulumi:"autos"`
	UserManageds GetSecretReplicationUserManagedArrayInput `pulumi:"userManageds"`
}

func (GetSecretReplicationArgs) ElementType

func (GetSecretReplicationArgs) ElementType() reflect.Type

func (GetSecretReplicationArgs) ToGetSecretReplicationOutput

func (i GetSecretReplicationArgs) ToGetSecretReplicationOutput() GetSecretReplicationOutput

func (GetSecretReplicationArgs) ToGetSecretReplicationOutputWithContext

func (i GetSecretReplicationArgs) ToGetSecretReplicationOutputWithContext(ctx context.Context) GetSecretReplicationOutput

func (GetSecretReplicationArgs) ToOutput added in v6.65.1

type GetSecretReplicationArray

type GetSecretReplicationArray []GetSecretReplicationInput

func (GetSecretReplicationArray) ElementType

func (GetSecretReplicationArray) ElementType() reflect.Type

func (GetSecretReplicationArray) ToGetSecretReplicationArrayOutput

func (i GetSecretReplicationArray) ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput

func (GetSecretReplicationArray) ToGetSecretReplicationArrayOutputWithContext

func (i GetSecretReplicationArray) ToGetSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretReplicationArrayOutput

func (GetSecretReplicationArray) ToOutput added in v6.65.1

type GetSecretReplicationArrayInput

type GetSecretReplicationArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput
	ToGetSecretReplicationArrayOutputWithContext(context.Context) GetSecretReplicationArrayOutput
}

GetSecretReplicationArrayInput is an input type that accepts GetSecretReplicationArray and GetSecretReplicationArrayOutput values. You can construct a concrete instance of `GetSecretReplicationArrayInput` via:

GetSecretReplicationArray{ GetSecretReplicationArgs{...} }

type GetSecretReplicationArrayOutput

type GetSecretReplicationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationArrayOutput) ElementType

func (GetSecretReplicationArrayOutput) Index

func (GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutput

func (o GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput

func (GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutputWithContext

func (o GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretReplicationArrayOutput

func (GetSecretReplicationArrayOutput) ToOutput added in v6.65.1

type GetSecretReplicationAuto added in v6.67.0

type GetSecretReplicationAuto struct {
	CustomerManagedEncryptions []GetSecretReplicationAutoCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
}

type GetSecretReplicationAutoArgs added in v6.67.0

type GetSecretReplicationAutoArgs struct {
	CustomerManagedEncryptions GetSecretReplicationAutoCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
}

func (GetSecretReplicationAutoArgs) ElementType added in v6.67.0

func (GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutput added in v6.67.0

func (i GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutputWithContext added in v6.67.0

func (i GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoArgs) ToOutput added in v6.67.0

type GetSecretReplicationAutoArray added in v6.67.0

type GetSecretReplicationAutoArray []GetSecretReplicationAutoInput

func (GetSecretReplicationAutoArray) ElementType added in v6.67.0

func (GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutput added in v6.67.0

func (i GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutputWithContext added in v6.67.0

func (i GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArray) ToOutput added in v6.67.0

type GetSecretReplicationAutoArrayInput added in v6.67.0

type GetSecretReplicationAutoArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput
	ToGetSecretReplicationAutoArrayOutputWithContext(context.Context) GetSecretReplicationAutoArrayOutput
}

GetSecretReplicationAutoArrayInput is an input type that accepts GetSecretReplicationAutoArray and GetSecretReplicationAutoArrayOutput values. You can construct a concrete instance of `GetSecretReplicationAutoArrayInput` via:

GetSecretReplicationAutoArray{ GetSecretReplicationAutoArgs{...} }

type GetSecretReplicationAutoArrayOutput added in v6.67.0

type GetSecretReplicationAutoArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoArrayOutput) ElementType added in v6.67.0

func (GetSecretReplicationAutoArrayOutput) Index added in v6.67.0

func (GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutput added in v6.67.0

func (o GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutputWithContext added in v6.67.0

func (o GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArrayOutput) ToOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryption added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryption struct {
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretReplicationAutoCustomerManagedEncryptionArgs added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArgs struct {
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ElementType added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

func (i GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput() GetSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext added in v6.67.0

func (i GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArray added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArray []GetSecretReplicationAutoCustomerManagedEncryptionInput

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ElementType added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput added in v6.67.0

func (i GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput() GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext added in v6.67.0

func (i GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ToOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArrayInput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput() GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput
	ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput
}

GetSecretReplicationAutoCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretReplicationAutoCustomerManagedEncryptionArray and GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretReplicationAutoCustomerManagedEncryptionArrayInput` via:

GetSecretReplicationAutoCustomerManagedEncryptionArray{ GetSecretReplicationAutoCustomerManagedEncryptionArgs{...} }

type GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ElementType added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) Index added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext added in v6.67.0

func (o GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionInput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoCustomerManagedEncryptionOutput() GetSecretReplicationAutoCustomerManagedEncryptionOutput
	ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput
}

GetSecretReplicationAutoCustomerManagedEncryptionInput is an input type that accepts GetSecretReplicationAutoCustomerManagedEncryptionArgs and GetSecretReplicationAutoCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretReplicationAutoCustomerManagedEncryptionInput` via:

GetSecretReplicationAutoCustomerManagedEncryptionArgs{...}

type GetSecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

type GetSecretReplicationAutoCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ElementType added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) KmsKeyName added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext added in v6.67.0

func (o GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToOutput added in v6.67.0

type GetSecretReplicationAutoInput added in v6.67.0

type GetSecretReplicationAutoInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput
	ToGetSecretReplicationAutoOutputWithContext(context.Context) GetSecretReplicationAutoOutput
}

GetSecretReplicationAutoInput is an input type that accepts GetSecretReplicationAutoArgs and GetSecretReplicationAutoOutput values. You can construct a concrete instance of `GetSecretReplicationAutoInput` via:

GetSecretReplicationAutoArgs{...}

type GetSecretReplicationAutoOutput added in v6.67.0

type GetSecretReplicationAutoOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoOutput) CustomerManagedEncryptions added in v6.67.0

func (GetSecretReplicationAutoOutput) ElementType added in v6.67.0

func (GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutput added in v6.67.0

func (o GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutputWithContext added in v6.67.0

func (o GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoOutput) ToOutput added in v6.67.0

type GetSecretReplicationInput

type GetSecretReplicationInput interface {
	pulumi.Input

	ToGetSecretReplicationOutput() GetSecretReplicationOutput
	ToGetSecretReplicationOutputWithContext(context.Context) GetSecretReplicationOutput
}

GetSecretReplicationInput is an input type that accepts GetSecretReplicationArgs and GetSecretReplicationOutput values. You can construct a concrete instance of `GetSecretReplicationInput` via:

GetSecretReplicationArgs{...}

type GetSecretReplicationOutput

type GetSecretReplicationOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationOutput) Automatic

func (GetSecretReplicationOutput) Autos added in v6.67.0

func (GetSecretReplicationOutput) ElementType

func (GetSecretReplicationOutput) ElementType() reflect.Type

func (GetSecretReplicationOutput) ToGetSecretReplicationOutput

func (o GetSecretReplicationOutput) ToGetSecretReplicationOutput() GetSecretReplicationOutput

func (GetSecretReplicationOutput) ToGetSecretReplicationOutputWithContext

func (o GetSecretReplicationOutput) ToGetSecretReplicationOutputWithContext(ctx context.Context) GetSecretReplicationOutput

func (GetSecretReplicationOutput) ToOutput added in v6.65.1

func (GetSecretReplicationOutput) UserManageds

type GetSecretReplicationUserManaged

type GetSecretReplicationUserManaged struct {
	Replicas []GetSecretReplicationUserManagedReplica `pulumi:"replicas"`
}

type GetSecretReplicationUserManagedArgs

type GetSecretReplicationUserManagedArgs struct {
	Replicas GetSecretReplicationUserManagedReplicaArrayInput `pulumi:"replicas"`
}

func (GetSecretReplicationUserManagedArgs) ElementType

func (GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutput

func (i GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutputWithContext

func (i GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedArgs) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedArray

type GetSecretReplicationUserManagedArray []GetSecretReplicationUserManagedInput

func (GetSecretReplicationUserManagedArray) ElementType

func (GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutput

func (i GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutputWithContext

func (i GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArray) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedArrayInput

type GetSecretReplicationUserManagedArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput
	ToGetSecretReplicationUserManagedArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedArrayOutput
}

GetSecretReplicationUserManagedArrayInput is an input type that accepts GetSecretReplicationUserManagedArray and GetSecretReplicationUserManagedArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedArrayInput` via:

GetSecretReplicationUserManagedArray{ GetSecretReplicationUserManagedArgs{...} }

type GetSecretReplicationUserManagedArrayOutput

type GetSecretReplicationUserManagedArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedArrayOutput) ElementType

func (GetSecretReplicationUserManagedArrayOutput) Index

func (GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutput

func (o GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutputWithContext

func (o GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArrayOutput) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedInput

type GetSecretReplicationUserManagedInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput
	ToGetSecretReplicationUserManagedOutputWithContext(context.Context) GetSecretReplicationUserManagedOutput
}

GetSecretReplicationUserManagedInput is an input type that accepts GetSecretReplicationUserManagedArgs and GetSecretReplicationUserManagedOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedInput` via:

GetSecretReplicationUserManagedArgs{...}

type GetSecretReplicationUserManagedOutput

type GetSecretReplicationUserManagedOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedOutput) ElementType

func (GetSecretReplicationUserManagedOutput) Replicas

func (GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutput

func (o GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutputWithContext

func (o GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedOutput) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplica

type GetSecretReplicationUserManagedReplica struct {
	CustomerManagedEncryptions []GetSecretReplicationUserManagedReplicaCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	Location                   string                                                            `pulumi:"location"`
}

type GetSecretReplicationUserManagedReplicaArgs

type GetSecretReplicationUserManagedReplicaArgs struct {
	CustomerManagedEncryptions GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
	Location                   pulumi.StringInput                                                        `pulumi:"location"`
}

func (GetSecretReplicationUserManagedReplicaArgs) ElementType

func (GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutput

func (i GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutputWithContext

func (i GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaArgs) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaArray

type GetSecretReplicationUserManagedReplicaArray []GetSecretReplicationUserManagedReplicaInput

func (GetSecretReplicationUserManagedReplicaArray) ElementType

func (GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutput

func (i GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext

func (i GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArray) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaArrayInput

type GetSecretReplicationUserManagedReplicaArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput
	ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaArrayOutput
}

GetSecretReplicationUserManagedReplicaArrayInput is an input type that accepts GetSecretReplicationUserManagedReplicaArray and GetSecretReplicationUserManagedReplicaArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaArrayInput` via:

GetSecretReplicationUserManagedReplicaArray{ GetSecretReplicationUserManagedReplicaArgs{...} }

type GetSecretReplicationUserManagedReplicaArrayOutput

type GetSecretReplicationUserManagedReplicaArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaArrayOutput) ElementType

func (GetSecretReplicationUserManagedReplicaArrayOutput) Index

func (GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutput

func (o GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext

func (o GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArrayOutput) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryption

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryption struct {
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs struct {
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (i GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray []GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

func (i GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput() GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
}

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray and GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput` via:

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray{ GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...} }

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput() GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
}

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput is an input type that accepts GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs and GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput` via:

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) KmsKeyName

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (o GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToOutput added in v6.65.1

type GetSecretReplicationUserManagedReplicaInput

type GetSecretReplicationUserManagedReplicaInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput
	ToGetSecretReplicationUserManagedReplicaOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaOutput
}

