secretmanager

package
v8.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 22, 2025 License: Apache-2.0 Imports: 7 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetRegionalSecretCustomerManagedEncryption added in v8.3.0

type GetRegionalSecretCustomerManagedEncryption struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetRegionalSecretCustomerManagedEncryptionArgs added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionArgs struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetRegionalSecretCustomerManagedEncryptionArgs) ElementType added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

func (i GetRegionalSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretCustomerManagedEncryptionOutput() GetRegionalSecretCustomerManagedEncryptionOutput

func (GetRegionalSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (i GetRegionalSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretCustomerManagedEncryptionOutput

type GetRegionalSecretCustomerManagedEncryptionArray added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionArray []GetRegionalSecretCustomerManagedEncryptionInput

func (GetRegionalSecretCustomerManagedEncryptionArray) ElementType added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionArray) ToGetRegionalSecretCustomerManagedEncryptionArrayOutput added in v8.3.0

func (i GetRegionalSecretCustomerManagedEncryptionArray) ToGetRegionalSecretCustomerManagedEncryptionArrayOutput() GetRegionalSecretCustomerManagedEncryptionArrayOutput

func (GetRegionalSecretCustomerManagedEncryptionArray) ToGetRegionalSecretCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (i GetRegionalSecretCustomerManagedEncryptionArray) ToGetRegionalSecretCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretCustomerManagedEncryptionArrayOutput

type GetRegionalSecretCustomerManagedEncryptionArrayInput added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretCustomerManagedEncryptionArrayOutput() GetRegionalSecretCustomerManagedEncryptionArrayOutput
	ToGetRegionalSecretCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetRegionalSecretCustomerManagedEncryptionArrayOutput
}

GetRegionalSecretCustomerManagedEncryptionArrayInput is an input type that accepts GetRegionalSecretCustomerManagedEncryptionArray and GetRegionalSecretCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetRegionalSecretCustomerManagedEncryptionArrayInput` via:

GetRegionalSecretCustomerManagedEncryptionArray{ GetRegionalSecretCustomerManagedEncryptionArgs{...} }

type GetRegionalSecretCustomerManagedEncryptionArrayOutput added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretCustomerManagedEncryptionArrayOutput) ElementType added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionArrayOutput) Index added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretCustomerManagedEncryptionArrayOutput added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (o GetRegionalSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretCustomerManagedEncryptionArrayOutput

type GetRegionalSecretCustomerManagedEncryptionInput added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetRegionalSecretCustomerManagedEncryptionOutput() GetRegionalSecretCustomerManagedEncryptionOutput
	ToGetRegionalSecretCustomerManagedEncryptionOutputWithContext(context.Context) GetRegionalSecretCustomerManagedEncryptionOutput
}

GetRegionalSecretCustomerManagedEncryptionInput is an input type that accepts GetRegionalSecretCustomerManagedEncryptionArgs and GetRegionalSecretCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetRegionalSecretCustomerManagedEncryptionInput` via:

GetRegionalSecretCustomerManagedEncryptionArgs{...}

type GetRegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

type GetRegionalSecretCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretCustomerManagedEncryptionOutput) ElementType added in v8.3.0

func (GetRegionalSecretCustomerManagedEncryptionOutput) KmsKeyName added in v8.3.0

The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (GetRegionalSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

func (o GetRegionalSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretCustomerManagedEncryptionOutput() GetRegionalSecretCustomerManagedEncryptionOutput

func (GetRegionalSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (o GetRegionalSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretCustomerManagedEncryptionOutput

type GetRegionalSecretRotation added in v8.3.0

type GetRegionalSecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
	// fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h)
	// and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must
	// be set. 'next_rotation_time' will be advanced by this period when the service
	// automatically sends rotation notifications.
	RotationPeriod string `pulumi:"rotationPeriod"`
}

type GetRegionalSecretRotationArgs added in v8.3.0

type GetRegionalSecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
	// fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime pulumi.StringInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h)
	// and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must
	// be set. 'next_rotation_time' will be advanced by this period when the service
	// automatically sends rotation notifications.
	RotationPeriod pulumi.StringInput `pulumi:"rotationPeriod"`
}

func (GetRegionalSecretRotationArgs) ElementType added in v8.3.0

func (GetRegionalSecretRotationArgs) ToGetRegionalSecretRotationOutput added in v8.3.0

func (i GetRegionalSecretRotationArgs) ToGetRegionalSecretRotationOutput() GetRegionalSecretRotationOutput

func (GetRegionalSecretRotationArgs) ToGetRegionalSecretRotationOutputWithContext added in v8.3.0

func (i GetRegionalSecretRotationArgs) ToGetRegionalSecretRotationOutputWithContext(ctx context.Context) GetRegionalSecretRotationOutput

type GetRegionalSecretRotationArray added in v8.3.0

type GetRegionalSecretRotationArray []GetRegionalSecretRotationInput

func (GetRegionalSecretRotationArray) ElementType added in v8.3.0

func (GetRegionalSecretRotationArray) ToGetRegionalSecretRotationArrayOutput added in v8.3.0

func (i GetRegionalSecretRotationArray) ToGetRegionalSecretRotationArrayOutput() GetRegionalSecretRotationArrayOutput

func (GetRegionalSecretRotationArray) ToGetRegionalSecretRotationArrayOutputWithContext added in v8.3.0

func (i GetRegionalSecretRotationArray) ToGetRegionalSecretRotationArrayOutputWithContext(ctx context.Context) GetRegionalSecretRotationArrayOutput

type GetRegionalSecretRotationArrayInput added in v8.3.0

type GetRegionalSecretRotationArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretRotationArrayOutput() GetRegionalSecretRotationArrayOutput
	ToGetRegionalSecretRotationArrayOutputWithContext(context.Context) GetRegionalSecretRotationArrayOutput
}

GetRegionalSecretRotationArrayInput is an input type that accepts GetRegionalSecretRotationArray and GetRegionalSecretRotationArrayOutput values. You can construct a concrete instance of `GetRegionalSecretRotationArrayInput` via:

GetRegionalSecretRotationArray{ GetRegionalSecretRotationArgs{...} }

type GetRegionalSecretRotationArrayOutput added in v8.3.0

type GetRegionalSecretRotationArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretRotationArrayOutput) ElementType added in v8.3.0

func (GetRegionalSecretRotationArrayOutput) Index added in v8.3.0

func (GetRegionalSecretRotationArrayOutput) ToGetRegionalSecretRotationArrayOutput added in v8.3.0

func (o GetRegionalSecretRotationArrayOutput) ToGetRegionalSecretRotationArrayOutput() GetRegionalSecretRotationArrayOutput

func (GetRegionalSecretRotationArrayOutput) ToGetRegionalSecretRotationArrayOutputWithContext added in v8.3.0

func (o GetRegionalSecretRotationArrayOutput) ToGetRegionalSecretRotationArrayOutputWithContext(ctx context.Context) GetRegionalSecretRotationArrayOutput

type GetRegionalSecretRotationInput added in v8.3.0

type GetRegionalSecretRotationInput interface {
	pulumi.Input

	ToGetRegionalSecretRotationOutput() GetRegionalSecretRotationOutput
	ToGetRegionalSecretRotationOutputWithContext(context.Context) GetRegionalSecretRotationOutput
}

GetRegionalSecretRotationInput is an input type that accepts GetRegionalSecretRotationArgs and GetRegionalSecretRotationOutput values. You can construct a concrete instance of `GetRegionalSecretRotationInput` via:

GetRegionalSecretRotationArgs{...}

type GetRegionalSecretRotationOutput added in v8.3.0

type GetRegionalSecretRotationOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretRotationOutput) ElementType added in v8.3.0

func (GetRegionalSecretRotationOutput) NextRotationTime added in v8.3.0

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (GetRegionalSecretRotationOutput) RotationPeriod added in v8.3.0

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.

func (GetRegionalSecretRotationOutput) ToGetRegionalSecretRotationOutput added in v8.3.0

func (o GetRegionalSecretRotationOutput) ToGetRegionalSecretRotationOutput() GetRegionalSecretRotationOutput

func (GetRegionalSecretRotationOutput) ToGetRegionalSecretRotationOutputWithContext added in v8.3.0

func (o GetRegionalSecretRotationOutput) ToGetRegionalSecretRotationOutputWithContext(ctx context.Context) GetRegionalSecretRotationOutput

type GetRegionalSecretTopic added in v8.3.0

type GetRegionalSecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format:
	// projects/*/topics/*. For publication to succeed, the Secret Manager Service
	// Agent service account must have pubsub.publisher permissions on the topic.
	Name string `pulumi:"name"`
}

type GetRegionalSecretTopicArgs added in v8.3.0

type GetRegionalSecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format:
	// projects/*/topics/*. For publication to succeed, the Secret Manager Service
	// Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetRegionalSecretTopicArgs) ElementType added in v8.3.0

func (GetRegionalSecretTopicArgs) ElementType() reflect.Type

func (GetRegionalSecretTopicArgs) ToGetRegionalSecretTopicOutput added in v8.3.0

func (i GetRegionalSecretTopicArgs) ToGetRegionalSecretTopicOutput() GetRegionalSecretTopicOutput

func (GetRegionalSecretTopicArgs) ToGetRegionalSecretTopicOutputWithContext added in v8.3.0

func (i GetRegionalSecretTopicArgs) ToGetRegionalSecretTopicOutputWithContext(ctx context.Context) GetRegionalSecretTopicOutput

type GetRegionalSecretTopicArray added in v8.3.0

type GetRegionalSecretTopicArray []GetRegionalSecretTopicInput

func (GetRegionalSecretTopicArray) ElementType added in v8.3.0

func (GetRegionalSecretTopicArray) ToGetRegionalSecretTopicArrayOutput added in v8.3.0

func (i GetRegionalSecretTopicArray) ToGetRegionalSecretTopicArrayOutput() GetRegionalSecretTopicArrayOutput

func (GetRegionalSecretTopicArray) ToGetRegionalSecretTopicArrayOutputWithContext added in v8.3.0

func (i GetRegionalSecretTopicArray) ToGetRegionalSecretTopicArrayOutputWithContext(ctx context.Context) GetRegionalSecretTopicArrayOutput

type GetRegionalSecretTopicArrayInput added in v8.3.0

type GetRegionalSecretTopicArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretTopicArrayOutput() GetRegionalSecretTopicArrayOutput
	ToGetRegionalSecretTopicArrayOutputWithContext(context.Context) GetRegionalSecretTopicArrayOutput
}

GetRegionalSecretTopicArrayInput is an input type that accepts GetRegionalSecretTopicArray and GetRegionalSecretTopicArrayOutput values. You can construct a concrete instance of `GetRegionalSecretTopicArrayInput` via:

GetRegionalSecretTopicArray{ GetRegionalSecretTopicArgs{...} }

type GetRegionalSecretTopicArrayOutput added in v8.3.0

type GetRegionalSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretTopicArrayOutput) ElementType added in v8.3.0

func (GetRegionalSecretTopicArrayOutput) Index added in v8.3.0

func (GetRegionalSecretTopicArrayOutput) ToGetRegionalSecretTopicArrayOutput added in v8.3.0

func (o GetRegionalSecretTopicArrayOutput) ToGetRegionalSecretTopicArrayOutput() GetRegionalSecretTopicArrayOutput

func (GetRegionalSecretTopicArrayOutput) ToGetRegionalSecretTopicArrayOutputWithContext added in v8.3.0

func (o GetRegionalSecretTopicArrayOutput) ToGetRegionalSecretTopicArrayOutputWithContext(ctx context.Context) GetRegionalSecretTopicArrayOutput

type GetRegionalSecretTopicInput added in v8.3.0

type GetRegionalSecretTopicInput interface {
	pulumi.Input

	ToGetRegionalSecretTopicOutput() GetRegionalSecretTopicOutput
	ToGetRegionalSecretTopicOutputWithContext(context.Context) GetRegionalSecretTopicOutput
}

GetRegionalSecretTopicInput is an input type that accepts GetRegionalSecretTopicArgs and GetRegionalSecretTopicOutput values. You can construct a concrete instance of `GetRegionalSecretTopicInput` via:

GetRegionalSecretTopicArgs{...}

type GetRegionalSecretTopicOutput added in v8.3.0

type GetRegionalSecretTopicOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretTopicOutput) ElementType added in v8.3.0

func (GetRegionalSecretTopicOutput) Name added in v8.3.0

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (GetRegionalSecretTopicOutput) ToGetRegionalSecretTopicOutput added in v8.3.0

func (o GetRegionalSecretTopicOutput) ToGetRegionalSecretTopicOutput() GetRegionalSecretTopicOutput

func (GetRegionalSecretTopicOutput) ToGetRegionalSecretTopicOutputWithContext added in v8.3.0

func (o GetRegionalSecretTopicOutput) ToGetRegionalSecretTopicOutputWithContext(ctx context.Context) GetRegionalSecretTopicOutput

type GetRegionalSecretVersionAccessArgs added in v8.4.0

type GetRegionalSecretVersionAccessArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 *bool `pulumi:"isSecretDataBase64"`
	// Location of Secret Manager regional secret resource.
	// It must be provided when the `secret` field provided consists of only the name of the regional secret.
	Location *string `pulumi:"location"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The regional secret to get the secret version for.
	// This can be either the reference of the regional secret as in `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}` or only the name of the regional secret as in `{{secret_id}}`. If only the name of the regional secret is provided, the location must also be provided.
	Secret string `pulumi:"secret"`
	// The version of the regional secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getRegionalSecretVersionAccess.

type GetRegionalSecretVersionAccessOutputArgs added in v8.4.0

type GetRegionalSecretVersionAccessOutputArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 pulumi.BoolPtrInput `pulumi:"isSecretDataBase64"`
	// Location of Secret Manager regional secret resource.
	// It must be provided when the `secret` field provided consists of only the name of the regional secret.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The regional secret to get the secret version for.
	// This can be either the reference of the regional secret as in `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}` or only the name of the regional secret as in `{{secret_id}}`. If only the name of the regional secret is provided, the location must also be provided.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the regional secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getRegionalSecretVersionAccess.

func (GetRegionalSecretVersionAccessOutputArgs) ElementType added in v8.4.0

type GetRegionalSecretVersionAccessResult added in v8.4.0

type GetRegionalSecretVersionAccessResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id                 string `pulumi:"id"`
	IsSecretDataBase64 *bool  `pulumi:"isSecretDataBase64"`
	Location           string `pulumi:"location"`
	// The resource name of the regional SecretVersion. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getRegionalSecretVersionAccess.

func GetRegionalSecretVersionAccess added in v8.4.0

Get the value from a Secret Manager regional secret version. This is similar to the secretmanager.RegionalSecretVersion datasource, but it only requires the [Secret Manager Secret Accessor](https://cloud.google.com/secret-manager/docs/access-control#secretmanager.secretAccessor) role. For more information see the [official documentation](https://cloud.google.com/secret-manager/docs/regional-secrets-overview) and [API](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.locations.secrets.versions/access).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetRegionalSecretVersionAccess(ctx, &secretmanager.GetRegionalSecretVersionAccessArgs{
			Secret:   "my-secret",
			Location: pulumi.StringRef("us-central1"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetRegionalSecretVersionAccessResultOutput added in v8.4.0

type GetRegionalSecretVersionAccessResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRegionalSecretVersionAccess.

func (GetRegionalSecretVersionAccessResultOutput) ElementType added in v8.4.0

func (GetRegionalSecretVersionAccessResultOutput) Id added in v8.4.0

The provider-assigned unique ID for this managed resource.

func (GetRegionalSecretVersionAccessResultOutput) IsSecretDataBase64 added in v8.7.0

func (GetRegionalSecretVersionAccessResultOutput) Location added in v8.4.0

func (GetRegionalSecretVersionAccessResultOutput) Name added in v8.4.0

The resource name of the regional SecretVersion. Format: `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`

func (GetRegionalSecretVersionAccessResultOutput) Project added in v8.4.0

func (GetRegionalSecretVersionAccessResultOutput) Secret added in v8.4.0

func (GetRegionalSecretVersionAccessResultOutput) SecretData added in v8.4.0

The secret data. No larger than 64KiB.

func (GetRegionalSecretVersionAccessResultOutput) ToGetRegionalSecretVersionAccessResultOutput added in v8.4.0

func (o GetRegionalSecretVersionAccessResultOutput) ToGetRegionalSecretVersionAccessResultOutput() GetRegionalSecretVersionAccessResultOutput

func (GetRegionalSecretVersionAccessResultOutput) ToGetRegionalSecretVersionAccessResultOutputWithContext added in v8.4.0

func (o GetRegionalSecretVersionAccessResultOutput) ToGetRegionalSecretVersionAccessResultOutputWithContext(ctx context.Context) GetRegionalSecretVersionAccessResultOutput

func (GetRegionalSecretVersionAccessResultOutput) Version added in v8.4.0

type GetRegionalSecretVersionCustomerManagedEncryption added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryption struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyVersionName string `pulumi:"kmsKeyVersionName"`
}

type GetRegionalSecretVersionCustomerManagedEncryptionArgs added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionArgs struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyVersionName pulumi.StringInput `pulumi:"kmsKeyVersionName"`
}

func (GetRegionalSecretVersionCustomerManagedEncryptionArgs) ElementType added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionArgs) ToGetRegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

func (i GetRegionalSecretVersionCustomerManagedEncryptionArgs) ToGetRegionalSecretVersionCustomerManagedEncryptionOutput() GetRegionalSecretVersionCustomerManagedEncryptionOutput

func (GetRegionalSecretVersionCustomerManagedEncryptionArgs) ToGetRegionalSecretVersionCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (i GetRegionalSecretVersionCustomerManagedEncryptionArgs) ToGetRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretVersionCustomerManagedEncryptionOutput

type GetRegionalSecretVersionCustomerManagedEncryptionArray added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionArray []GetRegionalSecretVersionCustomerManagedEncryptionInput

func (GetRegionalSecretVersionCustomerManagedEncryptionArray) ElementType added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionArray) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

func (i GetRegionalSecretVersionCustomerManagedEncryptionArray) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutput() GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput

func (GetRegionalSecretVersionCustomerManagedEncryptionArray) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (i GetRegionalSecretVersionCustomerManagedEncryptionArray) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput

type GetRegionalSecretVersionCustomerManagedEncryptionArrayInput added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutput() GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput
	ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput
}