GetSecretReplicationUserManagedReplicaInput is an input type that accepts GetSecretReplicationUserManagedReplicaArgs and GetSecretReplicationUserManagedReplicaOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaInput` via:

GetSecretReplicationUserManagedReplicaArgs{...}

type GetSecretReplicationUserManagedReplicaOutput

type GetSecretReplicationUserManagedReplicaOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaOutput) ElementType

func (GetSecretReplicationUserManagedReplicaOutput) Location

func (GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutput

func (o GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutputWithContext

func (o GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaOutput) ToOutput added in v6.65.1

type GetSecretRotation

type GetSecretRotation struct {
	NextRotationTime string `pulumi:"nextRotationTime"`
	RotationPeriod   string `pulumi:"rotationPeriod"`
}

type GetSecretRotationArgs

type GetSecretRotationArgs struct {
	NextRotationTime pulumi.StringInput `pulumi:"nextRotationTime"`
	RotationPeriod   pulumi.StringInput `pulumi:"rotationPeriod"`
}

func (GetSecretRotationArgs) ElementType

func (GetSecretRotationArgs) ElementType() reflect.Type

func (GetSecretRotationArgs) ToGetSecretRotationOutput

func (i GetSecretRotationArgs) ToGetSecretRotationOutput() GetSecretRotationOutput

func (GetSecretRotationArgs) ToGetSecretRotationOutputWithContext

func (i GetSecretRotationArgs) ToGetSecretRotationOutputWithContext(ctx context.Context) GetSecretRotationOutput

func (GetSecretRotationArgs) ToOutput added in v6.65.1

type GetSecretRotationArray

type GetSecretRotationArray []GetSecretRotationInput

func (GetSecretRotationArray) ElementType

func (GetSecretRotationArray) ElementType() reflect.Type

func (GetSecretRotationArray) ToGetSecretRotationArrayOutput

func (i GetSecretRotationArray) ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput

func (GetSecretRotationArray) ToGetSecretRotationArrayOutputWithContext

func (i GetSecretRotationArray) ToGetSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretRotationArrayOutput

func (GetSecretRotationArray) ToOutput added in v6.65.1

type GetSecretRotationArrayInput

type GetSecretRotationArrayInput interface {
	pulumi.Input

	ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput
	ToGetSecretRotationArrayOutputWithContext(context.Context) GetSecretRotationArrayOutput
}

GetSecretRotationArrayInput is an input type that accepts GetSecretRotationArray and GetSecretRotationArrayOutput values. You can construct a concrete instance of `GetSecretRotationArrayInput` via:

GetSecretRotationArray{ GetSecretRotationArgs{...} }

type GetSecretRotationArrayOutput

type GetSecretRotationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretRotationArrayOutput) ElementType

func (GetSecretRotationArrayOutput) Index

func (GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutput

func (o GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput

func (GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutputWithContext

func (o GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretRotationArrayOutput

func (GetSecretRotationArrayOutput) ToOutput added in v6.65.1

type GetSecretRotationInput

type GetSecretRotationInput interface {
	pulumi.Input

	ToGetSecretRotationOutput() GetSecretRotationOutput
	ToGetSecretRotationOutputWithContext(context.Context) GetSecretRotationOutput
}

GetSecretRotationInput is an input type that accepts GetSecretRotationArgs and GetSecretRotationOutput values. You can construct a concrete instance of `GetSecretRotationInput` via:

GetSecretRotationArgs{...}

type GetSecretRotationOutput

type GetSecretRotationOutput struct{ *pulumi.OutputState }

func (GetSecretRotationOutput) ElementType

func (GetSecretRotationOutput) ElementType() reflect.Type

func (GetSecretRotationOutput) NextRotationTime

func (o GetSecretRotationOutput) NextRotationTime() pulumi.StringOutput

func (GetSecretRotationOutput) RotationPeriod

func (o GetSecretRotationOutput) RotationPeriod() pulumi.StringOutput

func (GetSecretRotationOutput) ToGetSecretRotationOutput

func (o GetSecretRotationOutput) ToGetSecretRotationOutput() GetSecretRotationOutput

func (GetSecretRotationOutput) ToGetSecretRotationOutputWithContext

func (o GetSecretRotationOutput) ToGetSecretRotationOutputWithContext(ctx context.Context) GetSecretRotationOutput

func (GetSecretRotationOutput) ToOutput added in v6.65.1

type GetSecretTopic

type GetSecretTopic struct {
	Name string `pulumi:"name"`
}

type GetSecretTopicArgs

type GetSecretTopicArgs struct {
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetSecretTopicArgs) ElementType

func (GetSecretTopicArgs) ElementType() reflect.Type

func (GetSecretTopicArgs) ToGetSecretTopicOutput

func (i GetSecretTopicArgs) ToGetSecretTopicOutput() GetSecretTopicOutput

func (GetSecretTopicArgs) ToGetSecretTopicOutputWithContext

func (i GetSecretTopicArgs) ToGetSecretTopicOutputWithContext(ctx context.Context) GetSecretTopicOutput

func (GetSecretTopicArgs) ToOutput added in v6.65.1

type GetSecretTopicArray

type GetSecretTopicArray []GetSecretTopicInput

func (GetSecretTopicArray) ElementType

func (GetSecretTopicArray) ElementType() reflect.Type

func (GetSecretTopicArray) ToGetSecretTopicArrayOutput

func (i GetSecretTopicArray) ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput

func (GetSecretTopicArray) ToGetSecretTopicArrayOutputWithContext

func (i GetSecretTopicArray) ToGetSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretTopicArrayOutput

func (GetSecretTopicArray) ToOutput added in v6.65.1

type GetSecretTopicArrayInput

type GetSecretTopicArrayInput interface {
	pulumi.Input

	ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput
	ToGetSecretTopicArrayOutputWithContext(context.Context) GetSecretTopicArrayOutput
}

GetSecretTopicArrayInput is an input type that accepts GetSecretTopicArray and GetSecretTopicArrayOutput values. You can construct a concrete instance of `GetSecretTopicArrayInput` via:

GetSecretTopicArray{ GetSecretTopicArgs{...} }

type GetSecretTopicArrayOutput

type GetSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (GetSecretTopicArrayOutput) ElementType

func (GetSecretTopicArrayOutput) ElementType() reflect.Type

func (GetSecretTopicArrayOutput) Index

func (GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutput

func (o GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput

func (GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutputWithContext

func (o GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretTopicArrayOutput

func (GetSecretTopicArrayOutput) ToOutput added in v6.65.1

type GetSecretTopicInput

type GetSecretTopicInput interface {
	pulumi.Input

	ToGetSecretTopicOutput() GetSecretTopicOutput
	ToGetSecretTopicOutputWithContext(context.Context) GetSecretTopicOutput
}

GetSecretTopicInput is an input type that accepts GetSecretTopicArgs and GetSecretTopicOutput values. You can construct a concrete instance of `GetSecretTopicInput` via:

GetSecretTopicArgs{...}

type GetSecretTopicOutput

type GetSecretTopicOutput struct{ *pulumi.OutputState }

func (GetSecretTopicOutput) ElementType

func (GetSecretTopicOutput) ElementType() reflect.Type

func (GetSecretTopicOutput) Name

func (GetSecretTopicOutput) ToGetSecretTopicOutput

func (o GetSecretTopicOutput) ToGetSecretTopicOutput() GetSecretTopicOutput

func (GetSecretTopicOutput) ToGetSecretTopicOutputWithContext

func (o GetSecretTopicOutput) ToGetSecretTopicOutputWithContext(ctx context.Context) GetSecretTopicOutput

func (GetSecretTopicOutput) ToOutput added in v6.65.1

type GetSecretVersionAccessArgs added in v6.49.0

type GetSecretVersionAccessArgs struct {
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The secret to get the secret version for.
	Secret string `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersionAccess.

type GetSecretVersionAccessOutputArgs added in v6.49.0

type GetSecretVersionAccessOutputArgs struct {
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The secret to get the secret version for.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersionAccess.

func (GetSecretVersionAccessOutputArgs) ElementType added in v6.49.0

type GetSecretVersionAccessResult added in v6.49.0

type GetSecretVersionAccessResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getSecretVersionAccess.

func GetSecretVersionAccess added in v6.49.0

func GetSecretVersionAccess(ctx *pulumi.Context, args *GetSecretVersionAccessArgs, opts ...pulumi.InvokeOption) (*GetSecretVersionAccessResult, error)

Get the value from a Secret Manager secret version. This is similar to the secretmanager.SecretVersion datasource, but it only requires the [Secret Manager Secret Accessor](https://cloud.google.com/secret-manager/docs/access-control#secretmanager.secretAccessor) role. For more information see the [official documentation](https://cloud.google.com/secret-manager/docs/) and [API](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets.versions/access).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetSecretVersionAccess(ctx, &secretmanager.GetSecretVersionAccessArgs{
			Secret: "my-secret",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetSecretVersionAccessResultOutput added in v6.49.0

type GetSecretVersionAccessResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretVersionAccess.

func GetSecretVersionAccessOutput added in v6.49.0

func (GetSecretVersionAccessResultOutput) ElementType added in v6.49.0

func (GetSecretVersionAccessResultOutput) Id added in v6.49.0

The provider-assigned unique ID for this managed resource.

func (GetSecretVersionAccessResultOutput) Name added in v6.49.0

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (GetSecretVersionAccessResultOutput) Project added in v6.49.0

func (GetSecretVersionAccessResultOutput) Secret added in v6.49.0

func (GetSecretVersionAccessResultOutput) SecretData added in v6.49.0

The secret data. No larger than 64KiB.

func (GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutput added in v6.49.0

func (o GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutput() GetSecretVersionAccessResultOutput

func (GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutputWithContext added in v6.49.0

func (o GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutputWithContext(ctx context.Context) GetSecretVersionAccessResultOutput

func (GetSecretVersionAccessResultOutput) ToOutput added in v6.65.1

func (GetSecretVersionAccessResultOutput) Version added in v6.49.0

type LookupSecretArgs

type LookupSecretArgs struct {
	// The ID of the project in which the resource belongs.
	Project *string `pulumi:"project"`
	// The name of the secret.
	SecretId string `pulumi:"secretId"`
}

A collection of arguments for invoking getSecret.

type LookupSecretIamPolicyArgs added in v6.59.0

type LookupSecretIamPolicyArgs struct {
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  *string `pulumi:"project"`
	SecretId string  `pulumi:"secretId"`
}

A collection of arguments for invoking getSecretIamPolicy.

type LookupSecretIamPolicyOutputArgs added in v6.59.0

type LookupSecretIamPolicyOutputArgs struct {
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput `pulumi:"project"`
	SecretId pulumi.StringInput    `pulumi:"secretId"`
}

A collection of arguments for invoking getSecretIamPolicy.

func (LookupSecretIamPolicyOutputArgs) ElementType added in v6.59.0

type LookupSecretIamPolicyResult added in v6.59.0

type LookupSecretIamPolicyResult struct {
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// (Required only by `secretmanager.SecretIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
	SecretId   string `pulumi:"secretId"`
}

A collection of values returned by getSecretIamPolicy.

func LookupSecretIamPolicy added in v6.59.0

func LookupSecretIamPolicy(ctx *pulumi.Context, args *LookupSecretIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupSecretIamPolicyResult, error)

Retrieves the current IAM policy data for secret

## example

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecretIamPolicy(ctx, &secretmanager.LookupSecretIamPolicyArgs{
			Project:  pulumi.StringRef(google_secret_manager_secret.SecretBasic.Project),
			SecretId: google_secret_manager_secret.SecretBasic.Secret_id,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretIamPolicyResultOutput added in v6.59.0

type LookupSecretIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretIamPolicy.

func LookupSecretIamPolicyOutput added in v6.59.0

func (LookupSecretIamPolicyResultOutput) ElementType added in v6.59.0

func (LookupSecretIamPolicyResultOutput) Etag added in v6.59.0

(Computed) The etag of the IAM policy.

func (LookupSecretIamPolicyResultOutput) Id added in v6.59.0

The provider-assigned unique ID for this managed resource.

func (LookupSecretIamPolicyResultOutput) PolicyData added in v6.59.0

(Required only by `secretmanager.SecretIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (LookupSecretIamPolicyResultOutput) Project added in v6.59.0

func (LookupSecretIamPolicyResultOutput) SecretId added in v6.59.0

func (LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutput added in v6.59.0

func (o LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutput() LookupSecretIamPolicyResultOutput

func (LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutputWithContext added in v6.59.0

func (o LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutputWithContext(ctx context.Context) LookupSecretIamPolicyResultOutput

func (LookupSecretIamPolicyResultOutput) ToOutput added in v6.65.1

type LookupSecretOutputArgs

type LookupSecretOutputArgs struct {
	// The ID of the project in which the resource belongs.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The name of the secret.
	SecretId pulumi.StringInput `pulumi:"secretId"`
}

A collection of arguments for invoking getSecret.

func (LookupSecretOutputArgs) ElementType

func (LookupSecretOutputArgs) ElementType() reflect.Type

type LookupSecretResult

type LookupSecretResult struct {
	Annotations map[string]string `pulumi:"annotations"`
	CreateTime  string            `pulumi:"createTime"`
	ExpireTime  string            `pulumi:"expireTime"`
	// The provider-assigned unique ID for this managed resource.
	Id             string                 `pulumi:"id"`
	Labels         map[string]string      `pulumi:"labels"`
	Name           string                 `pulumi:"name"`
	Project        *string                `pulumi:"project"`
	Replications   []GetSecretReplication `pulumi:"replications"`
	Rotations      []GetSecretRotation    `pulumi:"rotations"`
	SecretId       string                 `pulumi:"secretId"`
	Topics         []GetSecretTopic       `pulumi:"topics"`
	Ttl            string                 `pulumi:"ttl"`
	VersionAliases map[string]string      `pulumi:"versionAliases"`
}

A collection of values returned by getSecret.

func LookupSecret

func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error)

Use this data source to get information about a Secret Manager Secret

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecret(ctx, &secretmanager.LookupSecretArgs{
			SecretId: "foobar",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretResultOutput

type LookupSecretResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecret.

func (LookupSecretResultOutput) Annotations added in v6.64.0

func (LookupSecretResultOutput) CreateTime

func (LookupSecretResultOutput) ElementType

func (LookupSecretResultOutput) ElementType() reflect.Type

func (LookupSecretResultOutput) ExpireTime

func (LookupSecretResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSecretResultOutput) Labels

func (LookupSecretResultOutput) Name

func (LookupSecretResultOutput) Project

func (LookupSecretResultOutput) Replications

func (LookupSecretResultOutput) Rotations

func (LookupSecretResultOutput) SecretId

func (LookupSecretResultOutput) ToLookupSecretResultOutput

func (o LookupSecretResultOutput) ToLookupSecretResultOutput() LookupSecretResultOutput

func (LookupSecretResultOutput) ToLookupSecretResultOutputWithContext

func (o LookupSecretResultOutput) ToLookupSecretResultOutputWithContext(ctx context.Context) LookupSecretResultOutput

func (LookupSecretResultOutput) ToOutput added in v6.65.1

func (LookupSecretResultOutput) Topics

func (LookupSecretResultOutput) Ttl

func (LookupSecretResultOutput) VersionAliases added in v6.64.0

func (o LookupSecretResultOutput) VersionAliases() pulumi.StringMapOutput

type LookupSecretVersionArgs

type LookupSecretVersionArgs struct {
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The secret to get the secret version for.
	Secret string `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersion.

type LookupSecretVersionOutputArgs

type LookupSecretVersionOutputArgs struct {
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The secret to get the secret version for.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersion.

func (LookupSecretVersionOutputArgs) ElementType

type LookupSecretVersionResult

type LookupSecretVersionResult struct {
	// The time at which the Secret was created.
	CreateTime string `pulumi:"createTime"`
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime string `pulumi:"destroyTime"`
	// True if the current state of the SecretVersion is enabled.
	Enabled bool `pulumi:"enabled"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getSecretVersion.

func LookupSecretVersion

func LookupSecretVersion(ctx *pulumi.Context, args *LookupSecretVersionArgs, opts ...pulumi.InvokeOption) (*LookupSecretVersionResult, error)

Get the value and metadata from a Secret Manager secret version. For more information see the official documentation datasource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecretVersion(ctx, &secretmanager.LookupSecretVersionArgs{
			Secret: "my-secret",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretVersionResultOutput

type LookupSecretVersionResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretVersion.

func (LookupSecretVersionResultOutput) CreateTime

The time at which the Secret was created.

func (LookupSecretVersionResultOutput) DestroyTime

The time at which the Secret was destroyed. Only present if state is DESTROYED.

func (LookupSecretVersionResultOutput) ElementType

func (LookupSecretVersionResultOutput) Enabled

True if the current state of the SecretVersion is enabled.

func (LookupSecretVersionResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSecretVersionResultOutput) Name

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (LookupSecretVersionResultOutput) Project

func (LookupSecretVersionResultOutput) Secret

func (LookupSecretVersionResultOutput) SecretData

The secret data. No larger than 64KiB.

func (LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutput

func (o LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutput() LookupSecretVersionResultOutput

func (LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutputWithContext

func (o LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutputWithContext(ctx context.Context) LookupSecretVersionResultOutput

func (LookupSecretVersionResultOutput) ToOutput added in v6.65.1

func (LookupSecretVersionResultOutput) Version

type Secret

type Secret struct {
	pulumi.CustomResourceState

	// Custom metadata about the secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Annotations pulumi.StringMapOutput `pulumi:"annotations"`
	// The time at which the Secret was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	ExpireTime pulumi.StringOutput `pulumi:"expireTime"`
	// The labels assigned to this Secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationOutput `pulumi:"replication"`
	// The rotation time and period for a Secret. At `nextRotationTime`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation.
	// Structure is documented below.
	Rotation SecretRotationPtrOutput `pulumi:"rotation"`
	// This must be unique within the project.
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
	// Structure is documented below.
	Topics SecretTopicArrayOutput `pulumi:"topics"`
	// The TTL for the Secret.
	// A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapOutput `pulumi:"versionAliases"`
}

A Secret is a logical secret whose value and versions can be accessed.

To get more information about Secret, see:

* [API documentation](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets)

## Example Usage ### Secret Config Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-east1"),
						},
					},
				},
			},
			SecretId: pulumi.String("secret"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret With Annotations

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-with-annotations", &secretmanager.SecretArgs{
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("someval"),
				"key2": pulumi.String("someval2"),
				"key3": pulumi.String("someval3"),
				"key4": pulumi.String("someval4"),
				"key5": pulumi.String("someval5"),
			},
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: nil,
			},
			SecretId: pulumi.String("secret"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret With Automatic Cmek

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/kms"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, nil, nil)
		if err != nil {
			return err
		}
		_, err = kms.NewCryptoKeyIAMMember(ctx, "kms-secret-binding", &kms.CryptoKeyIAMMemberArgs{
			CryptoKeyId: pulumi.String("kms-key"),
			Role:        pulumi.String("roles/cloudkms.cryptoKeyEncrypterDecrypter"),
			Member:      pulumi.String(fmt.Sprintf("serviceAccount:service-%v@gcp-sa-secretmanager.iam.gserviceaccount.com", project.Number)),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecret(ctx, "secret-with-automatic-cmek", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret"),
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{
					CustomerManagedEncryption: &secretmanager.SecretReplicationAutoCustomerManagedEncryptionArgs{
						KmsKeyName: pulumi.String("kms-key"),
					},
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			kms_secret_binding,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Secret can be imported using any of these accepted formats

```sh

$ pulumi import gcp:secretmanager/secret:Secret default projects/{{project}}/secrets/{{secret_id}}

```

```sh

$ pulumi import gcp:secretmanager/secret:Secret default {{project}}/{{secret_id}}

```

```sh

$ pulumi import gcp:secretmanager/secret:Secret default {{secret_id}}

```

func GetSecret

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ElementType

func (*Secret) ElementType() reflect.Type

func (*Secret) ToOutput added in v6.65.1

func (i *Secret) ToOutput(ctx context.Context) pulumix.Output[*Secret]

func (*Secret) ToSecretOutput

func (i *Secret) ToSecretOutput() SecretOutput

func (*Secret) ToSecretOutputWithContext

func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput

type SecretArgs

type SecretArgs struct {
	// Custom metadata about the secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Annotations pulumi.StringMapInput
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this Secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationInput
	// The rotation time and period for a Secret. At `nextRotationTime`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation.
	// Structure is documented below.
	Rotation SecretRotationPtrInput
	// This must be unique within the project.
	SecretId pulumi.StringInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
	// Structure is documented below.
	Topics SecretTopicArrayInput
	// The TTL for the Secret.
	// A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType

func (SecretArgs) ElementType() reflect.Type

type SecretArray

type SecretArray []SecretInput

func (SecretArray) ElementType

func (SecretArray) ElementType() reflect.Type

func (SecretArray) ToOutput added in v6.65.1

func (i SecretArray) ToOutput(ctx context.Context) pulumix.Output[[]*Secret]

func (SecretArray) ToSecretArrayOutput

func (i SecretArray) ToSecretArrayOutput() SecretArrayOutput

func (SecretArray) ToSecretArrayOutputWithContext

func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretArrayInput

type SecretArrayInput interface {
	pulumi.Input

	ToSecretArrayOutput() SecretArrayOutput
	ToSecretArrayOutputWithContext(context.Context) SecretArrayOutput
}

SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. You can construct a concrete instance of `SecretArrayInput` via:

SecretArray{ SecretArgs{...} }

type SecretArrayOutput

type SecretArrayOutput struct{ *pulumi.OutputState }

func (SecretArrayOutput) ElementType

func (SecretArrayOutput) ElementType() reflect.Type

func (SecretArrayOutput) Index

func (SecretArrayOutput) ToOutput added in v6.65.1

func (o SecretArrayOutput) ToOutput(ctx context.Context) pulumix.Output[[]*Secret]

func (SecretArrayOutput) ToSecretArrayOutput

func (o SecretArrayOutput) ToSecretArrayOutput() SecretArrayOutput

func (SecretArrayOutput) ToSecretArrayOutputWithContext

func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretIamBinding

type SecretIamBinding struct {
	pulumi.CustomResourceState

	Condition SecretIamBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag    pulumi.StringOutput      `pulumi:"etag"`
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

## google\_secret\_manager\_secret\_iam\_policy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId:   pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_binding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_member

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/secrets/{{secret_id}} * {{project}}/{{secret_id}} * {{secret_id}} Any variables not passed in the import command will be taken from the provider configuration. Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com"

```

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor"