GetRegionalSecretVersionCustomerManagedEncryptionArrayInput is an input type that accepts GetRegionalSecretVersionCustomerManagedEncryptionArray and GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetRegionalSecretVersionCustomerManagedEncryptionArrayInput` via:

GetRegionalSecretVersionCustomerManagedEncryptionArray{ GetRegionalSecretVersionCustomerManagedEncryptionArgs{...} }

type GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput) ElementType added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput) Index added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (o GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretVersionCustomerManagedEncryptionArrayOutput

type GetRegionalSecretVersionCustomerManagedEncryptionInput added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetRegionalSecretVersionCustomerManagedEncryptionOutput() GetRegionalSecretVersionCustomerManagedEncryptionOutput
	ToGetRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(context.Context) GetRegionalSecretVersionCustomerManagedEncryptionOutput
}

GetRegionalSecretVersionCustomerManagedEncryptionInput is an input type that accepts GetRegionalSecretVersionCustomerManagedEncryptionArgs and GetRegionalSecretVersionCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetRegionalSecretVersionCustomerManagedEncryptionInput` via:

GetRegionalSecretVersionCustomerManagedEncryptionArgs{...}

type GetRegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

type GetRegionalSecretVersionCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretVersionCustomerManagedEncryptionOutput) ElementType added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionOutput) KmsKeyVersionName added in v8.3.0

The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (GetRegionalSecretVersionCustomerManagedEncryptionOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

func (GetRegionalSecretVersionCustomerManagedEncryptionOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (o GetRegionalSecretVersionCustomerManagedEncryptionOutput) ToGetRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretVersionCustomerManagedEncryptionOutput

type GetRegionalSecretsArgs added in v8.4.0

type GetRegionalSecretsArgs struct {
	// Filter string, adhering to the rules in [List-operation filtering](https://cloud.google.com/secret-manager/docs/filtering). List only secrets matching the filter. If filter is empty, all regional secrets are listed from the specified location.
	Filter *string `pulumi:"filter"`
	// The location of the regional secret.
	Location string `pulumi:"location"`
	// The ID of the project.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getRegionalSecrets.

type GetRegionalSecretsOutputArgs added in v8.4.0

type GetRegionalSecretsOutputArgs struct {
	// Filter string, adhering to the rules in [List-operation filtering](https://cloud.google.com/secret-manager/docs/filtering). List only secrets matching the filter. If filter is empty, all regional secrets are listed from the specified location.
	Filter pulumi.StringPtrInput `pulumi:"filter"`
	// The location of the regional secret.
	Location pulumi.StringInput `pulumi:"location"`
	// The ID of the project.
	Project pulumi.StringPtrInput `pulumi:"project"`
}

A collection of arguments for invoking getRegionalSecrets.

func (GetRegionalSecretsOutputArgs) ElementType added in v8.4.0

type GetRegionalSecretsResult added in v8.4.0

type GetRegionalSecretsResult struct {
	Filter *string `pulumi:"filter"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The location in which the resource belongs.
	Location string `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	Project string `pulumi:"project"`
	// A list of regional secrets present in the specified location and matching the filter. Structure is defined below.
	Secrets []GetRegionalSecretsSecret `pulumi:"secrets"`
}

A collection of values returned by getRegionalSecrets.

func GetRegionalSecrets added in v8.4.0

func GetRegionalSecrets(ctx *pulumi.Context, args *GetRegionalSecretsArgs, opts ...pulumi.InvokeOption) (*GetRegionalSecretsResult, error)

Use this data source to list the Secret Manager Regional Secrets.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetRegionalSecrets(ctx, &secretmanager.GetRegionalSecretsArgs{
			Location: "us-central1",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetRegionalSecretsResultOutput added in v8.4.0

type GetRegionalSecretsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRegionalSecrets.

func GetRegionalSecretsOutput added in v8.4.0

func (GetRegionalSecretsResultOutput) ElementType added in v8.4.0

func (GetRegionalSecretsResultOutput) Filter added in v8.4.0

func (GetRegionalSecretsResultOutput) Id added in v8.4.0

The provider-assigned unique ID for this managed resource.

func (GetRegionalSecretsResultOutput) Location added in v8.4.0

The location in which the resource belongs.

func (GetRegionalSecretsResultOutput) Project added in v8.4.0

The ID of the project in which the resource belongs.

func (GetRegionalSecretsResultOutput) Secrets added in v8.4.0

A list of regional secrets present in the specified location and matching the filter. Structure is defined below.

func (GetRegionalSecretsResultOutput) ToGetRegionalSecretsResultOutput added in v8.4.0

func (o GetRegionalSecretsResultOutput) ToGetRegionalSecretsResultOutput() GetRegionalSecretsResultOutput

func (GetRegionalSecretsResultOutput) ToGetRegionalSecretsResultOutputWithContext added in v8.4.0

func (o GetRegionalSecretsResultOutput) ToGetRegionalSecretsResultOutputWithContext(ctx context.Context) GetRegionalSecretsResultOutput

type GetRegionalSecretsSecret added in v8.4.0

type GetRegionalSecretsSecret struct {
	// Custom metadata about the regional secret.
	Annotations map[string]string `pulumi:"annotations"`
	// The time at which the regional secret was created.
	CreateTime string `pulumi:"createTime"`
	// Customer Managed Encryption for the regional secret.
	// Structure is documented below.
	CustomerManagedEncryptions []GetRegionalSecretsSecretCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	EffectiveAnnotations       map[string]string                                   `pulumi:"effectiveAnnotations"`
	EffectiveLabels            map[string]string                                   `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the regional secret is scheduled to expire.
	ExpireTime string `pulumi:"expireTime"`
	// The labels assigned to this regional secret.
	Labels map[string]string `pulumi:"labels"`
	// The location of the regional secret.
	Location string `pulumi:"location"`
	// The resource name of the Pub/Sub topic that will be published to.
	Name string `pulumi:"name"`
	// The ID of the project.
	Project string `pulumi:"project"`
	// The combination of labels configured directly on the resource
	//  and default labels configured on the provider.
	PulumiLabels map[string]string `pulumi:"pulumiLabels"`
	// The rotation time and period for a regional secret.
	// Structure is documented below.
	Rotations []GetRegionalSecretsSecretRotation `pulumi:"rotations"`
	// The unique name of the resource.
	SecretId string `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the regional secret or its versions.
	// Structure is documented below.
	Topics []GetRegionalSecretsSecretTopic `pulumi:"topics"`
	// The TTL for the regional secret. A duration in seconds with up to nine fractional digits,
	// terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
	Ttl string `pulumi:"ttl"`
	// Mapping from version alias to version name.
	VersionAliases map[string]string `pulumi:"versionAliases"`
	// The version destroy ttl for the regional secret version.
	VersionDestroyTtl string `pulumi:"versionDestroyTtl"`
}

type GetRegionalSecretsSecretArgs added in v8.4.0

type GetRegionalSecretsSecretArgs struct {
	// Custom metadata about the regional secret.
	Annotations pulumi.StringMapInput `pulumi:"annotations"`
	// The time at which the regional secret was created.
	CreateTime pulumi.StringInput `pulumi:"createTime"`
	// Customer Managed Encryption for the regional secret.
	// Structure is documented below.
	CustomerManagedEncryptions GetRegionalSecretsSecretCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
	EffectiveAnnotations       pulumi.StringMapInput                                       `pulumi:"effectiveAnnotations"`
	EffectiveLabels            pulumi.StringMapInput                                       `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the regional secret is scheduled to expire.
	ExpireTime pulumi.StringInput `pulumi:"expireTime"`
	// The labels assigned to this regional secret.
	Labels pulumi.StringMapInput `pulumi:"labels"`
	// The location of the regional secret.
	Location pulumi.StringInput `pulumi:"location"`
	// The resource name of the Pub/Sub topic that will be published to.
	Name pulumi.StringInput `pulumi:"name"`
	// The ID of the project.
	Project pulumi.StringInput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	//  and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput `pulumi:"pulumiLabels"`
	// The rotation time and period for a regional secret.
	// Structure is documented below.
	Rotations GetRegionalSecretsSecretRotationArrayInput `pulumi:"rotations"`
	// The unique name of the resource.
	SecretId pulumi.StringInput `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the regional secret or its versions.
	// Structure is documented below.
	Topics GetRegionalSecretsSecretTopicArrayInput `pulumi:"topics"`
	// The TTL for the regional secret. A duration in seconds with up to nine fractional digits,
	// terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
	Ttl pulumi.StringInput `pulumi:"ttl"`
	// Mapping from version alias to version name.
	VersionAliases pulumi.StringMapInput `pulumi:"versionAliases"`
	// The version destroy ttl for the regional secret version.
	VersionDestroyTtl pulumi.StringInput `pulumi:"versionDestroyTtl"`
}

func (GetRegionalSecretsSecretArgs) ElementType added in v8.4.0

func (GetRegionalSecretsSecretArgs) ToGetRegionalSecretsSecretOutput added in v8.4.0

func (i GetRegionalSecretsSecretArgs) ToGetRegionalSecretsSecretOutput() GetRegionalSecretsSecretOutput

func (GetRegionalSecretsSecretArgs) ToGetRegionalSecretsSecretOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretArgs) ToGetRegionalSecretsSecretOutputWithContext(ctx context.Context) GetRegionalSecretsSecretOutput

type GetRegionalSecretsSecretArray added in v8.4.0

type GetRegionalSecretsSecretArray []GetRegionalSecretsSecretInput

func (GetRegionalSecretsSecretArray) ElementType added in v8.4.0

func (GetRegionalSecretsSecretArray) ToGetRegionalSecretsSecretArrayOutput added in v8.4.0

func (i GetRegionalSecretsSecretArray) ToGetRegionalSecretsSecretArrayOutput() GetRegionalSecretsSecretArrayOutput

func (GetRegionalSecretsSecretArray) ToGetRegionalSecretsSecretArrayOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretArray) ToGetRegionalSecretsSecretArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretArrayOutput

type GetRegionalSecretsSecretArrayInput added in v8.4.0

type GetRegionalSecretsSecretArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretArrayOutput() GetRegionalSecretsSecretArrayOutput
	ToGetRegionalSecretsSecretArrayOutputWithContext(context.Context) GetRegionalSecretsSecretArrayOutput
}

GetRegionalSecretsSecretArrayInput is an input type that accepts GetRegionalSecretsSecretArray and GetRegionalSecretsSecretArrayOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretArrayInput` via:

GetRegionalSecretsSecretArray{ GetRegionalSecretsSecretArgs{...} }

type GetRegionalSecretsSecretArrayOutput added in v8.4.0

type GetRegionalSecretsSecretArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretArrayOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretArrayOutput) Index added in v8.4.0

func (GetRegionalSecretsSecretArrayOutput) ToGetRegionalSecretsSecretArrayOutput added in v8.4.0

func (o GetRegionalSecretsSecretArrayOutput) ToGetRegionalSecretsSecretArrayOutput() GetRegionalSecretsSecretArrayOutput

func (GetRegionalSecretsSecretArrayOutput) ToGetRegionalSecretsSecretArrayOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretArrayOutput) ToGetRegionalSecretsSecretArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretArrayOutput

type GetRegionalSecretsSecretCustomerManagedEncryption added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetRegionalSecretsSecretCustomerManagedEncryptionArgs added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetRegionalSecretsSecretCustomerManagedEncryptionArgs) ElementType added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutput added in v8.4.0

func (i GetRegionalSecretsSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutput() GetRegionalSecretsSecretCustomerManagedEncryptionOutput

func (GetRegionalSecretsSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretCustomerManagedEncryptionArgs) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionOutput

type GetRegionalSecretsSecretCustomerManagedEncryptionArray added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionArray []GetRegionalSecretsSecretCustomerManagedEncryptionInput

func (GetRegionalSecretsSecretCustomerManagedEncryptionArray) ElementType added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionArray) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput added in v8.4.0

func (i GetRegionalSecretsSecretCustomerManagedEncryptionArray) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput() GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput

func (GetRegionalSecretsSecretCustomerManagedEncryptionArray) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretCustomerManagedEncryptionArray) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput

type GetRegionalSecretsSecretCustomerManagedEncryptionArrayInput added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput() GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput
	ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput
}

GetRegionalSecretsSecretCustomerManagedEncryptionArrayInput is an input type that accepts GetRegionalSecretsSecretCustomerManagedEncryptionArray and GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretCustomerManagedEncryptionArrayInput` via:

GetRegionalSecretsSecretCustomerManagedEncryptionArray{ GetRegionalSecretsSecretCustomerManagedEncryptionArgs{...} }

type GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput) Index added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionArrayOutput

type GetRegionalSecretsSecretCustomerManagedEncryptionInput added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretCustomerManagedEncryptionOutput() GetRegionalSecretsSecretCustomerManagedEncryptionOutput
	ToGetRegionalSecretsSecretCustomerManagedEncryptionOutputWithContext(context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionOutput
}

GetRegionalSecretsSecretCustomerManagedEncryptionInput is an input type that accepts GetRegionalSecretsSecretCustomerManagedEncryptionArgs and GetRegionalSecretsSecretCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretCustomerManagedEncryptionInput` via:

GetRegionalSecretsSecretCustomerManagedEncryptionArgs{...}

type GetRegionalSecretsSecretCustomerManagedEncryptionOutput added in v8.4.0

type GetRegionalSecretsSecretCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretCustomerManagedEncryptionOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionOutput) KmsKeyName added in v8.4.0

Describes the Cloud KMS encryption key that will be used to protect destination secret.

func (GetRegionalSecretsSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutput added in v8.4.0

func (GetRegionalSecretsSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretCustomerManagedEncryptionOutput) ToGetRegionalSecretsSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetRegionalSecretsSecretCustomerManagedEncryptionOutput

type GetRegionalSecretsSecretInput added in v8.4.0

type GetRegionalSecretsSecretInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretOutput() GetRegionalSecretsSecretOutput
	ToGetRegionalSecretsSecretOutputWithContext(context.Context) GetRegionalSecretsSecretOutput
}

GetRegionalSecretsSecretInput is an input type that accepts GetRegionalSecretsSecretArgs and GetRegionalSecretsSecretOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretInput` via:

GetRegionalSecretsSecretArgs{...}

type GetRegionalSecretsSecretOutput added in v8.4.0

type GetRegionalSecretsSecretOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretOutput) Annotations added in v8.4.0

Custom metadata about the regional secret.

func (GetRegionalSecretsSecretOutput) CreateTime added in v8.4.0

The time at which the regional secret was created.

func (GetRegionalSecretsSecretOutput) CustomerManagedEncryptions added in v8.4.0

Customer Managed Encryption for the regional secret. Structure is documented below.

func (GetRegionalSecretsSecretOutput) EffectiveAnnotations added in v8.4.0

func (o GetRegionalSecretsSecretOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (GetRegionalSecretsSecretOutput) EffectiveLabels added in v8.4.0

func (GetRegionalSecretsSecretOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretOutput) ExpireTime added in v8.4.0

Timestamp in UTC when the regional secret is scheduled to expire.

func (GetRegionalSecretsSecretOutput) Labels added in v8.4.0

The labels assigned to this regional secret.

func (GetRegionalSecretsSecretOutput) Location added in v8.4.0

The location of the regional secret.

func (GetRegionalSecretsSecretOutput) Name added in v8.4.0

The resource name of the Pub/Sub topic that will be published to.

func (GetRegionalSecretsSecretOutput) Project added in v8.4.0

The ID of the project.

func (GetRegionalSecretsSecretOutput) PulumiLabels added in v8.4.0

The combination of labels configured directly on the resource

and default labels configured on the provider.

func (GetRegionalSecretsSecretOutput) Rotations added in v8.4.0

The rotation time and period for a regional secret. Structure is documented below.

func (GetRegionalSecretsSecretOutput) SecretId added in v8.4.0

The unique name of the resource.

func (GetRegionalSecretsSecretOutput) ToGetRegionalSecretsSecretOutput added in v8.4.0

func (o GetRegionalSecretsSecretOutput) ToGetRegionalSecretsSecretOutput() GetRegionalSecretsSecretOutput

func (GetRegionalSecretsSecretOutput) ToGetRegionalSecretsSecretOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretOutput) ToGetRegionalSecretsSecretOutputWithContext(ctx context.Context) GetRegionalSecretsSecretOutput

func (GetRegionalSecretsSecretOutput) Topics added in v8.4.0

A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the regional secret or its versions. Structure is documented below.

func (GetRegionalSecretsSecretOutput) Ttl added in v8.4.0

The TTL for the regional secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.

func (GetRegionalSecretsSecretOutput) VersionAliases added in v8.4.0

Mapping from version alias to version name.

func (GetRegionalSecretsSecretOutput) VersionDestroyTtl added in v8.4.0

func (o GetRegionalSecretsSecretOutput) VersionDestroyTtl() pulumi.StringOutput

The version destroy ttl for the regional secret version.