```

IAM policy imports use the identifier of the resource in question, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor projects/{{project}}/secrets/{{secret_id}}

```

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamBinding

func GetSecretIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamBindingState, opts ...pulumi.ResourceOption) (*SecretIamBinding, error)

GetSecretIamBinding gets an existing SecretIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamBinding

func NewSecretIamBinding(ctx *pulumi.Context,
	name string, args *SecretIamBindingArgs, opts ...pulumi.ResourceOption) (*SecretIamBinding, error)

NewSecretIamBinding registers a new resource with the given unique name, arguments, and options.

func (*SecretIamBinding) ElementType

func (*SecretIamBinding) ElementType() reflect.Type

func (*SecretIamBinding) ToOutput added in v6.65.1

func (*SecretIamBinding) ToSecretIamBindingOutput

func (i *SecretIamBinding) ToSecretIamBindingOutput() SecretIamBindingOutput

func (*SecretIamBinding) ToSecretIamBindingOutputWithContext

func (i *SecretIamBinding) ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput

type SecretIamBindingArgs

type SecretIamBindingArgs struct {
	Condition SecretIamBindingConditionPtrInput
	Members   pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamBinding resource.

func (SecretIamBindingArgs) ElementType

func (SecretIamBindingArgs) ElementType() reflect.Type

type SecretIamBindingArray

type SecretIamBindingArray []SecretIamBindingInput

func (SecretIamBindingArray) ElementType

func (SecretIamBindingArray) ElementType() reflect.Type

func (SecretIamBindingArray) ToOutput added in v6.65.1

func (SecretIamBindingArray) ToSecretIamBindingArrayOutput

func (i SecretIamBindingArray) ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput

func (SecretIamBindingArray) ToSecretIamBindingArrayOutputWithContext

func (i SecretIamBindingArray) ToSecretIamBindingArrayOutputWithContext(ctx context.Context) SecretIamBindingArrayOutput

type SecretIamBindingArrayInput

type SecretIamBindingArrayInput interface {
	pulumi.Input

	ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput
	ToSecretIamBindingArrayOutputWithContext(context.Context) SecretIamBindingArrayOutput
}

SecretIamBindingArrayInput is an input type that accepts SecretIamBindingArray and SecretIamBindingArrayOutput values. You can construct a concrete instance of `SecretIamBindingArrayInput` via:

SecretIamBindingArray{ SecretIamBindingArgs{...} }

type SecretIamBindingArrayOutput

type SecretIamBindingArrayOutput struct{ *pulumi.OutputState }

func (SecretIamBindingArrayOutput) ElementType

func (SecretIamBindingArrayOutput) Index

func (SecretIamBindingArrayOutput) ToOutput added in v6.65.1

func (SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutput

func (o SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput

func (SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutputWithContext

func (o SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutputWithContext(ctx context.Context) SecretIamBindingArrayOutput

type SecretIamBindingCondition

type SecretIamBindingCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type SecretIamBindingConditionArgs

type SecretIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (SecretIamBindingConditionArgs) ElementType

func (SecretIamBindingConditionArgs) ToOutput added in v6.65.1

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutput

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutputWithContext

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutputWithContext(ctx context.Context) SecretIamBindingConditionOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutput

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutputWithContext

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionInput

type SecretIamBindingConditionInput interface {
	pulumi.Input

	ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput
	ToSecretIamBindingConditionOutputWithContext(context.Context) SecretIamBindingConditionOutput
}

SecretIamBindingConditionInput is an input type that accepts SecretIamBindingConditionArgs and SecretIamBindingConditionOutput values. You can construct a concrete instance of `SecretIamBindingConditionInput` via:

SecretIamBindingConditionArgs{...}

type SecretIamBindingConditionOutput

type SecretIamBindingConditionOutput struct{ *pulumi.OutputState }

func (SecretIamBindingConditionOutput) Description

func (SecretIamBindingConditionOutput) ElementType

func (SecretIamBindingConditionOutput) Expression

func (SecretIamBindingConditionOutput) Title

func (SecretIamBindingConditionOutput) ToOutput added in v6.65.1

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutput

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutputWithContext

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutputWithContext(ctx context.Context) SecretIamBindingConditionOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutput

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutputWithContext

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionPtrInput

type SecretIamBindingConditionPtrInput interface {
	pulumi.Input

	ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput
	ToSecretIamBindingConditionPtrOutputWithContext(context.Context) SecretIamBindingConditionPtrOutput
}

SecretIamBindingConditionPtrInput is an input type that accepts SecretIamBindingConditionArgs, SecretIamBindingConditionPtr and SecretIamBindingConditionPtrOutput values. You can construct a concrete instance of `SecretIamBindingConditionPtrInput` via:

        SecretIamBindingConditionArgs{...}

or:

        nil

type SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (SecretIamBindingConditionPtrOutput) Description

func (SecretIamBindingConditionPtrOutput) Elem

func (SecretIamBindingConditionPtrOutput) ElementType

func (SecretIamBindingConditionPtrOutput) Expression

func (SecretIamBindingConditionPtrOutput) Title

func (SecretIamBindingConditionPtrOutput) ToOutput added in v6.65.1

func (SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutput

func (o SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutputWithContext

func (o SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingInput

type SecretIamBindingInput interface {
	pulumi.Input

	ToSecretIamBindingOutput() SecretIamBindingOutput
	ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput
}

type SecretIamBindingMap

type SecretIamBindingMap map[string]SecretIamBindingInput

func (SecretIamBindingMap) ElementType

func (SecretIamBindingMap) ElementType() reflect.Type

func (SecretIamBindingMap) ToOutput added in v6.65.1

func (SecretIamBindingMap) ToSecretIamBindingMapOutput

func (i SecretIamBindingMap) ToSecretIamBindingMapOutput() SecretIamBindingMapOutput

func (SecretIamBindingMap) ToSecretIamBindingMapOutputWithContext

func (i SecretIamBindingMap) ToSecretIamBindingMapOutputWithContext(ctx context.Context) SecretIamBindingMapOutput

type SecretIamBindingMapInput

type SecretIamBindingMapInput interface {
	pulumi.Input

	ToSecretIamBindingMapOutput() SecretIamBindingMapOutput
	ToSecretIamBindingMapOutputWithContext(context.Context) SecretIamBindingMapOutput
}

SecretIamBindingMapInput is an input type that accepts SecretIamBindingMap and SecretIamBindingMapOutput values. You can construct a concrete instance of `SecretIamBindingMapInput` via:

SecretIamBindingMap{ "key": SecretIamBindingArgs{...} }

type SecretIamBindingMapOutput

type SecretIamBindingMapOutput struct{ *pulumi.OutputState }

func (SecretIamBindingMapOutput) ElementType

func (SecretIamBindingMapOutput) ElementType() reflect.Type

func (SecretIamBindingMapOutput) MapIndex

func (SecretIamBindingMapOutput) ToOutput added in v6.65.1

func (SecretIamBindingMapOutput) ToSecretIamBindingMapOutput

func (o SecretIamBindingMapOutput) ToSecretIamBindingMapOutput() SecretIamBindingMapOutput

func (SecretIamBindingMapOutput) ToSecretIamBindingMapOutputWithContext

func (o SecretIamBindingMapOutput) ToSecretIamBindingMapOutputWithContext(ctx context.Context) SecretIamBindingMapOutput

type SecretIamBindingOutput

type SecretIamBindingOutput struct{ *pulumi.OutputState }

func (SecretIamBindingOutput) Condition added in v6.23.0

func (SecretIamBindingOutput) ElementType

func (SecretIamBindingOutput) ElementType() reflect.Type

func (SecretIamBindingOutput) Etag added in v6.23.0

(Computed) The etag of the IAM policy.

func (SecretIamBindingOutput) Members added in v6.23.0

func (SecretIamBindingOutput) Project added in v6.23.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (SecretIamBindingOutput) Role added in v6.23.0

The role that should be applied. Only one `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (SecretIamBindingOutput) SecretId added in v6.23.0

func (SecretIamBindingOutput) ToOutput added in v6.65.1

func (SecretIamBindingOutput) ToSecretIamBindingOutput

func (o SecretIamBindingOutput) ToSecretIamBindingOutput() SecretIamBindingOutput

func (SecretIamBindingOutput) ToSecretIamBindingOutputWithContext

func (o SecretIamBindingOutput) ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput

type SecretIamBindingState

type SecretIamBindingState struct {
	Condition SecretIamBindingConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag    pulumi.StringPtrInput
	Members pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamBindingState) ElementType

func (SecretIamBindingState) ElementType() reflect.Type

type SecretIamMember

type SecretIamMember struct {
	pulumi.CustomResourceState

	Condition SecretIamMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag   pulumi.StringOutput `pulumi:"etag"`
	Member pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

## google\_secret\_manager\_secret\_iam\_policy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId:   pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_binding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_member

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/secrets/{{secret_id}} * {{project}}/{{secret_id}} * {{secret_id}} Any variables not passed in the import command will be taken from the provider configuration. Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com"

```

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor"

```

IAM policy imports use the identifier of the resource in question, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor projects/{{project}}/secrets/{{secret_id}}

```

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamMember

func GetSecretIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamMemberState, opts ...pulumi.ResourceOption) (*SecretIamMember, error)

GetSecretIamMember gets an existing SecretIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamMember

func NewSecretIamMember(ctx *pulumi.Context,
	name string, args *SecretIamMemberArgs, opts ...pulumi.ResourceOption) (*SecretIamMember, error)

NewSecretIamMember registers a new resource with the given unique name, arguments, and options.

func (*SecretIamMember) ElementType

func (*SecretIamMember) ElementType() reflect.Type

func (*SecretIamMember) ToOutput added in v6.65.1

func (*SecretIamMember) ToSecretIamMemberOutput

func (i *SecretIamMember) ToSecretIamMemberOutput() SecretIamMemberOutput

func (*SecretIamMember) ToSecretIamMemberOutputWithContext

func (i *SecretIamMember) ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput

type SecretIamMemberArgs

type SecretIamMemberArgs struct {
	Condition SecretIamMemberConditionPtrInput
	Member    pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamMember resource.

func (SecretIamMemberArgs) ElementType

func (SecretIamMemberArgs) ElementType() reflect.Type

type SecretIamMemberArray

type SecretIamMemberArray []SecretIamMemberInput

func (SecretIamMemberArray) ElementType

func (SecretIamMemberArray) ElementType() reflect.Type

func (SecretIamMemberArray) ToOutput added in v6.65.1

func (SecretIamMemberArray) ToSecretIamMemberArrayOutput

func (i SecretIamMemberArray) ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput

func (SecretIamMemberArray) ToSecretIamMemberArrayOutputWithContext

func (i SecretIamMemberArray) ToSecretIamMemberArrayOutputWithContext(ctx context.Context) SecretIamMemberArrayOutput

type SecretIamMemberArrayInput

type SecretIamMemberArrayInput interface {
	pulumi.Input

	ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput
	ToSecretIamMemberArrayOutputWithContext(context.Context) SecretIamMemberArrayOutput
}

SecretIamMemberArrayInput is an input type that accepts SecretIamMemberArray and SecretIamMemberArrayOutput values. You can construct a concrete instance of `SecretIamMemberArrayInput` via:

SecretIamMemberArray{ SecretIamMemberArgs{...} }

type SecretIamMemberArrayOutput

type SecretIamMemberArrayOutput struct{ *pulumi.OutputState }

func (SecretIamMemberArrayOutput) ElementType

func (SecretIamMemberArrayOutput) ElementType() reflect.Type

func (SecretIamMemberArrayOutput) Index

func (SecretIamMemberArrayOutput) ToOutput added in v6.65.1

func (SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutput

func (o SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput

func (SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutputWithContext

func (o SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutputWithContext(ctx context.Context) SecretIamMemberArrayOutput

type SecretIamMemberCondition

type SecretIamMemberCondition struct {
	Description *string `pulumi:"description"`
	Expression  string  `pulumi:"expression"`
	Title       string  `pulumi:"title"`
}

type SecretIamMemberConditionArgs

type SecretIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	Expression  pulumi.StringInput    `pulumi:"expression"`
	Title       pulumi.StringInput    `pulumi:"title"`
}

func (SecretIamMemberConditionArgs) ElementType

func (SecretIamMemberConditionArgs) ToOutput added in v6.65.1

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutput

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutputWithContext

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutputWithContext(ctx context.Context) SecretIamMemberConditionOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutput

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutputWithContext

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionInput

type SecretIamMemberConditionInput interface {
	pulumi.Input

	ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput
	ToSecretIamMemberConditionOutputWithContext(context.Context) SecretIamMemberConditionOutput
}

SecretIamMemberConditionInput is an input type that accepts SecretIamMemberConditionArgs and SecretIamMemberConditionOutput values. You can construct a concrete instance of `SecretIamMemberConditionInput` via:

SecretIamMemberConditionArgs{...}

type SecretIamMemberConditionOutput

type SecretIamMemberConditionOutput struct{ *pulumi.OutputState }

func (SecretIamMemberConditionOutput) Description

func (SecretIamMemberConditionOutput) ElementType

func (SecretIamMemberConditionOutput) Expression

func (SecretIamMemberConditionOutput) Title

func (SecretIamMemberConditionOutput) ToOutput added in v6.65.1

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutput

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutputWithContext

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutputWithContext(ctx context.Context) SecretIamMemberConditionOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutput

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutputWithContext

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionPtrInput

type SecretIamMemberConditionPtrInput interface {
	pulumi.Input

	ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput
	ToSecretIamMemberConditionPtrOutputWithContext(context.Context) SecretIamMemberConditionPtrOutput
}

SecretIamMemberConditionPtrInput is an input type that accepts SecretIamMemberConditionArgs, SecretIamMemberConditionPtr and SecretIamMemberConditionPtrOutput values. You can construct a concrete instance of `SecretIamMemberConditionPtrInput` via:

        SecretIamMemberConditionArgs{...}

or:

        nil

type SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (SecretIamMemberConditionPtrOutput) Description

func (SecretIamMemberConditionPtrOutput) Elem

func (SecretIamMemberConditionPtrOutput) ElementType

func (SecretIamMemberConditionPtrOutput) Expression

func (SecretIamMemberConditionPtrOutput) Title

func (SecretIamMemberConditionPtrOutput) ToOutput added in v6.65.1

func (SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutput

func (o SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutputWithContext

func (o SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberInput

type SecretIamMemberInput interface {
	pulumi.Input

	ToSecretIamMemberOutput() SecretIamMemberOutput
	ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput
}

type SecretIamMemberMap

type SecretIamMemberMap map[string]SecretIamMemberInput

func (SecretIamMemberMap) ElementType

func (SecretIamMemberMap) ElementType() reflect.Type

func (SecretIamMemberMap) ToOutput added in v6.65.1

func (SecretIamMemberMap) ToSecretIamMemberMapOutput

func (i SecretIamMemberMap) ToSecretIamMemberMapOutput() SecretIamMemberMapOutput

func (SecretIamMemberMap) ToSecretIamMemberMapOutputWithContext

func (i SecretIamMemberMap) ToSecretIamMemberMapOutputWithContext(ctx context.Context) SecretIamMemberMapOutput

type SecretIamMemberMapInput

type SecretIamMemberMapInput interface {
	pulumi.Input

	ToSecretIamMemberMapOutput() SecretIamMemberMapOutput
	ToSecretIamMemberMapOutputWithContext(context.Context) SecretIamMemberMapOutput
}

SecretIamMemberMapInput is an input type that accepts SecretIamMemberMap and SecretIamMemberMapOutput values. You can construct a concrete instance of `SecretIamMemberMapInput` via:

SecretIamMemberMap{ "key": SecretIamMemberArgs{...} }

type SecretIamMemberMapOutput

type SecretIamMemberMapOutput struct{ *pulumi.OutputState }

func (SecretIamMemberMapOutput) ElementType

func (SecretIamMemberMapOutput) ElementType() reflect.Type

func (SecretIamMemberMapOutput) MapIndex

func (SecretIamMemberMapOutput) ToOutput added in v6.65.1

func (SecretIamMemberMapOutput) ToSecretIamMemberMapOutput

func (o SecretIamMemberMapOutput) ToSecretIamMemberMapOutput() SecretIamMemberMapOutput

func (SecretIamMemberMapOutput) ToSecretIamMemberMapOutputWithContext

func (o SecretIamMemberMapOutput) ToSecretIamMemberMapOutputWithContext(ctx context.Context) SecretIamMemberMapOutput

type SecretIamMemberOutput

type SecretIamMemberOutput struct{ *pulumi.OutputState }

func (SecretIamMemberOutput) Condition added in v6.23.0

func (SecretIamMemberOutput) ElementType

func (SecretIamMemberOutput) ElementType() reflect.Type

func (SecretIamMemberOutput) Etag added in v6.23.0

(Computed) The etag of the IAM policy.

func (SecretIamMemberOutput) Member added in v6.23.0

func (SecretIamMemberOutput) Project added in v6.23.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (SecretIamMemberOutput) Role added in v6.23.0

The role that should be applied. Only one `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (SecretIamMemberOutput) SecretId added in v6.23.0

func (SecretIamMemberOutput) ToOutput added in v6.65.1

func (SecretIamMemberOutput) ToSecretIamMemberOutput

func (o SecretIamMemberOutput) ToSecretIamMemberOutput() SecretIamMemberOutput

func (SecretIamMemberOutput) ToSecretIamMemberOutputWithContext

func (o SecretIamMemberOutput) ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput

type SecretIamMemberState

type SecretIamMemberState struct {
	Condition SecretIamMemberConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag   pulumi.StringPtrInput
	Member pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamMemberState) ElementType

func (SecretIamMemberState) ElementType() reflect.Type

type SecretIamPolicy

type SecretIamPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project  pulumi.StringOutput `pulumi:"project"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

## google\_secret\_manager\_secret\_iam\_policy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId:   pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			PolicyData: *pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_binding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## google\_secret\_manager\_secret\_iam\_member

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(google_secret_manager_secret.SecretBasic.Project),
			SecretId: pulumi.Any(google_secret_manager_secret.SecretBasic.Secret_id),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms* projects/{{project}}/secrets/{{secret_id}} * {{project}}/{{secret_id}} * {{secret_id}} Any variables not passed in the import command will be taken from the provider configuration. Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member. IAM member imports use space-delimited identifiersthe resource in question, the role, and the member identity, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com"

```

IAM binding imports use space-delimited identifiersthe resource in question and the role, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor"

```

IAM policy imports use the identifier of the resource in question, e.g.

```sh

$ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor projects/{{project}}/secrets/{{secret_id}}

```

-> **Custom Roles**If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamPolicy

func GetSecretIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamPolicyState, opts ...pulumi.ResourceOption) (*SecretIamPolicy, error)

GetSecretIamPolicy gets an existing SecretIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamPolicy

func NewSecretIamPolicy(ctx *pulumi.Context,
	name string, args *SecretIamPolicyArgs, opts ...pulumi.ResourceOption) (*SecretIamPolicy, error)

NewSecretIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*SecretIamPolicy) ElementType

func (*SecretIamPolicy) ElementType() reflect.Type

func (*SecretIamPolicy) ToOutput added in v6.65.1

func (*SecretIamPolicy) ToSecretIamPolicyOutput

func (i *SecretIamPolicy) ToSecretIamPolicyOutput() SecretIamPolicyOutput

func (*SecretIamPolicy) ToSecretIamPolicyOutputWithContext

func (i *SecretIamPolicy) ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput

type SecretIamPolicyArgs

type SecretIamPolicyArgs struct {
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamPolicy resource.

func (SecretIamPolicyArgs) ElementType

func (SecretIamPolicyArgs) ElementType() reflect.Type

type SecretIamPolicyArray

type SecretIamPolicyArray []SecretIamPolicyInput

func (SecretIamPolicyArray) ElementType

func (SecretIamPolicyArray) ElementType() reflect.Type

func (SecretIamPolicyArray) ToOutput added in v6.65.1

func (SecretIamPolicyArray) ToSecretIamPolicyArrayOutput

func (i SecretIamPolicyArray) ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput

func (SecretIamPolicyArray) ToSecretIamPolicyArrayOutputWithContext

func (i SecretIamPolicyArray) ToSecretIamPolicyArrayOutputWithContext(ctx context.Context) SecretIamPolicyArrayOutput

type SecretIamPolicyArrayInput

type SecretIamPolicyArrayInput interface {
	pulumi.Input

	ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput
	ToSecretIamPolicyArrayOutputWithContext(context.Context) SecretIamPolicyArrayOutput
}

SecretIamPolicyArrayInput is an input type that accepts SecretIamPolicyArray and SecretIamPolicyArrayOutput values. You can construct a concrete instance of `SecretIamPolicyArrayInput` via:

SecretIamPolicyArray{ SecretIamPolicyArgs{...} }

type SecretIamPolicyArrayOutput

type SecretIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyArrayOutput) ElementType

func (SecretIamPolicyArrayOutput) ElementType() reflect.Type

func (SecretIamPolicyArrayOutput) Index

func (SecretIamPolicyArrayOutput) ToOutput added in v6.65.1

func (SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutput

func (o SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput

func (SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutputWithContext

func (o SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutputWithContext(ctx context.Context) SecretIamPolicyArrayOutput

type SecretIamPolicyInput

type SecretIamPolicyInput interface {
	pulumi.Input

	ToSecretIamPolicyOutput() SecretIamPolicyOutput
	ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput
}

type SecretIamPolicyMap

type SecretIamPolicyMap map[string]SecretIamPolicyInput

func (SecretIamPolicyMap) ElementType

func (SecretIamPolicyMap) ElementType() reflect.Type

func (SecretIamPolicyMap) ToOutput added in v6.65.1

func (SecretIamPolicyMap) ToSecretIamPolicyMapOutput

func (i SecretIamPolicyMap) ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput

func (SecretIamPolicyMap) ToSecretIamPolicyMapOutputWithContext

func (i SecretIamPolicyMap) ToSecretIamPolicyMapOutputWithContext(ctx context.Context) SecretIamPolicyMapOutput

type SecretIamPolicyMapInput

type SecretIamPolicyMapInput interface {
	pulumi.Input

	ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput
	ToSecretIamPolicyMapOutputWithContext(context.Context) SecretIamPolicyMapOutput
}

SecretIamPolicyMapInput is an input type that accepts SecretIamPolicyMap and SecretIamPolicyMapOutput values. You can construct a concrete instance of `SecretIamPolicyMapInput` via:

SecretIamPolicyMap{ "key": SecretIamPolicyArgs{...} }

type SecretIamPolicyMapOutput

type SecretIamPolicyMapOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyMapOutput) ElementType

func (SecretIamPolicyMapOutput) ElementType() reflect.Type

func (SecretIamPolicyMapOutput) MapIndex

func (SecretIamPolicyMapOutput) ToOutput added in v6.65.1

func (SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutput

func (o SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput

func (SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutputWithContext

func (o SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutputWithContext(ctx context.Context) SecretIamPolicyMapOutput

type SecretIamPolicyOutput

type SecretIamPolicyOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyOutput) ElementType

func (SecretIamPolicyOutput) ElementType() reflect.Type

func (SecretIamPolicyOutput) Etag added in v6.23.0

(Computed) The etag of the IAM policy.

func (SecretIamPolicyOutput) PolicyData added in v6.23.0

func (o SecretIamPolicyOutput) PolicyData() pulumi.StringOutput

The policy data generated by a `organizations.getIAMPolicy` data source.

func (SecretIamPolicyOutput) Project added in v6.23.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • `member/members` - (Required) Identities that will be granted the privilege in `role`. Each entry can have one of the following values:
  • **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
  • **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
  • **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
  • **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
  • **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
  • **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
  • **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
  • **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
  • **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (SecretIamPolicyOutput) SecretId added in v6.23.0

func (SecretIamPolicyOutput) ToOutput added in v6.65.1

func (SecretIamPolicyOutput) ToSecretIamPolicyOutput

func (o SecretIamPolicyOutput) ToSecretIamPolicyOutput() SecretIamPolicyOutput

func (SecretIamPolicyOutput) ToSecretIamPolicyOutputWithContext

func (o SecretIamPolicyOutput) ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput

type SecretIamPolicyState

type SecretIamPolicyState struct {
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	//
	// * `member/members` - (Required) Identities that will be granted the privilege in `role`.
	//   Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamPolicyState) ElementType

func (SecretIamPolicyState) ElementType() reflect.Type

type SecretInput

type SecretInput interface {
	pulumi.Input

	ToSecretOutput() SecretOutput
	ToSecretOutputWithContext(ctx context.Context) SecretOutput
}

type SecretMap

type SecretMap map[string]SecretInput

func (SecretMap) ElementType

func (SecretMap) ElementType() reflect.Type

func (SecretMap) ToOutput added in v6.65.1

func (i SecretMap) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret]

func (SecretMap) ToSecretMapOutput

func (i SecretMap) ToSecretMapOutput() SecretMapOutput

func (SecretMap) ToSecretMapOutputWithContext

func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretMapInput

type SecretMapInput interface {
	pulumi.Input

	ToSecretMapOutput() SecretMapOutput
	ToSecretMapOutputWithContext(context.Context) SecretMapOutput
}

SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. You can construct a concrete instance of `SecretMapInput` via:

SecretMap{ "key": SecretArgs{...} }

type SecretMapOutput

type SecretMapOutput struct{ *pulumi.OutputState }

func (SecretMapOutput) ElementType

func (SecretMapOutput) ElementType() reflect.Type

func (SecretMapOutput) MapIndex

func (SecretMapOutput) ToOutput added in v6.65.1

func (o SecretMapOutput) ToOutput(ctx context.Context) pulumix.Output[map[string]*Secret]

func (SecretMapOutput) ToSecretMapOutput

func (o SecretMapOutput) ToSecretMapOutput() SecretMapOutput

func (SecretMapOutput) ToSecretMapOutputWithContext

func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretOutput

type SecretOutput struct{ *pulumi.OutputState }

func (SecretOutput) Annotations added in v6.64.0

func (o SecretOutput) Annotations() pulumi.StringMapOutput

Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

func (SecretOutput) CreateTime added in v6.23.0

func (o SecretOutput) CreateTime() pulumi.StringOutput

The time at which the Secret was created.

func (SecretOutput) ElementType

func (SecretOutput) ElementType() reflect.Type

func (SecretOutput) ExpireTime added in v6.23.0

func (o SecretOutput) ExpireTime() pulumi.StringOutput

Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (SecretOutput) Labels added in v6.23.0

func (o SecretOutput) Labels() pulumi.StringMapOutput

The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

func (SecretOutput) Name added in v6.23.0

func (o SecretOutput) Name() pulumi.StringOutput

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (SecretOutput) Project added in v6.23.0

func (o SecretOutput) Project() pulumi.StringOutput

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (SecretOutput) Replication added in v6.23.0

func (o SecretOutput) Replication() SecretReplicationOutput

The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. Structure is documented below.

func (SecretOutput) Rotation added in v6.23.0

The rotation time and period for a Secret. At `nextRotationTime`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation. Structure is documented below.

func (SecretOutput) SecretId added in v6.23.0

func (o SecretOutput) SecretId() pulumi.StringOutput

This must be unique within the project.

func (SecretOutput) ToOutput added in v6.65.1

func (o SecretOutput) ToOutput(ctx context.Context) pulumix.Output[*Secret]

func (SecretOutput) ToSecretOutput

func (o SecretOutput) ToSecretOutput() SecretOutput

func (SecretOutput) ToSecretOutputWithContext

func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutput

func (SecretOutput) Topics added in v6.23.0

A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.

func (SecretOutput) Ttl added in v6.23.0

The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

func (SecretOutput) VersionAliases added in v6.64.0

func (o SecretOutput) VersionAliases() pulumi.StringMapOutput

Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

type SecretReplication

type SecretReplication struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Auto *SecretReplicationAuto `pulumi:"auto"`
	// (Optional, Deprecated)
	// The Secret will automatically be replicated without any restrictions.
	//
	// > **Warning:** `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.
	//
	// Deprecated: `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.
	Automatic *bool `pulumi:"automatic"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManaged *SecretReplicationUserManaged `pulumi:"userManaged"`
}

type SecretReplicationArgs

type SecretReplicationArgs struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Auto SecretReplicationAutoPtrInput `pulumi:"auto"`
	// (Optional, Deprecated)
	// The Secret will automatically be replicated without any restrictions.
	//
	// > **Warning:** `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.
	//
	// Deprecated: `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.
	Automatic pulumi.BoolPtrInput `pulumi:"automatic"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManaged SecretReplicationUserManagedPtrInput `pulumi:"userManaged"`
}

func (SecretReplicationArgs) ElementType

func (SecretReplicationArgs) ElementType() reflect.Type

func (SecretReplicationArgs) ToOutput added in v6.65.1

func (SecretReplicationArgs) ToSecretReplicationOutput

func (i SecretReplicationArgs) ToSecretReplicationOutput() SecretReplicationOutput

func (SecretReplicationArgs) ToSecretReplicationOutputWithContext

func (i SecretReplicationArgs) ToSecretReplicationOutputWithContext(ctx context.Context) SecretReplicationOutput

func (SecretReplicationArgs) ToSecretReplicationPtrOutput

func (i SecretReplicationArgs) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationArgs) ToSecretReplicationPtrOutputWithContext

func (i SecretReplicationArgs) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

type SecretReplicationAuto added in v6.67.0

type SecretReplicationAuto struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	// Structure is documented below.
	CustomerManagedEncryption *SecretReplicationAutoCustomerManagedEncryption `pulumi:"customerManagedEncryption"`
}

type SecretReplicationAutoArgs added in v6.67.0

type SecretReplicationAutoArgs struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	// Structure is documented below.
	CustomerManagedEncryption SecretReplicationAutoCustomerManagedEncryptionPtrInput `pulumi:"customerManagedEncryption"`
}

func (SecretReplicationAutoArgs) ElementType added in v6.67.0

func (SecretReplicationAutoArgs) ElementType() reflect.Type

func (SecretReplicationAutoArgs) ToOutput added in v6.67.0

func (SecretReplicationAutoArgs) ToSecretReplicationAutoOutput added in v6.67.0

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoOutput() SecretReplicationAutoOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoOutputWithContext added in v6.67.0

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoOutputWithContext(ctx context.Context) SecretReplicationAutoOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutput added in v6.67.0

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutputWithContext added in v6.67.0

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationAutoCustomerManagedEncryption added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type SecretReplicationAutoCustomerManagedEncryptionArgs added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ElementType added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToOutput added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutput() SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext added in v6.67.0

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput added in v6.67.0

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext added in v6.67.0

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoCustomerManagedEncryptionInput added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToSecretReplicationAutoCustomerManagedEncryptionOutput() SecretReplicationAutoCustomerManagedEncryptionOutput
	ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput
}

SecretReplicationAutoCustomerManagedEncryptionInput is an input type that accepts SecretReplicationAutoCustomerManagedEncryptionArgs and SecretReplicationAutoCustomerManagedEncryptionOutput values. You can construct a concrete instance of `SecretReplicationAutoCustomerManagedEncryptionInput` via:

SecretReplicationAutoCustomerManagedEncryptionArgs{...}

type SecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ElementType added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionOutput) KmsKeyName added in v6.67.0

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToOutput added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutput added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext added in v6.67.0

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput added in v6.67.0

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext added in v6.67.0

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoCustomerManagedEncryptionPtrInput added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryptionPtrInput interface {
	pulumi.Input

	ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput
	ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput
}

SecretReplicationAutoCustomerManagedEncryptionPtrInput is an input type that accepts SecretReplicationAutoCustomerManagedEncryptionArgs, SecretReplicationAutoCustomerManagedEncryptionPtr and SecretReplicationAutoCustomerManagedEncryptionPtrOutput values. You can construct a concrete instance of `SecretReplicationAutoCustomerManagedEncryptionPtrInput` via:

        SecretReplicationAutoCustomerManagedEncryptionArgs{...}

or:

        nil

type SecretReplicationAutoCustomerManagedEncryptionPtrOutput added in v6.67.0

type SecretReplicationAutoCustomerManagedEncryptionPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) Elem added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ElementType added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) KmsKeyName added in v6.67.0

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToOutput added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput added in v6.67.0

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext added in v6.67.0

func (o SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoInput added in v6.67.0

type SecretReplicationAutoInput interface {
	pulumi.Input

	ToSecretReplicationAutoOutput() SecretReplicationAutoOutput
	ToSecretReplicationAutoOutputWithContext(context.Context) SecretReplicationAutoOutput
}

SecretReplicationAutoInput is an input type that accepts SecretReplicationAutoArgs and SecretReplicationAutoOutput values. You can construct a concrete instance of `SecretReplicationAutoInput` via:

SecretReplicationAutoArgs{...}

type SecretReplicationAutoOutput added in v6.67.0

type SecretReplicationAutoOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoOutput) CustomerManagedEncryption added in v6.67.0

The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Structure is documented below.

func (SecretReplicationAutoOutput) ElementType added in v6.67.0

func (SecretReplicationAutoOutput) ToOutput added in v6.67.0

func (SecretReplicationAutoOutput) ToSecretReplicationAutoOutput added in v6.67.0

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoOutput() SecretReplicationAutoOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoOutputWithContext added in v6.67.0

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoOutputWithContext(ctx context.Context) SecretReplicationAutoOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutput added in v6.67.0

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutputWithContext added in v6.67.0

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationAutoPtrInput added in v6.67.0

type SecretReplicationAutoPtrInput interface {
	pulumi.Input

	ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput
	ToSecretReplicationAutoPtrOutputWithContext(context.Context) SecretReplicationAutoPtrOutput
}

SecretReplicationAutoPtrInput is an input type that accepts SecretReplicationAutoArgs, SecretReplicationAutoPtr and SecretReplicationAutoPtrOutput values. You can construct a concrete instance of `SecretReplicationAutoPtrInput` via:

        SecretReplicationAutoArgs{...}

or:

        nil

func SecretReplicationAutoPtr added in v6.67.0

func SecretReplicationAutoPtr(v *SecretReplicationAutoArgs) SecretReplicationAutoPtrInput

type SecretReplicationAutoPtrOutput added in v6.67.0

type SecretReplicationAutoPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoPtrOutput) CustomerManagedEncryption added in v6.67.0

The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Structure is documented below.

func (SecretReplicationAutoPtrOutput) Elem added in v6.67.0

func (SecretReplicationAutoPtrOutput) ElementType added in v6.67.0

func (SecretReplicationAutoPtrOutput) ToOutput added in v6.67.0

func (SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutput added in v6.67.0

func (o SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutputWithContext added in v6.67.0

func (o SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationInput

type SecretReplicationInput interface {
	pulumi.Input

	ToSecretReplicationOutput() SecretReplicationOutput
	ToSecretReplicationOutputWithContext(context.Context) SecretReplicationOutput
}

SecretReplicationInput is an input type that accepts SecretReplicationArgs and SecretReplicationOutput values. You can construct a concrete instance of `SecretReplicationInput` via:

SecretReplicationArgs{...}

type SecretReplicationOutput

type SecretReplicationOutput struct{ *pulumi.OutputState }

func (SecretReplicationOutput) Auto added in v6.67.0

The Secret will automatically be replicated without any restrictions. Structure is documented below.

func (SecretReplicationOutput) Automatic deprecated

(Optional, Deprecated) The Secret will automatically be replicated without any restrictions.