type GetRegionalSecretsSecretRotation added in v8.4.0

type GetRegionalSecretsSecretRotation struct {
	// Timestamp in UTC at which the secret is scheduled to rotate.
	NextRotationTime string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications.
	RotationPeriod string `pulumi:"rotationPeriod"`
}

type GetRegionalSecretsSecretRotationArgs added in v8.4.0

type GetRegionalSecretsSecretRotationArgs struct {
	// Timestamp in UTC at which the secret is scheduled to rotate.
	NextRotationTime pulumi.StringInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications.
	RotationPeriod pulumi.StringInput `pulumi:"rotationPeriod"`
}

func (GetRegionalSecretsSecretRotationArgs) ElementType added in v8.4.0

func (GetRegionalSecretsSecretRotationArgs) ToGetRegionalSecretsSecretRotationOutput added in v8.4.0

func (i GetRegionalSecretsSecretRotationArgs) ToGetRegionalSecretsSecretRotationOutput() GetRegionalSecretsSecretRotationOutput

func (GetRegionalSecretsSecretRotationArgs) ToGetRegionalSecretsSecretRotationOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretRotationArgs) ToGetRegionalSecretsSecretRotationOutputWithContext(ctx context.Context) GetRegionalSecretsSecretRotationOutput

type GetRegionalSecretsSecretRotationArray added in v8.4.0

type GetRegionalSecretsSecretRotationArray []GetRegionalSecretsSecretRotationInput

func (GetRegionalSecretsSecretRotationArray) ElementType added in v8.4.0

func (GetRegionalSecretsSecretRotationArray) ToGetRegionalSecretsSecretRotationArrayOutput added in v8.4.0

func (i GetRegionalSecretsSecretRotationArray) ToGetRegionalSecretsSecretRotationArrayOutput() GetRegionalSecretsSecretRotationArrayOutput

func (GetRegionalSecretsSecretRotationArray) ToGetRegionalSecretsSecretRotationArrayOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretRotationArray) ToGetRegionalSecretsSecretRotationArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretRotationArrayOutput

type GetRegionalSecretsSecretRotationArrayInput added in v8.4.0

type GetRegionalSecretsSecretRotationArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretRotationArrayOutput() GetRegionalSecretsSecretRotationArrayOutput
	ToGetRegionalSecretsSecretRotationArrayOutputWithContext(context.Context) GetRegionalSecretsSecretRotationArrayOutput
}

GetRegionalSecretsSecretRotationArrayInput is an input type that accepts GetRegionalSecretsSecretRotationArray and GetRegionalSecretsSecretRotationArrayOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretRotationArrayInput` via:

GetRegionalSecretsSecretRotationArray{ GetRegionalSecretsSecretRotationArgs{...} }

type GetRegionalSecretsSecretRotationArrayOutput added in v8.4.0

type GetRegionalSecretsSecretRotationArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretRotationArrayOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretRotationArrayOutput) Index added in v8.4.0

func (GetRegionalSecretsSecretRotationArrayOutput) ToGetRegionalSecretsSecretRotationArrayOutput added in v8.4.0

func (o GetRegionalSecretsSecretRotationArrayOutput) ToGetRegionalSecretsSecretRotationArrayOutput() GetRegionalSecretsSecretRotationArrayOutput

func (GetRegionalSecretsSecretRotationArrayOutput) ToGetRegionalSecretsSecretRotationArrayOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretRotationArrayOutput) ToGetRegionalSecretsSecretRotationArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretRotationArrayOutput

type GetRegionalSecretsSecretRotationInput added in v8.4.0

type GetRegionalSecretsSecretRotationInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretRotationOutput() GetRegionalSecretsSecretRotationOutput
	ToGetRegionalSecretsSecretRotationOutputWithContext(context.Context) GetRegionalSecretsSecretRotationOutput
}

GetRegionalSecretsSecretRotationInput is an input type that accepts GetRegionalSecretsSecretRotationArgs and GetRegionalSecretsSecretRotationOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretRotationInput` via:

GetRegionalSecretsSecretRotationArgs{...}

type GetRegionalSecretsSecretRotationOutput added in v8.4.0

type GetRegionalSecretsSecretRotationOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretRotationOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretRotationOutput) NextRotationTime added in v8.4.0

Timestamp in UTC at which the secret is scheduled to rotate.

func (GetRegionalSecretsSecretRotationOutput) RotationPeriod added in v8.4.0

The Duration between rotation notifications.

func (GetRegionalSecretsSecretRotationOutput) ToGetRegionalSecretsSecretRotationOutput added in v8.4.0

func (o GetRegionalSecretsSecretRotationOutput) ToGetRegionalSecretsSecretRotationOutput() GetRegionalSecretsSecretRotationOutput

func (GetRegionalSecretsSecretRotationOutput) ToGetRegionalSecretsSecretRotationOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretRotationOutput) ToGetRegionalSecretsSecretRotationOutputWithContext(ctx context.Context) GetRegionalSecretsSecretRotationOutput

type GetRegionalSecretsSecretTopic added in v8.4.0

type GetRegionalSecretsSecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to.
	Name string `pulumi:"name"`
}

type GetRegionalSecretsSecretTopicArgs added in v8.4.0

type GetRegionalSecretsSecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to.
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetRegionalSecretsSecretTopicArgs) ElementType added in v8.4.0

func (GetRegionalSecretsSecretTopicArgs) ToGetRegionalSecretsSecretTopicOutput added in v8.4.0

func (i GetRegionalSecretsSecretTopicArgs) ToGetRegionalSecretsSecretTopicOutput() GetRegionalSecretsSecretTopicOutput

func (GetRegionalSecretsSecretTopicArgs) ToGetRegionalSecretsSecretTopicOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretTopicArgs) ToGetRegionalSecretsSecretTopicOutputWithContext(ctx context.Context) GetRegionalSecretsSecretTopicOutput

type GetRegionalSecretsSecretTopicArray added in v8.4.0

type GetRegionalSecretsSecretTopicArray []GetRegionalSecretsSecretTopicInput

func (GetRegionalSecretsSecretTopicArray) ElementType added in v8.4.0

func (GetRegionalSecretsSecretTopicArray) ToGetRegionalSecretsSecretTopicArrayOutput added in v8.4.0

func (i GetRegionalSecretsSecretTopicArray) ToGetRegionalSecretsSecretTopicArrayOutput() GetRegionalSecretsSecretTopicArrayOutput

func (GetRegionalSecretsSecretTopicArray) ToGetRegionalSecretsSecretTopicArrayOutputWithContext added in v8.4.0

func (i GetRegionalSecretsSecretTopicArray) ToGetRegionalSecretsSecretTopicArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretTopicArrayOutput

type GetRegionalSecretsSecretTopicArrayInput added in v8.4.0

type GetRegionalSecretsSecretTopicArrayInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretTopicArrayOutput() GetRegionalSecretsSecretTopicArrayOutput
	ToGetRegionalSecretsSecretTopicArrayOutputWithContext(context.Context) GetRegionalSecretsSecretTopicArrayOutput
}

GetRegionalSecretsSecretTopicArrayInput is an input type that accepts GetRegionalSecretsSecretTopicArray and GetRegionalSecretsSecretTopicArrayOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretTopicArrayInput` via:

GetRegionalSecretsSecretTopicArray{ GetRegionalSecretsSecretTopicArgs{...} }

type GetRegionalSecretsSecretTopicArrayOutput added in v8.4.0

type GetRegionalSecretsSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretTopicArrayOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretTopicArrayOutput) Index added in v8.4.0

func (GetRegionalSecretsSecretTopicArrayOutput) ToGetRegionalSecretsSecretTopicArrayOutput added in v8.4.0

func (o GetRegionalSecretsSecretTopicArrayOutput) ToGetRegionalSecretsSecretTopicArrayOutput() GetRegionalSecretsSecretTopicArrayOutput

func (GetRegionalSecretsSecretTopicArrayOutput) ToGetRegionalSecretsSecretTopicArrayOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretTopicArrayOutput) ToGetRegionalSecretsSecretTopicArrayOutputWithContext(ctx context.Context) GetRegionalSecretsSecretTopicArrayOutput

type GetRegionalSecretsSecretTopicInput added in v8.4.0

type GetRegionalSecretsSecretTopicInput interface {
	pulumi.Input

	ToGetRegionalSecretsSecretTopicOutput() GetRegionalSecretsSecretTopicOutput
	ToGetRegionalSecretsSecretTopicOutputWithContext(context.Context) GetRegionalSecretsSecretTopicOutput
}

GetRegionalSecretsSecretTopicInput is an input type that accepts GetRegionalSecretsSecretTopicArgs and GetRegionalSecretsSecretTopicOutput values. You can construct a concrete instance of `GetRegionalSecretsSecretTopicInput` via:

GetRegionalSecretsSecretTopicArgs{...}

type GetRegionalSecretsSecretTopicOutput added in v8.4.0

type GetRegionalSecretsSecretTopicOutput struct{ *pulumi.OutputState }

func (GetRegionalSecretsSecretTopicOutput) ElementType added in v8.4.0

func (GetRegionalSecretsSecretTopicOutput) Name added in v8.4.0

The resource name of the Pub/Sub topic that will be published to.

func (GetRegionalSecretsSecretTopicOutput) ToGetRegionalSecretsSecretTopicOutput added in v8.4.0

func (o GetRegionalSecretsSecretTopicOutput) ToGetRegionalSecretsSecretTopicOutput() GetRegionalSecretsSecretTopicOutput

func (GetRegionalSecretsSecretTopicOutput) ToGetRegionalSecretsSecretTopicOutputWithContext added in v8.4.0

func (o GetRegionalSecretsSecretTopicOutput) ToGetRegionalSecretsSecretTopicOutputWithContext(ctx context.Context) GetRegionalSecretsSecretTopicOutput

type GetSecretReplication

type GetSecretReplication struct {
	// The Secret will automatically be replicated without any restrictions.
	Autos []GetSecretReplicationAuto `pulumi:"autos"`
	// The Secret will be replicated to the regions specified by the user.
	UserManageds []GetSecretReplicationUserManaged `pulumi:"userManageds"`
}

type GetSecretReplicationArgs

type GetSecretReplicationArgs struct {
	// The Secret will automatically be replicated without any restrictions.
	Autos GetSecretReplicationAutoArrayInput `pulumi:"autos"`
	// The Secret will be replicated to the regions specified by the user.
	UserManageds GetSecretReplicationUserManagedArrayInput `pulumi:"userManageds"`
}

func (GetSecretReplicationArgs) ElementType

func (GetSecretReplicationArgs) ElementType() reflect.Type

func (GetSecretReplicationArgs) ToGetSecretReplicationOutput

func (i GetSecretReplicationArgs) ToGetSecretReplicationOutput() GetSecretReplicationOutput

func (GetSecretReplicationArgs) ToGetSecretReplicationOutputWithContext

func (i GetSecretReplicationArgs) ToGetSecretReplicationOutputWithContext(ctx context.Context) GetSecretReplicationOutput

type GetSecretReplicationArray

type GetSecretReplicationArray []GetSecretReplicationInput

func (GetSecretReplicationArray) ElementType

func (GetSecretReplicationArray) ElementType() reflect.Type

func (GetSecretReplicationArray) ToGetSecretReplicationArrayOutput

func (i GetSecretReplicationArray) ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput

func (GetSecretReplicationArray) ToGetSecretReplicationArrayOutputWithContext

func (i GetSecretReplicationArray) ToGetSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretReplicationArrayOutput

type GetSecretReplicationArrayInput

type GetSecretReplicationArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput
	ToGetSecretReplicationArrayOutputWithContext(context.Context) GetSecretReplicationArrayOutput
}

GetSecretReplicationArrayInput is an input type that accepts GetSecretReplicationArray and GetSecretReplicationArrayOutput values. You can construct a concrete instance of `GetSecretReplicationArrayInput` via:

GetSecretReplicationArray{ GetSecretReplicationArgs{...} }

type GetSecretReplicationArrayOutput

type GetSecretReplicationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationArrayOutput) ElementType

func (GetSecretReplicationArrayOutput) Index

func (GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutput

func (o GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutput() GetSecretReplicationArrayOutput

func (GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutputWithContext

func (o GetSecretReplicationArrayOutput) ToGetSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretReplicationArrayOutput

type GetSecretReplicationAuto

type GetSecretReplicationAuto struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	CustomerManagedEncryptions []GetSecretReplicationAutoCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
}

type GetSecretReplicationAutoArgs

type GetSecretReplicationAutoArgs struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	CustomerManagedEncryptions GetSecretReplicationAutoCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
}

func (GetSecretReplicationAutoArgs) ElementType

func (GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutput

func (i GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutputWithContext

func (i GetSecretReplicationAutoArgs) ToGetSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretReplicationAutoOutput

type GetSecretReplicationAutoArray

type GetSecretReplicationAutoArray []GetSecretReplicationAutoInput

func (GetSecretReplicationAutoArray) ElementType

func (GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutput

func (i GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutputWithContext

func (i GetSecretReplicationAutoArray) ToGetSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoArrayOutput

type GetSecretReplicationAutoArrayInput

type GetSecretReplicationAutoArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput
	ToGetSecretReplicationAutoArrayOutputWithContext(context.Context) GetSecretReplicationAutoArrayOutput
}

GetSecretReplicationAutoArrayInput is an input type that accepts GetSecretReplicationAutoArray and GetSecretReplicationAutoArrayOutput values. You can construct a concrete instance of `GetSecretReplicationAutoArrayInput` via:

GetSecretReplicationAutoArray{ GetSecretReplicationAutoArgs{...} }

type GetSecretReplicationAutoArrayOutput

type GetSecretReplicationAutoArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoArrayOutput) ElementType

func (GetSecretReplicationAutoArrayOutput) Index

func (GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutput

func (o GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutput() GetSecretReplicationAutoArrayOutput

func (GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutputWithContext

func (o GetSecretReplicationAutoArrayOutput) ToGetSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoArrayOutput

type GetSecretReplicationAutoCustomerManagedEncryption

type GetSecretReplicationAutoCustomerManagedEncryption struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretReplicationAutoCustomerManagedEncryptionArgs

type GetSecretReplicationAutoCustomerManagedEncryptionArgs struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ElementType

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput

func (i GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput() GetSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (i GetSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretReplicationAutoCustomerManagedEncryptionArray

type GetSecretReplicationAutoCustomerManagedEncryptionArray []GetSecretReplicationAutoCustomerManagedEncryptionInput

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ElementType

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (i GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput() GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext

func (i GetSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretReplicationAutoCustomerManagedEncryptionArrayInput

type GetSecretReplicationAutoCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput() GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput
	ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput
}

GetSecretReplicationAutoCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretReplicationAutoCustomerManagedEncryptionArray and GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretReplicationAutoCustomerManagedEncryptionArrayInput` via:

GetSecretReplicationAutoCustomerManagedEncryptionArray{ GetSecretReplicationAutoCustomerManagedEncryptionArgs{...} }

type GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ElementType

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) Index

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext

func (o GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretReplicationAutoCustomerManagedEncryptionInput

type GetSecretReplicationAutoCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoCustomerManagedEncryptionOutput() GetSecretReplicationAutoCustomerManagedEncryptionOutput
	ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput
}

GetSecretReplicationAutoCustomerManagedEncryptionInput is an input type that accepts GetSecretReplicationAutoCustomerManagedEncryptionArgs and GetSecretReplicationAutoCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretReplicationAutoCustomerManagedEncryptionInput` via:

GetSecretReplicationAutoCustomerManagedEncryptionArgs{...}

type GetSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretReplicationAutoCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ElementType

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) KmsKeyName

The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (o GetSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretReplicationAutoInput

type GetSecretReplicationAutoInput interface {
	pulumi.Input

	ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput
	ToGetSecretReplicationAutoOutputWithContext(context.Context) GetSecretReplicationAutoOutput
}

GetSecretReplicationAutoInput is an input type that accepts GetSecretReplicationAutoArgs and GetSecretReplicationAutoOutput values. You can construct a concrete instance of `GetSecretReplicationAutoInput` via:

GetSecretReplicationAutoArgs{...}

type GetSecretReplicationAutoOutput

type GetSecretReplicationAutoOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationAutoOutput) CustomerManagedEncryptions

The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used.

func (GetSecretReplicationAutoOutput) ElementType

func (GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutput

func (o GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutput() GetSecretReplicationAutoOutput

func (GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutputWithContext

func (o GetSecretReplicationAutoOutput) ToGetSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretReplicationAutoOutput

type GetSecretReplicationInput

type GetSecretReplicationInput interface {
	pulumi.Input

	ToGetSecretReplicationOutput() GetSecretReplicationOutput
	ToGetSecretReplicationOutputWithContext(context.Context) GetSecretReplicationOutput
}

GetSecretReplicationInput is an input type that accepts GetSecretReplicationArgs and GetSecretReplicationOutput values. You can construct a concrete instance of `GetSecretReplicationInput` via:

GetSecretReplicationArgs{...}

type GetSecretReplicationOutput

type GetSecretReplicationOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationOutput) Autos

The Secret will automatically be replicated without any restrictions.

func (GetSecretReplicationOutput) ElementType

func (GetSecretReplicationOutput) ElementType() reflect.Type

func (GetSecretReplicationOutput) ToGetSecretReplicationOutput

func (o GetSecretReplicationOutput) ToGetSecretReplicationOutput() GetSecretReplicationOutput

func (GetSecretReplicationOutput) ToGetSecretReplicationOutputWithContext

func (o GetSecretReplicationOutput) ToGetSecretReplicationOutputWithContext(ctx context.Context) GetSecretReplicationOutput

func (GetSecretReplicationOutput) UserManageds

The Secret will be replicated to the regions specified by the user.

type GetSecretReplicationUserManaged

type GetSecretReplicationUserManaged struct {
	// The list of Replicas for this Secret. Cannot be empty.
	Replicas []GetSecretReplicationUserManagedReplica `pulumi:"replicas"`
}

type GetSecretReplicationUserManagedArgs

type GetSecretReplicationUserManagedArgs struct {
	// The list of Replicas for this Secret. Cannot be empty.
	Replicas GetSecretReplicationUserManagedReplicaArrayInput `pulumi:"replicas"`
}

func (GetSecretReplicationUserManagedArgs) ElementType

func (GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutput

func (i GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutputWithContext

func (i GetSecretReplicationUserManagedArgs) ToGetSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedOutput

type GetSecretReplicationUserManagedArray

type GetSecretReplicationUserManagedArray []GetSecretReplicationUserManagedInput

func (GetSecretReplicationUserManagedArray) ElementType

func (GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutput

func (i GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutputWithContext

func (i GetSecretReplicationUserManagedArray) ToGetSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedArrayOutput

type GetSecretReplicationUserManagedArrayInput

type GetSecretReplicationUserManagedArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput
	ToGetSecretReplicationUserManagedArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedArrayOutput
}

GetSecretReplicationUserManagedArrayInput is an input type that accepts GetSecretReplicationUserManagedArray and GetSecretReplicationUserManagedArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedArrayInput` via:

GetSecretReplicationUserManagedArray{ GetSecretReplicationUserManagedArgs{...} }

type GetSecretReplicationUserManagedArrayOutput

type GetSecretReplicationUserManagedArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedArrayOutput) ElementType

func (GetSecretReplicationUserManagedArrayOutput) Index

func (GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutput

func (o GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutput() GetSecretReplicationUserManagedArrayOutput

func (GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutputWithContext

func (o GetSecretReplicationUserManagedArrayOutput) ToGetSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedArrayOutput

type GetSecretReplicationUserManagedInput

type GetSecretReplicationUserManagedInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput
	ToGetSecretReplicationUserManagedOutputWithContext(context.Context) GetSecretReplicationUserManagedOutput
}

GetSecretReplicationUserManagedInput is an input type that accepts GetSecretReplicationUserManagedArgs and GetSecretReplicationUserManagedOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedInput` via:

GetSecretReplicationUserManagedArgs{...}

type GetSecretReplicationUserManagedOutput

type GetSecretReplicationUserManagedOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedOutput) ElementType

func (GetSecretReplicationUserManagedOutput) Replicas

The list of Replicas for this Secret. Cannot be empty.

func (GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutput

func (o GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutput() GetSecretReplicationUserManagedOutput

func (GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutputWithContext

func (o GetSecretReplicationUserManagedOutput) ToGetSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedOutput

type GetSecretReplicationUserManagedReplica

type GetSecretReplicationUserManagedReplica struct {
	// Customer Managed Encryption for the secret.
	CustomerManagedEncryptions []GetSecretReplicationUserManagedReplicaCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location string `pulumi:"location"`
}

type GetSecretReplicationUserManagedReplicaArgs

type GetSecretReplicationUserManagedReplicaArgs struct {
	// Customer Managed Encryption for the secret.
	CustomerManagedEncryptions GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location pulumi.StringInput `pulumi:"location"`
}

func (GetSecretReplicationUserManagedReplicaArgs) ElementType

func (GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutput

func (i GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutputWithContext

func (i GetSecretReplicationUserManagedReplicaArgs) ToGetSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaOutput

type GetSecretReplicationUserManagedReplicaArray

type GetSecretReplicationUserManagedReplicaArray []GetSecretReplicationUserManagedReplicaInput

func (GetSecretReplicationUserManagedReplicaArray) ElementType

func (GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutput

func (i GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext

func (i GetSecretReplicationUserManagedReplicaArray) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaArrayOutput

type GetSecretReplicationUserManagedReplicaArrayInput

type GetSecretReplicationUserManagedReplicaArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput
	ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaArrayOutput
}

GetSecretReplicationUserManagedReplicaArrayInput is an input type that accepts GetSecretReplicationUserManagedReplicaArray and GetSecretReplicationUserManagedReplicaArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaArrayInput` via:

GetSecretReplicationUserManagedReplicaArray{ GetSecretReplicationUserManagedReplicaArgs{...} }

type GetSecretReplicationUserManagedReplicaArrayOutput

type GetSecretReplicationUserManagedReplicaArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaArrayOutput) ElementType

func (GetSecretReplicationUserManagedReplicaArrayOutput) Index

func (GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutput

func (o GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutput() GetSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext

func (o GetSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaArrayOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryption

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (i GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray []GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

func (i GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput() GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
}

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray and GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput` via:

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray{ GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...} }

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput() GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
	ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
}

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput is an input type that accepts GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs and GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput` via:

GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ElementType

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (o GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type GetSecretReplicationUserManagedReplicaInput

type GetSecretReplicationUserManagedReplicaInput interface {
	pulumi.Input

	ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput
	ToGetSecretReplicationUserManagedReplicaOutputWithContext(context.Context) GetSecretReplicationUserManagedReplicaOutput
}

GetSecretReplicationUserManagedReplicaInput is an input type that accepts GetSecretReplicationUserManagedReplicaArgs and GetSecretReplicationUserManagedReplicaOutput values. You can construct a concrete instance of `GetSecretReplicationUserManagedReplicaInput` via:

GetSecretReplicationUserManagedReplicaArgs{...}

type GetSecretReplicationUserManagedReplicaOutput

type GetSecretReplicationUserManagedReplicaOutput struct{ *pulumi.OutputState }

func (GetSecretReplicationUserManagedReplicaOutput) CustomerManagedEncryptions

Customer Managed Encryption for the secret.

func (GetSecretReplicationUserManagedReplicaOutput) ElementType

func (GetSecretReplicationUserManagedReplicaOutput) Location

The canonical IDs of the location to replicate data. For example: "us-east1".

func (GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutput

func (o GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutput() GetSecretReplicationUserManagedReplicaOutput

func (GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutputWithContext

func (o GetSecretReplicationUserManagedReplicaOutput) ToGetSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretReplicationUserManagedReplicaOutput

type GetSecretRotation

type GetSecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod string `pulumi:"rotationPeriod"`
}

type GetSecretRotationArgs

type GetSecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime pulumi.StringInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod pulumi.StringInput `pulumi:"rotationPeriod"`
}

func (GetSecretRotationArgs) ElementType

func (GetSecretRotationArgs) ElementType() reflect.Type

func (GetSecretRotationArgs) ToGetSecretRotationOutput

func (i GetSecretRotationArgs) ToGetSecretRotationOutput() GetSecretRotationOutput

func (GetSecretRotationArgs) ToGetSecretRotationOutputWithContext

func (i GetSecretRotationArgs) ToGetSecretRotationOutputWithContext(ctx context.Context) GetSecretRotationOutput

type GetSecretRotationArray

type GetSecretRotationArray []GetSecretRotationInput

func (GetSecretRotationArray) ElementType

func (GetSecretRotationArray) ElementType() reflect.Type

func (GetSecretRotationArray) ToGetSecretRotationArrayOutput

func (i GetSecretRotationArray) ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput

func (GetSecretRotationArray) ToGetSecretRotationArrayOutputWithContext

func (i GetSecretRotationArray) ToGetSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretRotationArrayOutput

type GetSecretRotationArrayInput

type GetSecretRotationArrayInput interface {
	pulumi.Input

	ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput
	ToGetSecretRotationArrayOutputWithContext(context.Context) GetSecretRotationArrayOutput
}

GetSecretRotationArrayInput is an input type that accepts GetSecretRotationArray and GetSecretRotationArrayOutput values. You can construct a concrete instance of `GetSecretRotationArrayInput` via:

GetSecretRotationArray{ GetSecretRotationArgs{...} }

type GetSecretRotationArrayOutput

type GetSecretRotationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretRotationArrayOutput) ElementType

func (GetSecretRotationArrayOutput) Index

func (GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutput

func (o GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutput() GetSecretRotationArrayOutput

func (GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutputWithContext

func (o GetSecretRotationArrayOutput) ToGetSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretRotationArrayOutput

type GetSecretRotationInput

type GetSecretRotationInput interface {
	pulumi.Input

	ToGetSecretRotationOutput() GetSecretRotationOutput
	ToGetSecretRotationOutputWithContext(context.Context) GetSecretRotationOutput
}

GetSecretRotationInput is an input type that accepts GetSecretRotationArgs and GetSecretRotationOutput values. You can construct a concrete instance of `GetSecretRotationInput` via:

GetSecretRotationArgs{...}

type GetSecretRotationOutput

type GetSecretRotationOutput struct{ *pulumi.OutputState }

func (GetSecretRotationOutput) ElementType

func (GetSecretRotationOutput) ElementType() reflect.Type

func (GetSecretRotationOutput) NextRotationTime

func (o GetSecretRotationOutput) NextRotationTime() pulumi.StringOutput

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (GetSecretRotationOutput) RotationPeriod

func (o GetSecretRotationOutput) RotationPeriod() pulumi.StringOutput

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, 'next_rotation_time' must be set. 'next_rotation_time' will be advanced by this period when the service automatically sends rotation notifications.

func (GetSecretRotationOutput) ToGetSecretRotationOutput

func (o GetSecretRotationOutput) ToGetSecretRotationOutput() GetSecretRotationOutput

func (GetSecretRotationOutput) ToGetSecretRotationOutputWithContext

func (o GetSecretRotationOutput) ToGetSecretRotationOutputWithContext(ctx context.Context) GetSecretRotationOutput

type GetSecretTopic

type GetSecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name string `pulumi:"name"`
}

type GetSecretTopicArgs

type GetSecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetSecretTopicArgs) ElementType

func (GetSecretTopicArgs) ElementType() reflect.Type

func (GetSecretTopicArgs) ToGetSecretTopicOutput

func (i GetSecretTopicArgs) ToGetSecretTopicOutput() GetSecretTopicOutput

func (GetSecretTopicArgs) ToGetSecretTopicOutputWithContext

func (i GetSecretTopicArgs) ToGetSecretTopicOutputWithContext(ctx context.Context) GetSecretTopicOutput

type GetSecretTopicArray

type GetSecretTopicArray []GetSecretTopicInput

func (GetSecretTopicArray) ElementType

func (GetSecretTopicArray) ElementType() reflect.Type

func (GetSecretTopicArray) ToGetSecretTopicArrayOutput

func (i GetSecretTopicArray) ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput

func (GetSecretTopicArray) ToGetSecretTopicArrayOutputWithContext

func (i GetSecretTopicArray) ToGetSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretTopicArrayOutput

type GetSecretTopicArrayInput

type GetSecretTopicArrayInput interface {
	pulumi.Input

	ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput
	ToGetSecretTopicArrayOutputWithContext(context.Context) GetSecretTopicArrayOutput
}

GetSecretTopicArrayInput is an input type that accepts GetSecretTopicArray and GetSecretTopicArrayOutput values. You can construct a concrete instance of `GetSecretTopicArrayInput` via:

GetSecretTopicArray{ GetSecretTopicArgs{...} }

type GetSecretTopicArrayOutput

type GetSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (GetSecretTopicArrayOutput) ElementType

func (GetSecretTopicArrayOutput) ElementType() reflect.Type

func (GetSecretTopicArrayOutput) Index

func (GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutput

func (o GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutput() GetSecretTopicArrayOutput

func (GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutputWithContext

func (o GetSecretTopicArrayOutput) ToGetSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretTopicArrayOutput

type GetSecretTopicInput

type GetSecretTopicInput interface {
	pulumi.Input

	ToGetSecretTopicOutput() GetSecretTopicOutput
	ToGetSecretTopicOutputWithContext(context.Context) GetSecretTopicOutput
}

GetSecretTopicInput is an input type that accepts GetSecretTopicArgs and GetSecretTopicOutput values. You can construct a concrete instance of `GetSecretTopicInput` via:

GetSecretTopicArgs{...}

type GetSecretTopicOutput

type GetSecretTopicOutput struct{ *pulumi.OutputState }

func (GetSecretTopicOutput) ElementType

func (GetSecretTopicOutput) ElementType() reflect.Type

func (GetSecretTopicOutput) Name

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (GetSecretTopicOutput) ToGetSecretTopicOutput

func (o GetSecretTopicOutput) ToGetSecretTopicOutput() GetSecretTopicOutput

func (GetSecretTopicOutput) ToGetSecretTopicOutputWithContext

func (o GetSecretTopicOutput) ToGetSecretTopicOutputWithContext(ctx context.Context) GetSecretTopicOutput

type GetSecretVersionAccessArgs

type GetSecretVersionAccessArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 *bool `pulumi:"isSecretDataBase64"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The secret to get the secret version for.
	Secret string `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersionAccess.

type GetSecretVersionAccessOutputArgs

type GetSecretVersionAccessOutputArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 pulumi.BoolPtrInput `pulumi:"isSecretDataBase64"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The secret to get the secret version for.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersionAccess.

func (GetSecretVersionAccessOutputArgs) ElementType

type GetSecretVersionAccessResult

type GetSecretVersionAccessResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id                 string `pulumi:"id"`
	IsSecretDataBase64 *bool  `pulumi:"isSecretDataBase64"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getSecretVersionAccess.

func GetSecretVersionAccess

func GetSecretVersionAccess(ctx *pulumi.Context, args *GetSecretVersionAccessArgs, opts ...pulumi.InvokeOption) (*GetSecretVersionAccessResult, error)

Get the value from a Secret Manager secret version. This is similar to the secretmanager.SecretVersion datasource, but it only requires the [Secret Manager Secret Accessor](https://cloud.google.com/secret-manager/docs/access-control#secretmanager.secretAccessor) role. For more information see the [official documentation](https://cloud.google.com/secret-manager/docs/) and [API](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets.versions/access).

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetSecretVersionAccess(ctx, &secretmanager.GetSecretVersionAccessArgs{
			Secret: "my-secret",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetSecretVersionAccessResultOutput

type GetSecretVersionAccessResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretVersionAccess.

func (GetSecretVersionAccessResultOutput) ElementType

func (GetSecretVersionAccessResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetSecretVersionAccessResultOutput) IsSecretDataBase64 added in v8.7.0

func (GetSecretVersionAccessResultOutput) Name

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (GetSecretVersionAccessResultOutput) Project

func (GetSecretVersionAccessResultOutput) Secret

func (GetSecretVersionAccessResultOutput) SecretData

The secret data. No larger than 64KiB.

func (GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutput

func (o GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutput() GetSecretVersionAccessResultOutput

func (GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutputWithContext

func (o GetSecretVersionAccessResultOutput) ToGetSecretVersionAccessResultOutputWithContext(ctx context.Context) GetSecretVersionAccessResultOutput

func (GetSecretVersionAccessResultOutput) Version

type GetSecretsArgs

type GetSecretsArgs struct {
	// Filter string, adhering to the rules in [List-operation filtering](https://cloud.google.com/secret-manager/docs/filtering). List only secrets matching the filter. If filter is empty, all secrets are listed.
	Filter *string `pulumi:"filter"`
	// The ID of the project.
	Project *string `pulumi:"project"`
}

A collection of arguments for invoking getSecrets.

type GetSecretsOutputArgs

type GetSecretsOutputArgs struct {
	// Filter string, adhering to the rules in [List-operation filtering](https://cloud.google.com/secret-manager/docs/filtering). List only secrets matching the filter. If filter is empty, all secrets are listed.
	Filter pulumi.StringPtrInput `pulumi:"filter"`
	// The ID of the project.
	Project pulumi.StringPtrInput `pulumi:"project"`
}

A collection of arguments for invoking getSecrets.

func (GetSecretsOutputArgs) ElementType

func (GetSecretsOutputArgs) ElementType() reflect.Type

type GetSecretsResult

type GetSecretsResult struct {
	Filter *string `pulumi:"filter"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The ID of the project in which the resource belongs.
	Project string `pulumi:"project"`
	// A list of secrets matching the filter. Structure is defined below.
	Secrets []GetSecretsSecret `pulumi:"secrets"`
}

A collection of values returned by getSecrets.

func GetSecrets

func GetSecrets(ctx *pulumi.Context, args *GetSecretsArgs, opts ...pulumi.InvokeOption) (*GetSecretsResult, error)

Use this data source to list the Secret Manager Secrets

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetSecrets(ctx, &secretmanager.GetSecretsArgs{}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetSecretsResultOutput

type GetSecretsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecrets.

func (GetSecretsResultOutput) ElementType

func (GetSecretsResultOutput) ElementType() reflect.Type

func (GetSecretsResultOutput) Filter

func (GetSecretsResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (GetSecretsResultOutput) Project

The ID of the project in which the resource belongs.

func (GetSecretsResultOutput) Secrets

A list of secrets matching the filter. Structure is defined below.

func (GetSecretsResultOutput) ToGetSecretsResultOutput

func (o GetSecretsResultOutput) ToGetSecretsResultOutput() GetSecretsResultOutput

func (GetSecretsResultOutput) ToGetSecretsResultOutputWithContext

func (o GetSecretsResultOutput) ToGetSecretsResultOutputWithContext(ctx context.Context) GetSecretsResultOutput

type GetSecretsSecret

type GetSecretsSecret struct {
	// Custom metadata about the secret.
	Annotations map[string]string `pulumi:"annotations"`
	// The time at which the Secret was created.
	CreateTime           string            `pulumi:"createTime"`
	EffectiveAnnotations map[string]string `pulumi:"effectiveAnnotations"`
	EffectiveLabels      map[string]string `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the Secret is scheduled to expire.
	ExpireTime string `pulumi:"expireTime"`
	// The labels assigned to this Secret.
	Labels map[string]string `pulumi:"labels"`
	// The resource name of the Pub/Sub topic that will be published to.
	Name string `pulumi:"name"`
	// The ID of the project.
	Project string `pulumi:"project"`
	// The combination of labels configured directly on the resource
	//  and default labels configured on the provider.
	PulumiLabels map[string]string `pulumi:"pulumiLabels"`
	// The replication policy of the secret data attached to the Secret.
	// Structure is documented below.
	Replications []GetSecretsSecretReplication `pulumi:"replications"`
	// The rotation time and period for a Secret.
	// Structure is documented below.
	Rotations []GetSecretsSecretRotation `pulumi:"rotations"`
	// This must be unique within the project.
	SecretId string `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
	// Structure is documented below.
	Topics []GetSecretsSecretTopic `pulumi:"topics"`
	// The TTL for the Secret.
	// A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	// Only one of 'ttl' or 'expire_time' can be provided.
	Ttl string `pulumi:"ttl"`
	// Mapping from version alias to version name.
	VersionAliases map[string]string `pulumi:"versionAliases"`
	// The version destroy ttl for the secret version.
	VersionDestroyTtl string `pulumi:"versionDestroyTtl"`
}

type GetSecretsSecretArgs

type GetSecretsSecretArgs struct {
	// Custom metadata about the secret.
	Annotations pulumi.StringMapInput `pulumi:"annotations"`
	// The time at which the Secret was created.
	CreateTime           pulumi.StringInput    `pulumi:"createTime"`
	EffectiveAnnotations pulumi.StringMapInput `pulumi:"effectiveAnnotations"`
	EffectiveLabels      pulumi.StringMapInput `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the Secret is scheduled to expire.
	ExpireTime pulumi.StringInput `pulumi:"expireTime"`
	// The labels assigned to this Secret.
	Labels pulumi.StringMapInput `pulumi:"labels"`
	// The resource name of the Pub/Sub topic that will be published to.
	Name pulumi.StringInput `pulumi:"name"`
	// The ID of the project.
	Project pulumi.StringInput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	//  and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput `pulumi:"pulumiLabels"`
	// The replication policy of the secret data attached to the Secret.
	// Structure is documented below.
	Replications GetSecretsSecretReplicationArrayInput `pulumi:"replications"`
	// The rotation time and period for a Secret.
	// Structure is documented below.
	Rotations GetSecretsSecretRotationArrayInput `pulumi:"rotations"`
	// This must be unique within the project.
	SecretId pulumi.StringInput `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
	// Structure is documented below.
	Topics GetSecretsSecretTopicArrayInput `pulumi:"topics"`
	// The TTL for the Secret.
	// A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	// Only one of 'ttl' or 'expire_time' can be provided.
	Ttl pulumi.StringInput `pulumi:"ttl"`
	// Mapping from version alias to version name.
	VersionAliases pulumi.StringMapInput `pulumi:"versionAliases"`
	// The version destroy ttl for the secret version.
	VersionDestroyTtl pulumi.StringInput `pulumi:"versionDestroyTtl"`
}

func (GetSecretsSecretArgs) ElementType

func (GetSecretsSecretArgs) ElementType() reflect.Type

func (GetSecretsSecretArgs) ToGetSecretsSecretOutput

func (i GetSecretsSecretArgs) ToGetSecretsSecretOutput() GetSecretsSecretOutput

func (GetSecretsSecretArgs) ToGetSecretsSecretOutputWithContext

func (i GetSecretsSecretArgs) ToGetSecretsSecretOutputWithContext(ctx context.Context) GetSecretsSecretOutput

type GetSecretsSecretArray

type GetSecretsSecretArray []GetSecretsSecretInput

func (GetSecretsSecretArray) ElementType

func (GetSecretsSecretArray) ElementType() reflect.Type

func (GetSecretsSecretArray) ToGetSecretsSecretArrayOutput

func (i GetSecretsSecretArray) ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput

func (GetSecretsSecretArray) ToGetSecretsSecretArrayOutputWithContext

func (i GetSecretsSecretArray) ToGetSecretsSecretArrayOutputWithContext(ctx context.Context) GetSecretsSecretArrayOutput

type GetSecretsSecretArrayInput

type GetSecretsSecretArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput
	ToGetSecretsSecretArrayOutputWithContext(context.Context) GetSecretsSecretArrayOutput
}

GetSecretsSecretArrayInput is an input type that accepts GetSecretsSecretArray and GetSecretsSecretArrayOutput values. You can construct a concrete instance of `GetSecretsSecretArrayInput` via:

GetSecretsSecretArray{ GetSecretsSecretArgs{...} }

type GetSecretsSecretArrayOutput

type GetSecretsSecretArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretArrayOutput) ElementType

func (GetSecretsSecretArrayOutput) Index

func (GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutput

func (o GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput

func (GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutputWithContext

func (o GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutputWithContext(ctx context.Context) GetSecretsSecretArrayOutput

type GetSecretsSecretInput

type GetSecretsSecretInput interface {
	pulumi.Input

	ToGetSecretsSecretOutput() GetSecretsSecretOutput
	ToGetSecretsSecretOutputWithContext(context.Context) GetSecretsSecretOutput
}

GetSecretsSecretInput is an input type that accepts GetSecretsSecretArgs and GetSecretsSecretOutput values. You can construct a concrete instance of `GetSecretsSecretInput` via:

GetSecretsSecretArgs{...}

type GetSecretsSecretOutput

type GetSecretsSecretOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretOutput) Annotations

Custom metadata about the secret.

func (GetSecretsSecretOutput) CreateTime

The time at which the Secret was created.

func (GetSecretsSecretOutput) EffectiveAnnotations

func (o GetSecretsSecretOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (GetSecretsSecretOutput) EffectiveLabels

func (o GetSecretsSecretOutput) EffectiveLabels() pulumi.StringMapOutput

func (GetSecretsSecretOutput) ElementType

func (GetSecretsSecretOutput) ElementType() reflect.Type

func (GetSecretsSecretOutput) ExpireTime

Timestamp in UTC when the Secret is scheduled to expire.

func (GetSecretsSecretOutput) Labels

The labels assigned to this Secret.

func (GetSecretsSecretOutput) Name

The resource name of the Pub/Sub topic that will be published to.

func (GetSecretsSecretOutput) Project

The ID of the project.

func (GetSecretsSecretOutput) PulumiLabels

The combination of labels configured directly on the resource

and default labels configured on the provider.

func (GetSecretsSecretOutput) Replications

The replication policy of the secret data attached to the Secret. Structure is documented below.

func (GetSecretsSecretOutput) Rotations

The rotation time and period for a Secret. Structure is documented below.

func (GetSecretsSecretOutput) SecretId

This must be unique within the project.

func (GetSecretsSecretOutput) ToGetSecretsSecretOutput

func (o GetSecretsSecretOutput) ToGetSecretsSecretOutput() GetSecretsSecretOutput

func (GetSecretsSecretOutput) ToGetSecretsSecretOutputWithContext

func (o GetSecretsSecretOutput) ToGetSecretsSecretOutputWithContext(ctx context.Context) GetSecretsSecretOutput

func (GetSecretsSecretOutput) Topics

A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.

func (GetSecretsSecretOutput) Ttl

The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.

func (GetSecretsSecretOutput) VersionAliases

func (o GetSecretsSecretOutput) VersionAliases() pulumi.StringMapOutput

Mapping from version alias to version name.

func (GetSecretsSecretOutput) VersionDestroyTtl

func (o GetSecretsSecretOutput) VersionDestroyTtl() pulumi.StringOutput

The version destroy ttl for the secret version.

type GetSecretsSecretReplication

type GetSecretsSecretReplication struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Autos []GetSecretsSecretReplicationAuto `pulumi:"autos"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManageds []GetSecretsSecretReplicationUserManaged `pulumi:"userManageds"`
}

type GetSecretsSecretReplicationArgs

type GetSecretsSecretReplicationArgs struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Autos GetSecretsSecretReplicationAutoArrayInput `pulumi:"autos"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManageds GetSecretsSecretReplicationUserManagedArrayInput `pulumi:"userManageds"`
}

func (GetSecretsSecretReplicationArgs) ElementType

func (GetSecretsSecretReplicationArgs) ToGetSecretsSecretReplicationOutput

func (i GetSecretsSecretReplicationArgs) ToGetSecretsSecretReplicationOutput() GetSecretsSecretReplicationOutput

func (GetSecretsSecretReplicationArgs) ToGetSecretsSecretReplicationOutputWithContext

func (i GetSecretsSecretReplicationArgs) ToGetSecretsSecretReplicationOutputWithContext(ctx context.Context) GetSecretsSecretReplicationOutput

type GetSecretsSecretReplicationArray

type GetSecretsSecretReplicationArray []GetSecretsSecretReplicationInput

func (GetSecretsSecretReplicationArray) ElementType

func (GetSecretsSecretReplicationArray) ToGetSecretsSecretReplicationArrayOutput

func (i GetSecretsSecretReplicationArray) ToGetSecretsSecretReplicationArrayOutput() GetSecretsSecretReplicationArrayOutput

func (GetSecretsSecretReplicationArray) ToGetSecretsSecretReplicationArrayOutputWithContext

func (i GetSecretsSecretReplicationArray) ToGetSecretsSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationArrayOutput

type GetSecretsSecretReplicationArrayInput

type GetSecretsSecretReplicationArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationArrayOutput() GetSecretsSecretReplicationArrayOutput
	ToGetSecretsSecretReplicationArrayOutputWithContext(context.Context) GetSecretsSecretReplicationArrayOutput
}

GetSecretsSecretReplicationArrayInput is an input type that accepts GetSecretsSecretReplicationArray and GetSecretsSecretReplicationArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationArrayInput` via:

GetSecretsSecretReplicationArray{ GetSecretsSecretReplicationArgs{...} }

type GetSecretsSecretReplicationArrayOutput

type GetSecretsSecretReplicationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationArrayOutput) ElementType

func (GetSecretsSecretReplicationArrayOutput) Index

func (GetSecretsSecretReplicationArrayOutput) ToGetSecretsSecretReplicationArrayOutput

func (o GetSecretsSecretReplicationArrayOutput) ToGetSecretsSecretReplicationArrayOutput() GetSecretsSecretReplicationArrayOutput

func (GetSecretsSecretReplicationArrayOutput) ToGetSecretsSecretReplicationArrayOutputWithContext

func (o GetSecretsSecretReplicationArrayOutput) ToGetSecretsSecretReplicationArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationArrayOutput

type GetSecretsSecretReplicationAuto

type GetSecretsSecretReplicationAuto struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryptions []GetSecretsSecretReplicationAutoCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
}

type GetSecretsSecretReplicationAutoArgs

type GetSecretsSecretReplicationAutoArgs struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryptions GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
}

func (GetSecretsSecretReplicationAutoArgs) ElementType

func (GetSecretsSecretReplicationAutoArgs) ToGetSecretsSecretReplicationAutoOutput

func (i GetSecretsSecretReplicationAutoArgs) ToGetSecretsSecretReplicationAutoOutput() GetSecretsSecretReplicationAutoOutput

func (GetSecretsSecretReplicationAutoArgs) ToGetSecretsSecretReplicationAutoOutputWithContext

func (i GetSecretsSecretReplicationAutoArgs) ToGetSecretsSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoOutput

type GetSecretsSecretReplicationAutoArray

type GetSecretsSecretReplicationAutoArray []GetSecretsSecretReplicationAutoInput

func (GetSecretsSecretReplicationAutoArray) ElementType

func (GetSecretsSecretReplicationAutoArray) ToGetSecretsSecretReplicationAutoArrayOutput

func (i GetSecretsSecretReplicationAutoArray) ToGetSecretsSecretReplicationAutoArrayOutput() GetSecretsSecretReplicationAutoArrayOutput

func (GetSecretsSecretReplicationAutoArray) ToGetSecretsSecretReplicationAutoArrayOutputWithContext

func (i GetSecretsSecretReplicationAutoArray) ToGetSecretsSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoArrayOutput

type GetSecretsSecretReplicationAutoArrayInput

type GetSecretsSecretReplicationAutoArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationAutoArrayOutput() GetSecretsSecretReplicationAutoArrayOutput
	ToGetSecretsSecretReplicationAutoArrayOutputWithContext(context.Context) GetSecretsSecretReplicationAutoArrayOutput
}

GetSecretsSecretReplicationAutoArrayInput is an input type that accepts GetSecretsSecretReplicationAutoArray and GetSecretsSecretReplicationAutoArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationAutoArrayInput` via:

GetSecretsSecretReplicationAutoArray{ GetSecretsSecretReplicationAutoArgs{...} }

type GetSecretsSecretReplicationAutoArrayOutput

type GetSecretsSecretReplicationAutoArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationAutoArrayOutput) ElementType

func (GetSecretsSecretReplicationAutoArrayOutput) Index

func (GetSecretsSecretReplicationAutoArrayOutput) ToGetSecretsSecretReplicationAutoArrayOutput

func (o GetSecretsSecretReplicationAutoArrayOutput) ToGetSecretsSecretReplicationAutoArrayOutput() GetSecretsSecretReplicationAutoArrayOutput

func (GetSecretsSecretReplicationAutoArrayOutput) ToGetSecretsSecretReplicationAutoArrayOutputWithContext

func (o GetSecretsSecretReplicationAutoArrayOutput) ToGetSecretsSecretReplicationAutoArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoArrayOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryption

type GetSecretsSecretReplicationAutoCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs) ElementType

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (i GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray []GetSecretsSecretReplicationAutoCustomerManagedEncryptionInput

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray) ElementType

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext

func (i GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayInput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput() GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput
	ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput
}

GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray and GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayInput` via:

GetSecretsSecretReplicationAutoCustomerManagedEncryptionArray{ GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs{...} }

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ElementType

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput) Index

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext

func (o GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionArrayOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionInput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput() GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput
	ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput
}

GetSecretsSecretReplicationAutoCustomerManagedEncryptionInput is an input type that accepts GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs and GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationAutoCustomerManagedEncryptionInput` via:

GetSecretsSecretReplicationAutoCustomerManagedEncryptionArgs{...}

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput) ElementType

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput

func (GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (o GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput) ToGetSecretsSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoCustomerManagedEncryptionOutput

type GetSecretsSecretReplicationAutoInput

type GetSecretsSecretReplicationAutoInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationAutoOutput() GetSecretsSecretReplicationAutoOutput
	ToGetSecretsSecretReplicationAutoOutputWithContext(context.Context) GetSecretsSecretReplicationAutoOutput
}

GetSecretsSecretReplicationAutoInput is an input type that accepts GetSecretsSecretReplicationAutoArgs and GetSecretsSecretReplicationAutoOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationAutoInput` via:

GetSecretsSecretReplicationAutoArgs{...}

type GetSecretsSecretReplicationAutoOutput

type GetSecretsSecretReplicationAutoOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationAutoOutput) CustomerManagedEncryptions

Customer Managed Encryption for the secret. Structure is documented below.

func (GetSecretsSecretReplicationAutoOutput) ElementType

func (GetSecretsSecretReplicationAutoOutput) ToGetSecretsSecretReplicationAutoOutput

func (o GetSecretsSecretReplicationAutoOutput) ToGetSecretsSecretReplicationAutoOutput() GetSecretsSecretReplicationAutoOutput

func (GetSecretsSecretReplicationAutoOutput) ToGetSecretsSecretReplicationAutoOutputWithContext

func (o GetSecretsSecretReplicationAutoOutput) ToGetSecretsSecretReplicationAutoOutputWithContext(ctx context.Context) GetSecretsSecretReplicationAutoOutput

type GetSecretsSecretReplicationInput

type GetSecretsSecretReplicationInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationOutput() GetSecretsSecretReplicationOutput
	ToGetSecretsSecretReplicationOutputWithContext(context.Context) GetSecretsSecretReplicationOutput
}

GetSecretsSecretReplicationInput is an input type that accepts GetSecretsSecretReplicationArgs and GetSecretsSecretReplicationOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationInput` via:

GetSecretsSecretReplicationArgs{...}

type GetSecretsSecretReplicationOutput

type GetSecretsSecretReplicationOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationOutput) Autos

The Secret will automatically be replicated without any restrictions. Structure is documented below.

func (GetSecretsSecretReplicationOutput) ElementType

func (GetSecretsSecretReplicationOutput) ToGetSecretsSecretReplicationOutput

func (o GetSecretsSecretReplicationOutput) ToGetSecretsSecretReplicationOutput() GetSecretsSecretReplicationOutput

func (GetSecretsSecretReplicationOutput) ToGetSecretsSecretReplicationOutputWithContext

func (o GetSecretsSecretReplicationOutput) ToGetSecretsSecretReplicationOutputWithContext(ctx context.Context) GetSecretsSecretReplicationOutput

func (GetSecretsSecretReplicationOutput) UserManageds

The Secret will be replicated to the regions specified by the user. Structure is documented below.

type GetSecretsSecretReplicationUserManaged

type GetSecretsSecretReplicationUserManaged struct {
	// The list of Replicas for this Secret.
	// Structure is documented below.
	Replicas []GetSecretsSecretReplicationUserManagedReplica `pulumi:"replicas"`
}

type GetSecretsSecretReplicationUserManagedArgs

type GetSecretsSecretReplicationUserManagedArgs struct {
	// The list of Replicas for this Secret.
	// Structure is documented below.
	Replicas GetSecretsSecretReplicationUserManagedReplicaArrayInput `pulumi:"replicas"`
}

func (GetSecretsSecretReplicationUserManagedArgs) ElementType

func (GetSecretsSecretReplicationUserManagedArgs) ToGetSecretsSecretReplicationUserManagedOutput

func (i GetSecretsSecretReplicationUserManagedArgs) ToGetSecretsSecretReplicationUserManagedOutput() GetSecretsSecretReplicationUserManagedOutput

func (GetSecretsSecretReplicationUserManagedArgs) ToGetSecretsSecretReplicationUserManagedOutputWithContext

func (i GetSecretsSecretReplicationUserManagedArgs) ToGetSecretsSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedOutput

type GetSecretsSecretReplicationUserManagedArray

type GetSecretsSecretReplicationUserManagedArray []GetSecretsSecretReplicationUserManagedInput

func (GetSecretsSecretReplicationUserManagedArray) ElementType

func (GetSecretsSecretReplicationUserManagedArray) ToGetSecretsSecretReplicationUserManagedArrayOutput

func (i GetSecretsSecretReplicationUserManagedArray) ToGetSecretsSecretReplicationUserManagedArrayOutput() GetSecretsSecretReplicationUserManagedArrayOutput

func (GetSecretsSecretReplicationUserManagedArray) ToGetSecretsSecretReplicationUserManagedArrayOutputWithContext

func (i GetSecretsSecretReplicationUserManagedArray) ToGetSecretsSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedArrayOutput

type GetSecretsSecretReplicationUserManagedArrayInput

type GetSecretsSecretReplicationUserManagedArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedArrayOutput() GetSecretsSecretReplicationUserManagedArrayOutput
	ToGetSecretsSecretReplicationUserManagedArrayOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedArrayOutput
}

GetSecretsSecretReplicationUserManagedArrayInput is an input type that accepts GetSecretsSecretReplicationUserManagedArray and GetSecretsSecretReplicationUserManagedArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedArrayInput` via:

GetSecretsSecretReplicationUserManagedArray{ GetSecretsSecretReplicationUserManagedArgs{...} }

type GetSecretsSecretReplicationUserManagedArrayOutput

type GetSecretsSecretReplicationUserManagedArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedArrayOutput) ElementType

func (GetSecretsSecretReplicationUserManagedArrayOutput) Index

func (GetSecretsSecretReplicationUserManagedArrayOutput) ToGetSecretsSecretReplicationUserManagedArrayOutput

func (o GetSecretsSecretReplicationUserManagedArrayOutput) ToGetSecretsSecretReplicationUserManagedArrayOutput() GetSecretsSecretReplicationUserManagedArrayOutput

func (GetSecretsSecretReplicationUserManagedArrayOutput) ToGetSecretsSecretReplicationUserManagedArrayOutputWithContext

func (o GetSecretsSecretReplicationUserManagedArrayOutput) ToGetSecretsSecretReplicationUserManagedArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedArrayOutput

type GetSecretsSecretReplicationUserManagedInput

type GetSecretsSecretReplicationUserManagedInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedOutput() GetSecretsSecretReplicationUserManagedOutput
	ToGetSecretsSecretReplicationUserManagedOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedOutput
}

GetSecretsSecretReplicationUserManagedInput is an input type that accepts GetSecretsSecretReplicationUserManagedArgs and GetSecretsSecretReplicationUserManagedOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedInput` via:

GetSecretsSecretReplicationUserManagedArgs{...}

type GetSecretsSecretReplicationUserManagedOutput

type GetSecretsSecretReplicationUserManagedOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedOutput) ElementType

func (GetSecretsSecretReplicationUserManagedOutput) Replicas

The list of Replicas for this Secret. Structure is documented below.

func (GetSecretsSecretReplicationUserManagedOutput) ToGetSecretsSecretReplicationUserManagedOutput

func (o GetSecretsSecretReplicationUserManagedOutput) ToGetSecretsSecretReplicationUserManagedOutput() GetSecretsSecretReplicationUserManagedOutput

func (GetSecretsSecretReplicationUserManagedOutput) ToGetSecretsSecretReplicationUserManagedOutputWithContext

func (o GetSecretsSecretReplicationUserManagedOutput) ToGetSecretsSecretReplicationUserManagedOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedOutput

type GetSecretsSecretReplicationUserManagedReplica

type GetSecretsSecretReplicationUserManagedReplica struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryptions []GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	// The canonical IDs of the location to replicate data.
	Location string `pulumi:"location"`
}

type GetSecretsSecretReplicationUserManagedReplicaArgs

type GetSecretsSecretReplicationUserManagedReplicaArgs struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryptions GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput `pulumi:"customerManagedEncryptions"`
	// The canonical IDs of the location to replicate data.
	Location pulumi.StringInput `pulumi:"location"`
}

func (GetSecretsSecretReplicationUserManagedReplicaArgs) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaArgs) ToGetSecretsSecretReplicationUserManagedReplicaOutput

func (i GetSecretsSecretReplicationUserManagedReplicaArgs) ToGetSecretsSecretReplicationUserManagedReplicaOutput() GetSecretsSecretReplicationUserManagedReplicaOutput

func (GetSecretsSecretReplicationUserManagedReplicaArgs) ToGetSecretsSecretReplicationUserManagedReplicaOutputWithContext

func (i GetSecretsSecretReplicationUserManagedReplicaArgs) ToGetSecretsSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedReplicaOutput

type GetSecretsSecretReplicationUserManagedReplicaArray

type GetSecretsSecretReplicationUserManagedReplicaArray []GetSecretsSecretReplicationUserManagedReplicaInput

func (GetSecretsSecretReplicationUserManagedReplicaArray) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaArray) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutput

func (i GetSecretsSecretReplicationUserManagedReplicaArray) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutput() GetSecretsSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretsSecretReplicationUserManagedReplicaArray) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutputWithContext

func (i GetSecretsSecretReplicationUserManagedReplicaArray) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedReplicaArrayOutput

type GetSecretsSecretReplicationUserManagedReplicaArrayInput

type GetSecretsSecretReplicationUserManagedReplicaArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedReplicaArrayOutput() GetSecretsSecretReplicationUserManagedReplicaArrayOutput
	ToGetSecretsSecretReplicationUserManagedReplicaArrayOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedReplicaArrayOutput
}

GetSecretsSecretReplicationUserManagedReplicaArrayInput is an input type that accepts GetSecretsSecretReplicationUserManagedReplicaArray and GetSecretsSecretReplicationUserManagedReplicaArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedReplicaArrayInput` via:

GetSecretsSecretReplicationUserManagedReplicaArray{ GetSecretsSecretReplicationUserManagedReplicaArgs{...} }

type GetSecretsSecretReplicationUserManagedReplicaArrayOutput

type GetSecretsSecretReplicationUserManagedReplicaArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedReplicaArrayOutput) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaArrayOutput) Index

func (GetSecretsSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutput

func (GetSecretsSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutputWithContext

func (o GetSecretsSecretReplicationUserManagedReplicaArrayOutput) ToGetSecretsSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedReplicaArrayOutput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray []GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

func (i GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput() GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
	ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput
}

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput is an input type that accepts GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray and GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayInput` via:

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArray{ GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...} }

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutput) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArrayOutputWithContext

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput() GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
	ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
}

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput is an input type that accepts GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs and GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionInput` via:

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToGetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

type GetSecretsSecretReplicationUserManagedReplicaInput

type GetSecretsSecretReplicationUserManagedReplicaInput interface {
	pulumi.Input

	ToGetSecretsSecretReplicationUserManagedReplicaOutput() GetSecretsSecretReplicationUserManagedReplicaOutput
	ToGetSecretsSecretReplicationUserManagedReplicaOutputWithContext(context.Context) GetSecretsSecretReplicationUserManagedReplicaOutput
}

GetSecretsSecretReplicationUserManagedReplicaInput is an input type that accepts GetSecretsSecretReplicationUserManagedReplicaArgs and GetSecretsSecretReplicationUserManagedReplicaOutput values. You can construct a concrete instance of `GetSecretsSecretReplicationUserManagedReplicaInput` via:

GetSecretsSecretReplicationUserManagedReplicaArgs{...}

type GetSecretsSecretReplicationUserManagedReplicaOutput

type GetSecretsSecretReplicationUserManagedReplicaOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretReplicationUserManagedReplicaOutput) CustomerManagedEncryptions

Customer Managed Encryption for the secret. Structure is documented below.

func (GetSecretsSecretReplicationUserManagedReplicaOutput) ElementType

func (GetSecretsSecretReplicationUserManagedReplicaOutput) Location

The canonical IDs of the location to replicate data.

func (GetSecretsSecretReplicationUserManagedReplicaOutput) ToGetSecretsSecretReplicationUserManagedReplicaOutput

func (o GetSecretsSecretReplicationUserManagedReplicaOutput) ToGetSecretsSecretReplicationUserManagedReplicaOutput() GetSecretsSecretReplicationUserManagedReplicaOutput

func (GetSecretsSecretReplicationUserManagedReplicaOutput) ToGetSecretsSecretReplicationUserManagedReplicaOutputWithContext

func (o GetSecretsSecretReplicationUserManagedReplicaOutput) ToGetSecretsSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) GetSecretsSecretReplicationUserManagedReplicaOutput

type GetSecretsSecretRotation

type GetSecretsSecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	NextRotationTime string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications.
	RotationPeriod string `pulumi:"rotationPeriod"`
}

type GetSecretsSecretRotationArgs

type GetSecretsSecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	NextRotationTime pulumi.StringInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications.
	RotationPeriod pulumi.StringInput `pulumi:"rotationPeriod"`
}

func (GetSecretsSecretRotationArgs) ElementType

func (GetSecretsSecretRotationArgs) ToGetSecretsSecretRotationOutput

func (i GetSecretsSecretRotationArgs) ToGetSecretsSecretRotationOutput() GetSecretsSecretRotationOutput

func (GetSecretsSecretRotationArgs) ToGetSecretsSecretRotationOutputWithContext

func (i GetSecretsSecretRotationArgs) ToGetSecretsSecretRotationOutputWithContext(ctx context.Context) GetSecretsSecretRotationOutput

type GetSecretsSecretRotationArray

type GetSecretsSecretRotationArray []GetSecretsSecretRotationInput

func (GetSecretsSecretRotationArray) ElementType

func (GetSecretsSecretRotationArray) ToGetSecretsSecretRotationArrayOutput

func (i GetSecretsSecretRotationArray) ToGetSecretsSecretRotationArrayOutput() GetSecretsSecretRotationArrayOutput

func (GetSecretsSecretRotationArray) ToGetSecretsSecretRotationArrayOutputWithContext

func (i GetSecretsSecretRotationArray) ToGetSecretsSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretsSecretRotationArrayOutput

type GetSecretsSecretRotationArrayInput

type GetSecretsSecretRotationArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretRotationArrayOutput() GetSecretsSecretRotationArrayOutput
	ToGetSecretsSecretRotationArrayOutputWithContext(context.Context) GetSecretsSecretRotationArrayOutput
}

GetSecretsSecretRotationArrayInput is an input type that accepts GetSecretsSecretRotationArray and GetSecretsSecretRotationArrayOutput values. You can construct a concrete instance of `GetSecretsSecretRotationArrayInput` via:

GetSecretsSecretRotationArray{ GetSecretsSecretRotationArgs{...} }

type GetSecretsSecretRotationArrayOutput

type GetSecretsSecretRotationArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretRotationArrayOutput) ElementType

func (GetSecretsSecretRotationArrayOutput) Index

func (GetSecretsSecretRotationArrayOutput) ToGetSecretsSecretRotationArrayOutput

func (o GetSecretsSecretRotationArrayOutput) ToGetSecretsSecretRotationArrayOutput() GetSecretsSecretRotationArrayOutput

func (GetSecretsSecretRotationArrayOutput) ToGetSecretsSecretRotationArrayOutputWithContext

func (o GetSecretsSecretRotationArrayOutput) ToGetSecretsSecretRotationArrayOutputWithContext(ctx context.Context) GetSecretsSecretRotationArrayOutput

type GetSecretsSecretRotationInput

type GetSecretsSecretRotationInput interface {
	pulumi.Input

	ToGetSecretsSecretRotationOutput() GetSecretsSecretRotationOutput
	ToGetSecretsSecretRotationOutputWithContext(context.Context) GetSecretsSecretRotationOutput
}

GetSecretsSecretRotationInput is an input type that accepts GetSecretsSecretRotationArgs and GetSecretsSecretRotationOutput values. You can construct a concrete instance of `GetSecretsSecretRotationInput` via:

GetSecretsSecretRotationArgs{...}

type GetSecretsSecretRotationOutput

type GetSecretsSecretRotationOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretRotationOutput) ElementType

func (GetSecretsSecretRotationOutput) NextRotationTime

func (o GetSecretsSecretRotationOutput) NextRotationTime() pulumi.StringOutput

Timestamp in UTC at which the Secret is scheduled to rotate.

func (GetSecretsSecretRotationOutput) RotationPeriod

The Duration between rotation notifications.

func (GetSecretsSecretRotationOutput) ToGetSecretsSecretRotationOutput

func (o GetSecretsSecretRotationOutput) ToGetSecretsSecretRotationOutput() GetSecretsSecretRotationOutput

func (GetSecretsSecretRotationOutput) ToGetSecretsSecretRotationOutputWithContext

func (o GetSecretsSecretRotationOutput) ToGetSecretsSecretRotationOutputWithContext(ctx context.Context) GetSecretsSecretRotationOutput

type GetSecretsSecretTopic

type GetSecretsSecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to.
	Name string `pulumi:"name"`
}

type GetSecretsSecretTopicArgs

type GetSecretsSecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to.
	Name pulumi.StringInput `pulumi:"name"`
}

func (GetSecretsSecretTopicArgs) ElementType

func (GetSecretsSecretTopicArgs) ElementType() reflect.Type

func (GetSecretsSecretTopicArgs) ToGetSecretsSecretTopicOutput

func (i GetSecretsSecretTopicArgs) ToGetSecretsSecretTopicOutput() GetSecretsSecretTopicOutput

func (GetSecretsSecretTopicArgs) ToGetSecretsSecretTopicOutputWithContext

func (i GetSecretsSecretTopicArgs) ToGetSecretsSecretTopicOutputWithContext(ctx context.Context) GetSecretsSecretTopicOutput

type GetSecretsSecretTopicArray

type GetSecretsSecretTopicArray []GetSecretsSecretTopicInput

func (GetSecretsSecretTopicArray) ElementType

func (GetSecretsSecretTopicArray) ElementType() reflect.Type

func (GetSecretsSecretTopicArray) ToGetSecretsSecretTopicArrayOutput

func (i GetSecretsSecretTopicArray) ToGetSecretsSecretTopicArrayOutput() GetSecretsSecretTopicArrayOutput

func (GetSecretsSecretTopicArray) ToGetSecretsSecretTopicArrayOutputWithContext

func (i GetSecretsSecretTopicArray) ToGetSecretsSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretsSecretTopicArrayOutput

type GetSecretsSecretTopicArrayInput

type GetSecretsSecretTopicArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretTopicArrayOutput() GetSecretsSecretTopicArrayOutput
	ToGetSecretsSecretTopicArrayOutputWithContext(context.Context) GetSecretsSecretTopicArrayOutput
}

GetSecretsSecretTopicArrayInput is an input type that accepts GetSecretsSecretTopicArray and GetSecretsSecretTopicArrayOutput values. You can construct a concrete instance of `GetSecretsSecretTopicArrayInput` via:

GetSecretsSecretTopicArray{ GetSecretsSecretTopicArgs{...} }

type GetSecretsSecretTopicArrayOutput

type GetSecretsSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretTopicArrayOutput) ElementType

func (GetSecretsSecretTopicArrayOutput) Index

func (GetSecretsSecretTopicArrayOutput) ToGetSecretsSecretTopicArrayOutput

func (o GetSecretsSecretTopicArrayOutput) ToGetSecretsSecretTopicArrayOutput() GetSecretsSecretTopicArrayOutput

func (GetSecretsSecretTopicArrayOutput) ToGetSecretsSecretTopicArrayOutputWithContext

func (o GetSecretsSecretTopicArrayOutput) ToGetSecretsSecretTopicArrayOutputWithContext(ctx context.Context) GetSecretsSecretTopicArrayOutput

type GetSecretsSecretTopicInput

type GetSecretsSecretTopicInput interface {
	pulumi.Input

	ToGetSecretsSecretTopicOutput() GetSecretsSecretTopicOutput
	ToGetSecretsSecretTopicOutputWithContext(context.Context) GetSecretsSecretTopicOutput
}

GetSecretsSecretTopicInput is an input type that accepts GetSecretsSecretTopicArgs and GetSecretsSecretTopicOutput values. You can construct a concrete instance of `GetSecretsSecretTopicInput` via:

GetSecretsSecretTopicArgs{...}

type GetSecretsSecretTopicOutput

type GetSecretsSecretTopicOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretTopicOutput) ElementType

func (GetSecretsSecretTopicOutput) Name

The resource name of the Pub/Sub topic that will be published to.

func (GetSecretsSecretTopicOutput) ToGetSecretsSecretTopicOutput

func (o GetSecretsSecretTopicOutput) ToGetSecretsSecretTopicOutput() GetSecretsSecretTopicOutput

func (GetSecretsSecretTopicOutput) ToGetSecretsSecretTopicOutputWithContext

func (o GetSecretsSecretTopicOutput) ToGetSecretsSecretTopicOutputWithContext(ctx context.Context) GetSecretsSecretTopicOutput

type LookupRegionalSecretArgs added in v8.3.0

type LookupRegionalSecretArgs struct {
	// The location of the regional secret. eg us-central1
	Location string `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	Project *string `pulumi:"project"`
	// The name of the regional secret.
	SecretId string `pulumi:"secretId"`
}

A collection of arguments for invoking getRegionalSecret.

type LookupRegionalSecretIamPolicyArgs added in v8.3.0

type LookupRegionalSecretIamPolicyArgs struct {
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location *string `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  *string `pulumi:"project"`
	SecretId string  `pulumi:"secretId"`
}

A collection of arguments for invoking getRegionalSecretIamPolicy.

type LookupRegionalSecretIamPolicyOutputArgs added in v8.3.0

type LookupRegionalSecretIamPolicyOutputArgs struct {
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput `pulumi:"project"`
	SecretId pulumi.StringInput    `pulumi:"secretId"`
}

A collection of arguments for invoking getRegionalSecretIamPolicy.

func (LookupRegionalSecretIamPolicyOutputArgs) ElementType added in v8.3.0

type LookupRegionalSecretIamPolicyResult added in v8.3.0

type LookupRegionalSecretIamPolicyResult struct {
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id       string `pulumi:"id"`
	Location string `pulumi:"location"`
	// (Required only by `secretmanager.RegionalSecretIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
	SecretId   string `pulumi:"secretId"`
}

A collection of values returned by getRegionalSecretIamPolicy.

func LookupRegionalSecretIamPolicy added in v8.3.0

Retrieves the current IAM policy data for regionalsecret

## example

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupRegionalSecretIamPolicy(ctx, &secretmanager.LookupRegionalSecretIamPolicyArgs{
			Project:  pulumi.StringRef(regional_secret_basic.Project),
			Location: pulumi.StringRef(regional_secret_basic.Location),
			SecretId: regional_secret_basic.SecretId,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRegionalSecretIamPolicyResultOutput added in v8.3.0

type LookupRegionalSecretIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRegionalSecretIamPolicy.

func (LookupRegionalSecretIamPolicyResultOutput) ElementType added in v8.3.0

func (LookupRegionalSecretIamPolicyResultOutput) Etag added in v8.3.0

(Computed) The etag of the IAM policy.

func (LookupRegionalSecretIamPolicyResultOutput) Id added in v8.3.0

The provider-assigned unique ID for this managed resource.

func (LookupRegionalSecretIamPolicyResultOutput) Location added in v8.3.0

func (LookupRegionalSecretIamPolicyResultOutput) PolicyData added in v8.3.0

(Required only by `secretmanager.RegionalSecretIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (LookupRegionalSecretIamPolicyResultOutput) Project added in v8.3.0

func (LookupRegionalSecretIamPolicyResultOutput) SecretId added in v8.3.0

func (LookupRegionalSecretIamPolicyResultOutput) ToLookupRegionalSecretIamPolicyResultOutput added in v8.3.0

func (o LookupRegionalSecretIamPolicyResultOutput) ToLookupRegionalSecretIamPolicyResultOutput() LookupRegionalSecretIamPolicyResultOutput

func (LookupRegionalSecretIamPolicyResultOutput) ToLookupRegionalSecretIamPolicyResultOutputWithContext added in v8.3.0

func (o LookupRegionalSecretIamPolicyResultOutput) ToLookupRegionalSecretIamPolicyResultOutputWithContext(ctx context.Context) LookupRegionalSecretIamPolicyResultOutput

type LookupRegionalSecretOutputArgs added in v8.3.0

type LookupRegionalSecretOutputArgs struct {
	// The location of the regional secret. eg us-central1
	Location pulumi.StringInput `pulumi:"location"`
	// The ID of the project in which the resource belongs.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The name of the regional secret.
	SecretId pulumi.StringInput `pulumi:"secretId"`
}

A collection of arguments for invoking getRegionalSecret.

func (LookupRegionalSecretOutputArgs) ElementType added in v8.3.0

type LookupRegionalSecretResult added in v8.3.0

type LookupRegionalSecretResult struct {
	Annotations                map[string]string                            `pulumi:"annotations"`
	CreateTime                 string                                       `pulumi:"createTime"`
	CustomerManagedEncryptions []GetRegionalSecretCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	EffectiveAnnotations       map[string]string                            `pulumi:"effectiveAnnotations"`
	EffectiveLabels            map[string]string                            `pulumi:"effectiveLabels"`
	ExpireTime                 string                                       `pulumi:"expireTime"`
	// The provider-assigned unique ID for this managed resource.
	Id                string                      `pulumi:"id"`
	Labels            map[string]string           `pulumi:"labels"`
	Location          string                      `pulumi:"location"`
	Name              string                      `pulumi:"name"`
	Project           *string                     `pulumi:"project"`
	PulumiLabels      map[string]string           `pulumi:"pulumiLabels"`
	Rotations         []GetRegionalSecretRotation `pulumi:"rotations"`
	SecretId          string                      `pulumi:"secretId"`
	Topics            []GetRegionalSecretTopic    `pulumi:"topics"`
	Ttl               string                      `pulumi:"ttl"`
	VersionAliases    map[string]string           `pulumi:"versionAliases"`
	VersionDestroyTtl string                      `pulumi:"versionDestroyTtl"`
}

A collection of values returned by getRegionalSecret.

func LookupRegionalSecret added in v8.3.0

func LookupRegionalSecret(ctx *pulumi.Context, args *LookupRegionalSecretArgs, opts ...pulumi.InvokeOption) (*LookupRegionalSecretResult, error)

Use this data source to get information about a Secret Manager Regional Secret

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupRegionalSecret(ctx, &secretmanager.LookupRegionalSecretArgs{
			SecretId: "secretname",
			Location: "us-central1",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRegionalSecretResultOutput added in v8.3.0

type LookupRegionalSecretResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRegionalSecret.

func LookupRegionalSecretOutput added in v8.3.0

func (LookupRegionalSecretResultOutput) Annotations added in v8.3.0

func (LookupRegionalSecretResultOutput) CreateTime added in v8.3.0

func (LookupRegionalSecretResultOutput) CustomerManagedEncryptions added in v8.3.0

func (LookupRegionalSecretResultOutput) EffectiveAnnotations added in v8.3.0

func (o LookupRegionalSecretResultOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (LookupRegionalSecretResultOutput) EffectiveLabels added in v8.3.0

func (LookupRegionalSecretResultOutput) ElementType added in v8.3.0

func (LookupRegionalSecretResultOutput) ExpireTime added in v8.3.0

func (LookupRegionalSecretResultOutput) Id added in v8.3.0

The provider-assigned unique ID for this managed resource.

func (LookupRegionalSecretResultOutput) Labels added in v8.3.0

func (LookupRegionalSecretResultOutput) Location added in v8.3.0

func (LookupRegionalSecretResultOutput) Name added in v8.3.0

func (LookupRegionalSecretResultOutput) Project added in v8.3.0

func (LookupRegionalSecretResultOutput) PulumiLabels added in v8.3.0

func (LookupRegionalSecretResultOutput) Rotations added in v8.3.0

func (LookupRegionalSecretResultOutput) SecretId added in v8.3.0

func (LookupRegionalSecretResultOutput) ToLookupRegionalSecretResultOutput added in v8.3.0

func (o LookupRegionalSecretResultOutput) ToLookupRegionalSecretResultOutput() LookupRegionalSecretResultOutput

func (LookupRegionalSecretResultOutput) ToLookupRegionalSecretResultOutputWithContext added in v8.3.0

func (o LookupRegionalSecretResultOutput) ToLookupRegionalSecretResultOutputWithContext(ctx context.Context) LookupRegionalSecretResultOutput

func (LookupRegionalSecretResultOutput) Topics added in v8.3.0

func (LookupRegionalSecretResultOutput) Ttl added in v8.3.0

func (LookupRegionalSecretResultOutput) VersionAliases added in v8.3.0

func (LookupRegionalSecretResultOutput) VersionDestroyTtl added in v8.3.0

type LookupRegionalSecretVersionArgs added in v8.3.0

type LookupRegionalSecretVersionArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 *bool `pulumi:"isSecretDataBase64"`
	// Location of Secret Manager regional secret resource.
	// It must be provided when the `secret` field provided consists of only the name of the regional secret.
	Location *string `pulumi:"location"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The regional secret to get the secret version for.
	// This can be either the reference of the regional secret as in `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}` or only the name of the regional secret as in `{{secret_id}}`. If only the name of the regional secret is provided, the location must also be provided.
	Secret string `pulumi:"secret"`
	// The version of the regional secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getRegionalSecretVersion.

type LookupRegionalSecretVersionOutputArgs added in v8.3.0

type LookupRegionalSecretVersionOutputArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 pulumi.BoolPtrInput `pulumi:"isSecretDataBase64"`
	// Location of Secret Manager regional secret resource.
	// It must be provided when the `secret` field provided consists of only the name of the regional secret.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The regional secret to get the secret version for.
	// This can be either the reference of the regional secret as in `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}` or only the name of the regional secret as in `{{secret_id}}`. If only the name of the regional secret is provided, the location must also be provided.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the regional secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getRegionalSecretVersion.

func (LookupRegionalSecretVersionOutputArgs) ElementType added in v8.3.0

type LookupRegionalSecretVersionResult added in v8.3.0

type LookupRegionalSecretVersionResult struct {
	// The time at which the regional secret was created.
	CreateTime string `pulumi:"createTime"`
	// The customer-managed encryption configuration of the regional secret. Structure is documented below.
	CustomerManagedEncryptions []GetRegionalSecretVersionCustomerManagedEncryption `pulumi:"customerManagedEncryptions"`
	// The time at which the regional secret was destroyed. Only present if state is DESTROYED.
	DestroyTime string `pulumi:"destroyTime"`
	// True if the current state of the regional SecretVersion is enabled.
	Enabled bool `pulumi:"enabled"`
	// The provider-assigned unique ID for this managed resource.
	Id                 string `pulumi:"id"`
	IsSecretDataBase64 *bool  `pulumi:"isSecretDataBase64"`
	Location           string `pulumi:"location"`
	// The resource name of the regional SecretVersion. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getRegionalSecretVersion.

func LookupRegionalSecretVersion added in v8.3.0

func LookupRegionalSecretVersion(ctx *pulumi.Context, args *LookupRegionalSecretVersionArgs, opts ...pulumi.InvokeOption) (*LookupRegionalSecretVersionResult, error)

Get the value and metadata from a Secret Manager regional secret version. For more information see the [official documentation](https://cloud.google.com/secret-manager/docs/regional-secrets-overview) and [API](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.locations.secrets.versions). If you don't need the metadata (i.e., if you want to use a more limited role to access the regional secret version only), see also the secretmanager.getRegionalSecretVersionAccess datasource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupRegionalSecretVersion(ctx, &secretmanager.LookupRegionalSecretVersionArgs{
			Secret:   "my-secret",
			Location: pulumi.StringRef("us-central1"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupRegionalSecretVersionResultOutput added in v8.3.0

type LookupRegionalSecretVersionResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getRegionalSecretVersion.

func (LookupRegionalSecretVersionResultOutput) CreateTime added in v8.3.0

The time at which the regional secret was created.

func (LookupRegionalSecretVersionResultOutput) CustomerManagedEncryptions added in v8.3.0

The customer-managed encryption configuration of the regional secret. Structure is documented below.

func (LookupRegionalSecretVersionResultOutput) DestroyTime added in v8.3.0

The time at which the regional secret was destroyed. Only present if state is DESTROYED.

func (LookupRegionalSecretVersionResultOutput) ElementType added in v8.3.0

func (LookupRegionalSecretVersionResultOutput) Enabled added in v8.3.0

True if the current state of the regional SecretVersion is enabled.

func (LookupRegionalSecretVersionResultOutput) Id added in v8.3.0

The provider-assigned unique ID for this managed resource.

func (LookupRegionalSecretVersionResultOutput) IsSecretDataBase64 added in v8.7.0

func (LookupRegionalSecretVersionResultOutput) Location added in v8.3.0

func (LookupRegionalSecretVersionResultOutput) Name added in v8.3.0

The resource name of the regional SecretVersion. Format: `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`

func (LookupRegionalSecretVersionResultOutput) Project added in v8.3.0

func (LookupRegionalSecretVersionResultOutput) Secret added in v8.3.0

func (LookupRegionalSecretVersionResultOutput) SecretData added in v8.3.0

The secret data. No larger than 64KiB.

func (LookupRegionalSecretVersionResultOutput) ToLookupRegionalSecretVersionResultOutput added in v8.3.0

func (o LookupRegionalSecretVersionResultOutput) ToLookupRegionalSecretVersionResultOutput() LookupRegionalSecretVersionResultOutput

func (LookupRegionalSecretVersionResultOutput) ToLookupRegionalSecretVersionResultOutputWithContext added in v8.3.0

func (o LookupRegionalSecretVersionResultOutput) ToLookupRegionalSecretVersionResultOutputWithContext(ctx context.Context) LookupRegionalSecretVersionResultOutput

func (LookupRegionalSecretVersionResultOutput) Version added in v8.3.0

type LookupSecretArgs

type LookupSecretArgs struct {
	// The ID of the project in which the resource belongs.
	Project *string `pulumi:"project"`
	// The name of the secret.
	SecretId string `pulumi:"secretId"`
}

A collection of arguments for invoking getSecret.

type LookupSecretIamPolicyArgs

type LookupSecretIamPolicyArgs struct {
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  *string `pulumi:"project"`
	SecretId string  `pulumi:"secretId"`
}

A collection of arguments for invoking getSecretIamPolicy.

type LookupSecretIamPolicyOutputArgs

type LookupSecretIamPolicyOutputArgs struct {
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput `pulumi:"project"`
	SecretId pulumi.StringInput    `pulumi:"secretId"`
}

A collection of arguments for invoking getSecretIamPolicy.

func (LookupSecretIamPolicyOutputArgs) ElementType

type LookupSecretIamPolicyResult

type LookupSecretIamPolicyResult struct {
	// (Computed) The etag of the IAM policy.
	Etag string `pulumi:"etag"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// (Required only by `secretmanager.SecretIamPolicy`) The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData string `pulumi:"policyData"`
	Project    string `pulumi:"project"`
	SecretId   string `pulumi:"secretId"`
}

A collection of values returned by getSecretIamPolicy.

func LookupSecretIamPolicy

func LookupSecretIamPolicy(ctx *pulumi.Context, args *LookupSecretIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupSecretIamPolicyResult, error)

Retrieves the current IAM policy data for secret

## example

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecretIamPolicy(ctx, &secretmanager.LookupSecretIamPolicyArgs{
			Project:  pulumi.StringRef(secret_basic.Project),
			SecretId: secret_basic.SecretId,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretIamPolicyResultOutput

type LookupSecretIamPolicyResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretIamPolicy.

func (LookupSecretIamPolicyResultOutput) ElementType

func (LookupSecretIamPolicyResultOutput) Etag

(Computed) The etag of the IAM policy.

func (LookupSecretIamPolicyResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSecretIamPolicyResultOutput) PolicyData

(Required only by `secretmanager.SecretIamPolicy`) The policy data generated by a `organizations.getIAMPolicy` data source.

func (LookupSecretIamPolicyResultOutput) Project

func (LookupSecretIamPolicyResultOutput) SecretId

func (LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutput

func (o LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutput() LookupSecretIamPolicyResultOutput

func (LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutputWithContext

func (o LookupSecretIamPolicyResultOutput) ToLookupSecretIamPolicyResultOutputWithContext(ctx context.Context) LookupSecretIamPolicyResultOutput

type LookupSecretOutputArgs

type LookupSecretOutputArgs struct {
	// The ID of the project in which the resource belongs.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The name of the secret.
	SecretId pulumi.StringInput `pulumi:"secretId"`
}

A collection of arguments for invoking getSecret.

func (LookupSecretOutputArgs) ElementType

func (LookupSecretOutputArgs) ElementType() reflect.Type

type LookupSecretResult

type LookupSecretResult struct {
	Annotations          map[string]string `pulumi:"annotations"`
	CreateTime           string            `pulumi:"createTime"`
	EffectiveAnnotations map[string]string `pulumi:"effectiveAnnotations"`
	EffectiveLabels      map[string]string `pulumi:"effectiveLabels"`
	ExpireTime           string            `pulumi:"expireTime"`
	// The provider-assigned unique ID for this managed resource.
	Id                string                 `pulumi:"id"`
	Labels            map[string]string      `pulumi:"labels"`
	Name              string                 `pulumi:"name"`
	Project           *string                `pulumi:"project"`
	PulumiLabels      map[string]string      `pulumi:"pulumiLabels"`
	Replications      []GetSecretReplication `pulumi:"replications"`
	Rotations         []GetSecretRotation    `pulumi:"rotations"`
	SecretId          string                 `pulumi:"secretId"`
	Topics            []GetSecretTopic       `pulumi:"topics"`
	Ttl               string                 `pulumi:"ttl"`
	VersionAliases    map[string]string      `pulumi:"versionAliases"`
	VersionDestroyTtl string                 `pulumi:"versionDestroyTtl"`
}

A collection of values returned by getSecret.

func LookupSecret

func LookupSecret(ctx *pulumi.Context, args *LookupSecretArgs, opts ...pulumi.InvokeOption) (*LookupSecretResult, error)

Use this data source to get information about a Secret Manager Secret

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecret(ctx, &secretmanager.LookupSecretArgs{
			SecretId: "foobar",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretResultOutput

type LookupSecretResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecret.

func (LookupSecretResultOutput) Annotations

func (LookupSecretResultOutput) CreateTime

func (LookupSecretResultOutput) EffectiveAnnotations

func (o LookupSecretResultOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (LookupSecretResultOutput) EffectiveLabels

func (o LookupSecretResultOutput) EffectiveLabels() pulumi.StringMapOutput

func (LookupSecretResultOutput) ElementType

func (LookupSecretResultOutput) ElementType() reflect.Type

func (LookupSecretResultOutput) ExpireTime

func (LookupSecretResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSecretResultOutput) Labels

func (LookupSecretResultOutput) Name

func (LookupSecretResultOutput) Project

func (LookupSecretResultOutput) PulumiLabels

func (LookupSecretResultOutput) Replications

func (LookupSecretResultOutput) Rotations

func (LookupSecretResultOutput) SecretId

func (LookupSecretResultOutput) ToLookupSecretResultOutput

func (o LookupSecretResultOutput) ToLookupSecretResultOutput() LookupSecretResultOutput

func (LookupSecretResultOutput) ToLookupSecretResultOutputWithContext

func (o LookupSecretResultOutput) ToLookupSecretResultOutputWithContext(ctx context.Context) LookupSecretResultOutput

func (LookupSecretResultOutput) Topics

func (LookupSecretResultOutput) Ttl

func (LookupSecretResultOutput) VersionAliases

func (o LookupSecretResultOutput) VersionAliases() pulumi.StringMapOutput

func (LookupSecretResultOutput) VersionDestroyTtl

func (o LookupSecretResultOutput) VersionDestroyTtl() pulumi.StringOutput

type LookupSecretVersionArgs

type LookupSecretVersionArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 *bool `pulumi:"isSecretDataBase64"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project *string `pulumi:"project"`
	// The secret to get the secret version for.
	Secret string `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version *string `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersion.

type LookupSecretVersionOutputArgs

type LookupSecretVersionOutputArgs struct {
	// If set to 'true', the secret data is
	// expected to be base64-encoded string.
	IsSecretDataBase64 pulumi.BoolPtrInput `pulumi:"isSecretDataBase64"`
	// The project to get the secret version for. If it
	// is not provided, the provider project is used.
	Project pulumi.StringPtrInput `pulumi:"project"`
	// The secret to get the secret version for.
	Secret pulumi.StringInput `pulumi:"secret"`
	// The version of the secret to get. If it
	// is not provided, the latest version is retrieved.
	Version pulumi.StringPtrInput `pulumi:"version"`
}

A collection of arguments for invoking getSecretVersion.

func (LookupSecretVersionOutputArgs) ElementType

type LookupSecretVersionResult

type LookupSecretVersionResult struct {
	// The time at which the Secret was created.
	CreateTime string `pulumi:"createTime"`
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime string `pulumi:"destroyTime"`
	// True if the current state of the SecretVersion is enabled.
	Enabled bool `pulumi:"enabled"`
	// The provider-assigned unique ID for this managed resource.
	Id                 string `pulumi:"id"`
	IsSecretDataBase64 *bool  `pulumi:"isSecretDataBase64"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name    string `pulumi:"name"`
	Project string `pulumi:"project"`
	Secret  string `pulumi:"secret"`
	// The secret data. No larger than 64KiB.
	SecretData string `pulumi:"secretData"`
	Version    string `pulumi:"version"`
}

A collection of values returned by getSecretVersion.

func LookupSecretVersion

func LookupSecretVersion(ctx *pulumi.Context, args *LookupSecretVersionArgs, opts ...pulumi.InvokeOption) (*LookupSecretVersionResult, error)

Get the value and metadata from a Secret Manager secret version. For more information see the [official documentation](https://cloud.google.com/secret-manager/docs/) and [API](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets.versions). If you don't need the metadata (i.e., if you want to use a more limited role to access the secret version only), see also the secretmanager.getSecretVersionAccess datasource.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.LookupSecretVersion(ctx, &secretmanager.LookupSecretVersionArgs{
			Secret: "my-secret",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type LookupSecretVersionResultOutput

type LookupSecretVersionResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretVersion.

func (LookupSecretVersionResultOutput) CreateTime

The time at which the Secret was created.

func (LookupSecretVersionResultOutput) DestroyTime

The time at which the Secret was destroyed. Only present if state is DESTROYED.

func (LookupSecretVersionResultOutput) ElementType

func (LookupSecretVersionResultOutput) Enabled

True if the current state of the SecretVersion is enabled.

func (LookupSecretVersionResultOutput) Id

The provider-assigned unique ID for this managed resource.

func (LookupSecretVersionResultOutput) IsSecretDataBase64 added in v8.7.0

func (o LookupSecretVersionResultOutput) IsSecretDataBase64() pulumi.BoolPtrOutput

func (LookupSecretVersionResultOutput) Name

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (LookupSecretVersionResultOutput) Project

func (LookupSecretVersionResultOutput) Secret

func (LookupSecretVersionResultOutput) SecretData

The secret data. No larger than 64KiB.

func (LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutput

func (o LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutput() LookupSecretVersionResultOutput

func (LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutputWithContext

func (o LookupSecretVersionResultOutput) ToLookupSecretVersionResultOutputWithContext(ctx context.Context) LookupSecretVersionResultOutput

func (LookupSecretVersionResultOutput) Version

type RegionalSecret added in v8.3.0

type RegionalSecret struct {
	pulumi.CustomResourceState

	// Custom metadata about the regional secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration.
	// Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource.
	Annotations pulumi.StringMapOutput `pulumi:"annotations"`
	// The time at which the regional secret was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The customer-managed encryption configuration of the regional secret.
	// Structure is documented below.
	CustomerManagedEncryption RegionalSecretCustomerManagedEncryptionPtrOutput `pulumi:"customerManagedEncryption"`
	EffectiveAnnotations      pulumi.StringMapOutput                           `pulumi:"effectiveAnnotations"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the regional secret is scheduled to expire. This is always provided on
	// output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with
	// nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and
	// "2014-10-02T15:01:23.045123456Z". Only one of `expireTime` or `ttl` can be provided.
	ExpireTime pulumi.StringOutput `pulumi:"expireTime"`
	// The labels assigned to this regional secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The location of the regional secret. eg us-central1
	Location pulumi.StringOutput `pulumi:"location"`
	// The resource name of the regional secret. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}`
	Name pulumi.StringOutput `pulumi:"name"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// The rotation time and period for a regional secret. At `nextRotationTime`, Secret Manager
	// will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be
	// set to configure rotation.
	// Structure is documented below.
	Rotation RegionalSecretRotationPtrOutput `pulumi:"rotation"`
	// This must be unique within the project.
	//
	// ***
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane
	// operations are called on the regional secret or its versions.
	// Structure is documented below.
	Topics RegionalSecretTopicArrayOutput `pulumi:"topics"`
	// The TTL for the regional secret. A duration in seconds with up to nine fractional digits,
	// terminated by 's'. Example: "3.5s". Only one of `ttl` or `expireTime` can be provided.
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapOutput `pulumi:"versionAliases"`
	// Secret Version TTL after destruction request.
	// This is a part of the delayed delete feature on Secret Version.
	// For secret with versionDestroyTtl>0, version destruction doesn't happen immediately
	// on calling destroy instead the version goes to a disabled state and
	// the actual destruction happens after this TTL expires. It must be atleast 24h.
	VersionDestroyTtl pulumi.StringPtrOutput `pulumi:"versionDestroyTtl"`
}

A Regional Secret is a logical secret whose value and versions can be created and accessed within a region only.

To get more information about RegionalSecret, see:

* [API documentation](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.locations.secrets)

## Example Usage

### Regional Secret Config Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "regional-secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("value1"),
				"key2": pulumi.String("value2"),
				"key3": pulumi.String("value3"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret With Cmek

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		_, err = kms.NewCryptoKeyIAMMember(ctx, "kms-secret-binding", &kms.CryptoKeyIAMMemberArgs{
			CryptoKeyId: pulumi.String("kms-key"),
			Role:        pulumi.String("roles/cloudkms.cryptoKeyEncrypterDecrypter"),
			Member:      pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-secretmanager.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecret(ctx, "regional-secret-with-cmek", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			CustomerManagedEncryption: &secretmanager.RegionalSecretCustomerManagedEncryptionArgs{
				KmsKeyName: pulumi.String("kms-key"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			kms_secret_binding,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret With Rotation

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/pubsub"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		topic, err := pubsub.NewTopic(ctx, "topic", &pubsub.TopicArgs{
			Name: pulumi.String("tf-topic"),
		})
		if err != nil {
			return err
		}
		secretsManagerAccess, err := pubsub.NewTopicIAMMember(ctx, "secrets_manager_access", &pubsub.TopicIAMMemberArgs{
			Topic:  topic.Name,
			Role:   pulumi.String("roles/pubsub.publisher"),
			Member: pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-secretmanager.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecret(ctx, "regional-secret-with-rotation", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			Topics: secretmanager.RegionalSecretTopicArray{
				&secretmanager.RegionalSecretTopicArgs{
					Name: topic.ID(),
				},
			},
			Rotation: &secretmanager.RegionalSecretRotationArgs{
				RotationPeriod:   pulumi.String("3600s"),
				NextRotationTime: pulumi.String("2045-11-30T00:00:00Z"),
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			secretsManagerAccess,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret With Ttl

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "regional-secret-with-ttl", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("value1"),
				"key2": pulumi.String("value2"),
				"key3": pulumi.String("value3"),
			},
			Ttl: pulumi.String("36000s"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret With Expire Time

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "regional-secret-with-expire-time", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("value1"),
				"key2": pulumi.String("value2"),
				"key3": pulumi.String("value3"),
			},
			ExpireTime: pulumi.String("2055-11-30T00:00:00Z"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret With Version Destroy Ttl

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "regional-secret-with-version-destroy-ttl", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("tf-reg-secret"),
			Location: pulumi.String("us-central1"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("value1"),
				"key2": pulumi.String("value2"),
				"key3": pulumi.String("value3"),
			},
			VersionDestroyTtl: pulumi.String("86400s"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

RegionalSecret can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}`

* `{{project}}/{{location}}/{{secret_id}}`

* `{{location}}/{{secret_id}}`

When using the `pulumi import` command, RegionalSecret can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:secretmanager/regionalSecret:RegionalSecret default projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} ```

```sh $ pulumi import gcp:secretmanager/regionalSecret:RegionalSecret default {{project}}/{{location}}/{{secret_id}} ```

```sh $ pulumi import gcp:secretmanager/regionalSecret:RegionalSecret default {{location}}/{{secret_id}} ```

func GetRegionalSecret added in v8.3.0

func GetRegionalSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RegionalSecretState, opts ...pulumi.ResourceOption) (*RegionalSecret, error)

GetRegionalSecret gets an existing RegionalSecret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRegionalSecret added in v8.3.0

func NewRegionalSecret(ctx *pulumi.Context,
	name string, args *RegionalSecretArgs, opts ...pulumi.ResourceOption) (*RegionalSecret, error)

NewRegionalSecret registers a new resource with the given unique name, arguments, and options.

func (*RegionalSecret) ElementType added in v8.3.0

func (*RegionalSecret) ElementType() reflect.Type

func (*RegionalSecret) ToRegionalSecretOutput added in v8.3.0

func (i *RegionalSecret) ToRegionalSecretOutput() RegionalSecretOutput

func (*RegionalSecret) ToRegionalSecretOutputWithContext added in v8.3.0

func (i *RegionalSecret) ToRegionalSecretOutputWithContext(ctx context.Context) RegionalSecretOutput

type RegionalSecretArgs added in v8.3.0

type RegionalSecretArgs struct {
	// Custom metadata about the regional secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration.
	// Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource.
	Annotations pulumi.StringMapInput
	// The customer-managed encryption configuration of the regional secret.
	// Structure is documented below.
	CustomerManagedEncryption RegionalSecretCustomerManagedEncryptionPtrInput
	// Timestamp in UTC when the regional secret is scheduled to expire. This is always provided on
	// output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with
	// nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and
	// "2014-10-02T15:01:23.045123456Z". Only one of `expireTime` or `ttl` can be provided.
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this regional secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the regional secret. eg us-central1
	Location pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The rotation time and period for a regional secret. At `nextRotationTime`, Secret Manager
	// will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be
	// set to configure rotation.
	// Structure is documented below.
	Rotation RegionalSecretRotationPtrInput
	// This must be unique within the project.
	//
	// ***
	SecretId pulumi.StringInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane
	// operations are called on the regional secret or its versions.
	// Structure is documented below.
	Topics RegionalSecretTopicArrayInput
	// The TTL for the regional secret. A duration in seconds with up to nine fractional digits,
	// terminated by 's'. Example: "3.5s". Only one of `ttl` or `expireTime` can be provided.
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
	// Secret Version TTL after destruction request.
	// This is a part of the delayed delete feature on Secret Version.
	// For secret with versionDestroyTtl>0, version destruction doesn't happen immediately
	// on calling destroy instead the version goes to a disabled state and
	// the actual destruction happens after this TTL expires. It must be atleast 24h.
	VersionDestroyTtl pulumi.StringPtrInput
}

The set of arguments for constructing a RegionalSecret resource.

func (RegionalSecretArgs) ElementType added in v8.3.0

func (RegionalSecretArgs) ElementType() reflect.Type

type RegionalSecretArray added in v8.3.0

type RegionalSecretArray []RegionalSecretInput

func (RegionalSecretArray) ElementType added in v8.3.0

func (RegionalSecretArray) ElementType() reflect.Type

func (RegionalSecretArray) ToRegionalSecretArrayOutput added in v8.3.0

func (i RegionalSecretArray) ToRegionalSecretArrayOutput() RegionalSecretArrayOutput

func (RegionalSecretArray) ToRegionalSecretArrayOutputWithContext added in v8.3.0

func (i RegionalSecretArray) ToRegionalSecretArrayOutputWithContext(ctx context.Context) RegionalSecretArrayOutput

type RegionalSecretArrayInput added in v8.3.0

type RegionalSecretArrayInput interface {
	pulumi.Input

	ToRegionalSecretArrayOutput() RegionalSecretArrayOutput
	ToRegionalSecretArrayOutputWithContext(context.Context) RegionalSecretArrayOutput
}

RegionalSecretArrayInput is an input type that accepts RegionalSecretArray and RegionalSecretArrayOutput values. You can construct a concrete instance of `RegionalSecretArrayInput` via:

RegionalSecretArray{ RegionalSecretArgs{...} }

type RegionalSecretArrayOutput added in v8.3.0

type RegionalSecretArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretArrayOutput) ElementType added in v8.3.0

func (RegionalSecretArrayOutput) ElementType() reflect.Type

func (RegionalSecretArrayOutput) Index added in v8.3.0

func (RegionalSecretArrayOutput) ToRegionalSecretArrayOutput added in v8.3.0

func (o RegionalSecretArrayOutput) ToRegionalSecretArrayOutput() RegionalSecretArrayOutput

func (RegionalSecretArrayOutput) ToRegionalSecretArrayOutputWithContext added in v8.3.0

func (o RegionalSecretArrayOutput) ToRegionalSecretArrayOutputWithContext(ctx context.Context) RegionalSecretArrayOutput

type RegionalSecretCustomerManagedEncryption added in v8.3.0

type RegionalSecretCustomerManagedEncryption struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type RegionalSecretCustomerManagedEncryptionArgs added in v8.3.0

type RegionalSecretCustomerManagedEncryptionArgs struct {
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (RegionalSecretCustomerManagedEncryptionArgs) ElementType added in v8.3.0

func (RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

func (i RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionOutput() RegionalSecretCustomerManagedEncryptionOutput

func (RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (i RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) RegionalSecretCustomerManagedEncryptionOutput

func (RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionPtrOutput added in v8.3.0

func (i RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionPtrOutput() RegionalSecretCustomerManagedEncryptionPtrOutput

func (RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext added in v8.3.0

func (i RegionalSecretCustomerManagedEncryptionArgs) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) RegionalSecretCustomerManagedEncryptionPtrOutput

type RegionalSecretCustomerManagedEncryptionInput added in v8.3.0

type RegionalSecretCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToRegionalSecretCustomerManagedEncryptionOutput() RegionalSecretCustomerManagedEncryptionOutput
	ToRegionalSecretCustomerManagedEncryptionOutputWithContext(context.Context) RegionalSecretCustomerManagedEncryptionOutput
}

RegionalSecretCustomerManagedEncryptionInput is an input type that accepts RegionalSecretCustomerManagedEncryptionArgs and RegionalSecretCustomerManagedEncryptionOutput values. You can construct a concrete instance of `RegionalSecretCustomerManagedEncryptionInput` via:

RegionalSecretCustomerManagedEncryptionArgs{...}

type RegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

type RegionalSecretCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (RegionalSecretCustomerManagedEncryptionOutput) ElementType added in v8.3.0

func (RegionalSecretCustomerManagedEncryptionOutput) KmsKeyName added in v8.3.0

The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionOutput added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionOutput() RegionalSecretCustomerManagedEncryptionOutput

func (RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionOutputWithContext(ctx context.Context) RegionalSecretCustomerManagedEncryptionOutput

func (RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutput added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutput() RegionalSecretCustomerManagedEncryptionPtrOutput

func (RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) RegionalSecretCustomerManagedEncryptionPtrOutput

type RegionalSecretCustomerManagedEncryptionPtrInput added in v8.3.0

type RegionalSecretCustomerManagedEncryptionPtrInput interface {
	pulumi.Input

	ToRegionalSecretCustomerManagedEncryptionPtrOutput() RegionalSecretCustomerManagedEncryptionPtrOutput
	ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext(context.Context) RegionalSecretCustomerManagedEncryptionPtrOutput
}

RegionalSecretCustomerManagedEncryptionPtrInput is an input type that accepts RegionalSecretCustomerManagedEncryptionArgs, RegionalSecretCustomerManagedEncryptionPtr and RegionalSecretCustomerManagedEncryptionPtrOutput values. You can construct a concrete instance of `RegionalSecretCustomerManagedEncryptionPtrInput` via:

        RegionalSecretCustomerManagedEncryptionArgs{...}

or:

        nil

type RegionalSecretCustomerManagedEncryptionPtrOutput added in v8.3.0

type RegionalSecretCustomerManagedEncryptionPtrOutput struct{ *pulumi.OutputState }

func (RegionalSecretCustomerManagedEncryptionPtrOutput) Elem added in v8.3.0

func (RegionalSecretCustomerManagedEncryptionPtrOutput) ElementType added in v8.3.0

func (RegionalSecretCustomerManagedEncryptionPtrOutput) KmsKeyName added in v8.3.0

The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (RegionalSecretCustomerManagedEncryptionPtrOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutput added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionPtrOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutput() RegionalSecretCustomerManagedEncryptionPtrOutput

func (RegionalSecretCustomerManagedEncryptionPtrOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretCustomerManagedEncryptionPtrOutput) ToRegionalSecretCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) RegionalSecretCustomerManagedEncryptionPtrOutput

type RegionalSecretIamBinding added in v8.3.0

type RegionalSecretIamBinding struct {
	pulumi.CustomResourceState

	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager RegionalSecret Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}

* {{project}}/{{location}