> **Warning:** `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.

Deprecated: `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.

func (SecretReplicationOutput) ElementType

func (SecretReplicationOutput) ElementType() reflect.Type

func (SecretReplicationOutput) ToOutput added in v6.65.1

func (SecretReplicationOutput) ToSecretReplicationOutput

func (o SecretReplicationOutput) ToSecretReplicationOutput() SecretReplicationOutput

func (SecretReplicationOutput) ToSecretReplicationOutputWithContext

func (o SecretReplicationOutput) ToSecretReplicationOutputWithContext(ctx context.Context) SecretReplicationOutput

func (SecretReplicationOutput) ToSecretReplicationPtrOutput

func (o SecretReplicationOutput) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationOutput) ToSecretReplicationPtrOutputWithContext

func (o SecretReplicationOutput) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

func (SecretReplicationOutput) UserManaged

The Secret will be replicated to the regions specified by the user. Structure is documented below.

type SecretReplicationPtrInput

type SecretReplicationPtrInput interface {
	pulumi.Input

	ToSecretReplicationPtrOutput() SecretReplicationPtrOutput
	ToSecretReplicationPtrOutputWithContext(context.Context) SecretReplicationPtrOutput
}

SecretReplicationPtrInput is an input type that accepts SecretReplicationArgs, SecretReplicationPtr and SecretReplicationPtrOutput values. You can construct a concrete instance of `SecretReplicationPtrInput` via:

        SecretReplicationArgs{...}

or:

        nil

type SecretReplicationPtrOutput

type SecretReplicationPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationPtrOutput) Auto added in v6.67.0

The Secret will automatically be replicated without any restrictions. Structure is documented below.

func (SecretReplicationPtrOutput) Automatic deprecated

(Optional, Deprecated) The Secret will automatically be replicated without any restrictions.

> **Warning:** `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.

Deprecated: `automatic` is deprecated and will be removed in a future major release. Use `auto` instead.

func (SecretReplicationPtrOutput) Elem

func (SecretReplicationPtrOutput) ElementType

func (SecretReplicationPtrOutput) ElementType() reflect.Type

func (SecretReplicationPtrOutput) ToOutput added in v6.65.1

func (SecretReplicationPtrOutput) ToSecretReplicationPtrOutput

func (o SecretReplicationPtrOutput) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationPtrOutput) ToSecretReplicationPtrOutputWithContext

func (o SecretReplicationPtrOutput) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

func (SecretReplicationPtrOutput) UserManaged

The Secret will be replicated to the regions specified by the user. Structure is documented below.

type SecretReplicationUserManaged

type SecretReplicationUserManaged struct {
	// The list of Replicas for this Secret. Cannot be empty.
	// Structure is documented below.
	Replicas []SecretReplicationUserManagedReplica `pulumi:"replicas"`
}

type SecretReplicationUserManagedArgs

type SecretReplicationUserManagedArgs struct {
	// The list of Replicas for this Secret. Cannot be empty.
	// Structure is documented below.
	Replicas SecretReplicationUserManagedReplicaArrayInput `pulumi:"replicas"`
}

func (SecretReplicationUserManagedArgs) ElementType

func (SecretReplicationUserManagedArgs) ToOutput added in v6.65.1

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutput

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutputWithContext

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutputWithContext(ctx context.Context) SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutput

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutputWithContext

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedInput

type SecretReplicationUserManagedInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput
	ToSecretReplicationUserManagedOutputWithContext(context.Context) SecretReplicationUserManagedOutput
}

SecretReplicationUserManagedInput is an input type that accepts SecretReplicationUserManagedArgs and SecretReplicationUserManagedOutput values. You can construct a concrete instance of `SecretReplicationUserManagedInput` via:

SecretReplicationUserManagedArgs{...}

type SecretReplicationUserManagedOutput

type SecretReplicationUserManagedOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedOutput) ElementType

func (SecretReplicationUserManagedOutput) Replicas

The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

func (SecretReplicationUserManagedOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutput

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutputWithContext

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutputWithContext(ctx context.Context) SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutput

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutputWithContext

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedPtrInput

type SecretReplicationUserManagedPtrInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput
	ToSecretReplicationUserManagedPtrOutputWithContext(context.Context) SecretReplicationUserManagedPtrOutput
}

SecretReplicationUserManagedPtrInput is an input type that accepts SecretReplicationUserManagedArgs, SecretReplicationUserManagedPtr and SecretReplicationUserManagedPtrOutput values. You can construct a concrete instance of `SecretReplicationUserManagedPtrInput` via:

        SecretReplicationUserManagedArgs{...}

or:

        nil

type SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedPtrOutput) Elem

func (SecretReplicationUserManagedPtrOutput) ElementType

func (SecretReplicationUserManagedPtrOutput) Replicas

The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

func (SecretReplicationUserManagedPtrOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutput

func (o SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutputWithContext

func (o SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedReplica

type SecretReplicationUserManagedReplica struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryption *SecretReplicationUserManagedReplicaCustomerManagedEncryption `pulumi:"customerManagedEncryption"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location string `pulumi:"location"`
}

type SecretReplicationUserManagedReplicaArgs

type SecretReplicationUserManagedReplicaArgs struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryption SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput `pulumi:"customerManagedEncryption"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location pulumi.StringInput `pulumi:"location"`
}

func (SecretReplicationUserManagedReplicaArgs) ElementType

func (SecretReplicationUserManagedReplicaArgs) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutput

func (i SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput

func (SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutputWithContext

func (i SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaOutput

type SecretReplicationUserManagedReplicaArray

type SecretReplicationUserManagedReplicaArray []SecretReplicationUserManagedReplicaInput

func (SecretReplicationUserManagedReplicaArray) ElementType

func (SecretReplicationUserManagedReplicaArray) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutput

func (i SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput

func (SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutputWithContext

func (i SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaArrayInput

type SecretReplicationUserManagedReplicaArrayInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput
	ToSecretReplicationUserManagedReplicaArrayOutputWithContext(context.Context) SecretReplicationUserManagedReplicaArrayOutput
}

SecretReplicationUserManagedReplicaArrayInput is an input type that accepts SecretReplicationUserManagedReplicaArray and SecretReplicationUserManagedReplicaArrayOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaArrayInput` via:

SecretReplicationUserManagedReplicaArray{ SecretReplicationUserManagedReplicaArgs{...} }

type SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaArrayOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaArrayOutput) ElementType

func (SecretReplicationUserManagedReplicaArrayOutput) Index

func (SecretReplicationUserManagedReplicaArrayOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutput

func (o SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput

func (SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutputWithContext

func (o SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryption

type SecretReplicationUserManagedReplicaCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (i SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (i SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput() SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
}

SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput is an input type that accepts SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs and SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput` via:

SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput() SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput
	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput
}

SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput is an input type that accepts SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs, SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtr and SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput` via:

        SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

or:

        nil

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) Elem

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaInput

type SecretReplicationUserManagedReplicaInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput
	ToSecretReplicationUserManagedReplicaOutputWithContext(context.Context) SecretReplicationUserManagedReplicaOutput
}

SecretReplicationUserManagedReplicaInput is an input type that accepts SecretReplicationUserManagedReplicaArgs and SecretReplicationUserManagedReplicaOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaInput` via:

SecretReplicationUserManagedReplicaArgs{...}

type SecretReplicationUserManagedReplicaOutput

type SecretReplicationUserManagedReplicaOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaOutput) CustomerManagedEncryption

Customer Managed Encryption for the secret. Structure is documented below.

func (SecretReplicationUserManagedReplicaOutput) ElementType

func (SecretReplicationUserManagedReplicaOutput) Location

The canonical IDs of the location to replicate data. For example: "us-east1".

func (SecretReplicationUserManagedReplicaOutput) ToOutput added in v6.65.1

func (SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutput

func (o SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput

func (SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutputWithContext

func (o SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaOutput

type SecretRotation

type SecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime *string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod *string `pulumi:"rotationPeriod"`
}

type SecretRotationArgs

type SecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime pulumi.StringPtrInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod pulumi.StringPtrInput `pulumi:"rotationPeriod"`
}

func (SecretRotationArgs) ElementType

func (SecretRotationArgs) ElementType() reflect.Type

func (SecretRotationArgs) ToOutput added in v6.65.1

func (SecretRotationArgs) ToSecretRotationOutput

func (i SecretRotationArgs) ToSecretRotationOutput() SecretRotationOutput

func (SecretRotationArgs) ToSecretRotationOutputWithContext

func (i SecretRotationArgs) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (SecretRotationArgs) ToSecretRotationPtrOutput

func (i SecretRotationArgs) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationArgs) ToSecretRotationPtrOutputWithContext

func (i SecretRotationArgs) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationInput

type SecretRotationInput interface {
	pulumi.Input

	ToSecretRotationOutput() SecretRotationOutput
	ToSecretRotationOutputWithContext(context.Context) SecretRotationOutput
}

SecretRotationInput is an input type that accepts SecretRotationArgs and SecretRotationOutput values. You can construct a concrete instance of `SecretRotationInput` via:

SecretRotationArgs{...}

type SecretRotationOutput

type SecretRotationOutput struct{ *pulumi.OutputState }

func (SecretRotationOutput) ElementType

func (SecretRotationOutput) ElementType() reflect.Type

func (SecretRotationOutput) NextRotationTime

func (o SecretRotationOutput) NextRotationTime() pulumi.StringPtrOutput

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (SecretRotationOutput) RotationPeriod

func (o SecretRotationOutput) RotationPeriod() pulumi.StringPtrOutput

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (SecretRotationOutput) ToOutput added in v6.65.1

func (SecretRotationOutput) ToSecretRotationOutput

func (o SecretRotationOutput) ToSecretRotationOutput() SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationOutputWithContext

func (o SecretRotationOutput) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationPtrOutput

func (o SecretRotationOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationOutput) ToSecretRotationPtrOutputWithContext

func (o SecretRotationOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationPtrInput

type SecretRotationPtrInput interface {
	pulumi.Input

	ToSecretRotationPtrOutput() SecretRotationPtrOutput
	ToSecretRotationPtrOutputWithContext(context.Context) SecretRotationPtrOutput
}

SecretRotationPtrInput is an input type that accepts SecretRotationArgs, SecretRotationPtr and SecretRotationPtrOutput values. You can construct a concrete instance of `SecretRotationPtrInput` via:

        SecretRotationArgs{...}

or:

        nil

type SecretRotationPtrOutput

type SecretRotationPtrOutput struct{ *pulumi.OutputState }

func (SecretRotationPtrOutput) Elem

func (SecretRotationPtrOutput) ElementType

func (SecretRotationPtrOutput) ElementType() reflect.Type

func (SecretRotationPtrOutput) NextRotationTime

func (o SecretRotationPtrOutput) NextRotationTime() pulumi.StringPtrOutput

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (SecretRotationPtrOutput) RotationPeriod

func (o SecretRotationPtrOutput) RotationPeriod() pulumi.StringPtrOutput

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (SecretRotationPtrOutput) ToOutput added in v6.65.1

func (SecretRotationPtrOutput) ToSecretRotationPtrOutput

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretState

type SecretState struct {
	// Custom metadata about the secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Annotations pulumi.StringMapInput
	// The time at which the Secret was created.
	CreateTime pulumi.StringPtrInput
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this Secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	Labels pulumi.StringMapInput
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationPtrInput
	// The rotation time and period for a Secret. At `nextRotationTime`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation.
	// Structure is documented below.
	Rotation SecretRotationPtrInput
	// This must be unique within the project.
	SecretId pulumi.StringPtrInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
	// Structure is documented below.
	Topics SecretTopicArrayInput
	// The TTL for the Secret.
	// A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
}

func (SecretState) ElementType

func (SecretState) ElementType() reflect.Type

type SecretTopic

type SecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name string `pulumi:"name"`
}

type SecretTopicArgs

type SecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringInput `pulumi:"name"`
}

func (SecretTopicArgs) ElementType

func (SecretTopicArgs) ElementType() reflect.Type

func (SecretTopicArgs) ToOutput added in v6.65.1

func (SecretTopicArgs) ToSecretTopicOutput

func (i SecretTopicArgs) ToSecretTopicOutput() SecretTopicOutput

func (SecretTopicArgs) ToSecretTopicOutputWithContext

func (i SecretTopicArgs) ToSecretTopicOutputWithContext(ctx context.Context) SecretTopicOutput

type SecretTopicArray

type SecretTopicArray []SecretTopicInput

func (SecretTopicArray) ElementType

func (SecretTopicArray) ElementType() reflect.Type

func (SecretTopicArray) ToOutput added in v6.65.1

func (SecretTopicArray) ToSecretTopicArrayOutput

func (i SecretTopicArray) ToSecretTopicArrayOutput() SecretTopicArrayOutput

func (SecretTopicArray) ToSecretTopicArrayOutputWithContext

func (i SecretTopicArray) ToSecretTopicArrayOutputWithContext(ctx context.Context) SecretTopicArrayOutput

type SecretTopicArrayInput

type SecretTopicArrayInput interface {
	pulumi.Input

	ToSecretTopicArrayOutput() SecretTopicArrayOutput
	ToSecretTopicArrayOutputWithContext(context.Context) SecretTopicArrayOutput
}

SecretTopicArrayInput is an input type that accepts SecretTopicArray and SecretTopicArrayOutput values. You can construct a concrete instance of `SecretTopicArrayInput` via:

SecretTopicArray{ SecretTopicArgs{...} }

type SecretTopicArrayOutput

type SecretTopicArrayOutput struct{ *pulumi.OutputState }

func (SecretTopicArrayOutput) ElementType

func (SecretTopicArrayOutput) ElementType() reflect.Type

func (SecretTopicArrayOutput) Index

func (SecretTopicArrayOutput) ToOutput added in v6.65.1

func (SecretTopicArrayOutput) ToSecretTopicArrayOutput

func (o SecretTopicArrayOutput) ToSecretTopicArrayOutput() SecretTopicArrayOutput

func (SecretTopicArrayOutput) ToSecretTopicArrayOutputWithContext

func (o SecretTopicArrayOutput) ToSecretTopicArrayOutputWithContext(ctx context.Context) SecretTopicArrayOutput

type SecretTopicInput

type SecretTopicInput interface {
	pulumi.Input

	ToSecretTopicOutput() SecretTopicOutput
	ToSecretTopicOutputWithContext(context.Context) SecretTopicOutput
}

SecretTopicInput is an input type that accepts SecretTopicArgs and SecretTopicOutput values. You can construct a concrete instance of `SecretTopicInput` via:

SecretTopicArgs{...}

type SecretTopicOutput

type SecretTopicOutput struct{ *pulumi.OutputState }

func (SecretTopicOutput) ElementType

func (SecretTopicOutput) ElementType() reflect.Type

func (SecretTopicOutput) Name

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (SecretTopicOutput) ToOutput added in v6.65.1

func (SecretTopicOutput) ToSecretTopicOutput

func (o SecretTopicOutput) ToSecretTopicOutput() SecretTopicOutput

func (SecretTopicOutput) ToSecretTopicOutputWithContext

func (o SecretTopicOutput) ToSecretTopicOutputWithContext(ctx context.Context) SecretTopicOutput

type SecretVersion

type SecretVersion struct {
	pulumi.CustomResourceState

	// The time at which the Secret was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrOutput `pulumi:"deletionPolicy"`
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringOutput `pulumi:"destroyTime"`
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrOutput `pulumi:"isSecretDataBase64"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringOutput `pulumi:"name"`
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringOutput `pulumi:"secret"`
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringOutput `pulumi:"secretData"`
	// The version of the Secret.
	Version pulumi.StringOutput `pulumi:"version"`
}

A secret version resource.

> **Warning:** All arguments including `payload.secret_data` will be stored in the raw state as plain-text.

## Example Usage ### Secret Version Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: nil,
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-basic", &secretmanager.SecretVersionArgs{
			Secret:     secret_basic.ID(),
			SecretData: pulumi.String("secret-data"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version Deletion Policy Abandon

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-deletion-policy", &secretmanager.SecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("ABANDON"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version Deletion Policy Disable

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-deletion-policy", &secretmanager.SecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("DISABLE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version With Base64 String Secret Data

```go package main

import (

"encoding/base64"
"os"

"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func filebase64OrPanic(path string) pulumi.StringPtrInput {
	if fileData, err := os.ReadFile(path); err == nil {
		return pulumi.String(base64.StdEncoding.EncodeToString(fileData[:]))
	} else {
		panic(err.Error())
	}
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-base64", &secretmanager.SecretVersionArgs{
			Secret:             secret_basic.ID(),
			IsSecretDataBase64: pulumi.Bool(true),
			SecretData:         filebase64OrPanic("secret-data.pfx"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecretVersion can be imported using any of these accepted formats:

```sh

$ pulumi import gcp:secretmanager/secretVersion:SecretVersion default projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}

```

func GetSecretVersion

func GetSecretVersion(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretVersionState, opts ...pulumi.ResourceOption) (*SecretVersion, error)

GetSecretVersion gets an existing SecretVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretVersion

func NewSecretVersion(ctx *pulumi.Context,
	name string, args *SecretVersionArgs, opts ...pulumi.ResourceOption) (*SecretVersion, error)

NewSecretVersion registers a new resource with the given unique name, arguments, and options.

func (*SecretVersion) ElementType

func (*SecretVersion) ElementType() reflect.Type

func (*SecretVersion) ToOutput added in v6.65.1

func (*SecretVersion) ToSecretVersionOutput

func (i *SecretVersion) ToSecretVersionOutput() SecretVersionOutput

func (*SecretVersion) ToSecretVersionOutputWithContext

func (i *SecretVersion) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

type SecretVersionArgs

type SecretVersionArgs struct {
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringInput
}

The set of arguments for constructing a SecretVersion resource.

func (SecretVersionArgs) ElementType

func (SecretVersionArgs) ElementType() reflect.Type

type SecretVersionArray

type SecretVersionArray []SecretVersionInput

func (SecretVersionArray) ElementType

func (SecretVersionArray) ElementType() reflect.Type

func (SecretVersionArray) ToOutput added in v6.65.1

func (SecretVersionArray) ToSecretVersionArrayOutput

func (i SecretVersionArray) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArray) ToSecretVersionArrayOutputWithContext

func (i SecretVersionArray) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionArrayInput

type SecretVersionArrayInput interface {
	pulumi.Input

	ToSecretVersionArrayOutput() SecretVersionArrayOutput
	ToSecretVersionArrayOutputWithContext(context.Context) SecretVersionArrayOutput
}

SecretVersionArrayInput is an input type that accepts SecretVersionArray and SecretVersionArrayOutput values. You can construct a concrete instance of `SecretVersionArrayInput` via:

SecretVersionArray{ SecretVersionArgs{...} }

type SecretVersionArrayOutput

type SecretVersionArrayOutput struct{ *pulumi.OutputState }

func (SecretVersionArrayOutput) ElementType

func (SecretVersionArrayOutput) ElementType() reflect.Type

func (SecretVersionArrayOutput) Index

func (SecretVersionArrayOutput) ToOutput added in v6.65.1

func (SecretVersionArrayOutput) ToSecretVersionArrayOutput

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionInput

type SecretVersionInput interface {
	pulumi.Input

	ToSecretVersionOutput() SecretVersionOutput
	ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput
}

type SecretVersionMap

type SecretVersionMap map[string]SecretVersionInput

func (SecretVersionMap) ElementType

func (SecretVersionMap) ElementType() reflect.Type

func (SecretVersionMap) ToOutput added in v6.65.1

func (SecretVersionMap) ToSecretVersionMapOutput

func (i SecretVersionMap) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMap) ToSecretVersionMapOutputWithContext

func (i SecretVersionMap) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionMapInput

type SecretVersionMapInput interface {
	pulumi.Input

	ToSecretVersionMapOutput() SecretVersionMapOutput
	ToSecretVersionMapOutputWithContext(context.Context) SecretVersionMapOutput
}

SecretVersionMapInput is an input type that accepts SecretVersionMap and SecretVersionMapOutput values. You can construct a concrete instance of `SecretVersionMapInput` via:

SecretVersionMap{ "key": SecretVersionArgs{...} }

type SecretVersionMapOutput

type SecretVersionMapOutput struct{ *pulumi.OutputState }

func (SecretVersionMapOutput) ElementType

func (SecretVersionMapOutput) ElementType() reflect.Type

func (SecretVersionMapOutput) MapIndex

func (SecretVersionMapOutput) ToOutput added in v6.65.1

func (SecretVersionMapOutput) ToSecretVersionMapOutput

func (o SecretVersionMapOutput) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMapOutput) ToSecretVersionMapOutputWithContext

func (o SecretVersionMapOutput) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionOutput

type SecretVersionOutput struct{ *pulumi.OutputState }

func (SecretVersionOutput) CreateTime added in v6.23.0

func (o SecretVersionOutput) CreateTime() pulumi.StringOutput

The time at which the Secret was created.

func (SecretVersionOutput) DeletionPolicy added in v6.67.0

func (o SecretVersionOutput) DeletionPolicy() pulumi.StringPtrOutput

The deletion policy for the secret version. Setting `ABANDON` allows the resource to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be disabled rather than deleted. Default is `DELETE`. Possible values are: * DELETE * DISABLE * ABANDON

func (SecretVersionOutput) DestroyTime added in v6.23.0

func (o SecretVersionOutput) DestroyTime() pulumi.StringOutput

The time at which the Secret was destroyed. Only present if state is DESTROYED.

func (SecretVersionOutput) ElementType

func (SecretVersionOutput) ElementType() reflect.Type

func (SecretVersionOutput) Enabled added in v6.23.0

The current state of the SecretVersion.

func (SecretVersionOutput) IsSecretDataBase64 added in v6.67.0

func (o SecretVersionOutput) IsSecretDataBase64() pulumi.BoolPtrOutput

If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.

func (SecretVersionOutput) Name added in v6.23.0

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (SecretVersionOutput) Secret added in v6.23.0

Secret Manager secret resource

***

func (SecretVersionOutput) SecretData added in v6.23.0

func (o SecretVersionOutput) SecretData() pulumi.StringOutput

The secret data. Must be no larger than 64KiB. **Note**: This property is sensitive and will not be displayed in the plan.

func (SecretVersionOutput) ToOutput added in v6.65.1

func (SecretVersionOutput) ToSecretVersionOutput

func (o SecretVersionOutput) ToSecretVersionOutput() SecretVersionOutput

func (SecretVersionOutput) ToSecretVersionOutputWithContext

func (o SecretVersionOutput) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

func (SecretVersionOutput) Version added in v6.40.0

The version of the Secret.

type SecretVersionState

type SecretVersionState struct {
	// The time at which the Secret was created.
	CreateTime pulumi.StringPtrInput
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringPtrInput
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringPtrInput
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringPtrInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringPtrInput
	// The version of the Secret.
	Version pulumi.StringPtrInput
}

func (SecretVersionState) ElementType

func (SecretVersionState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL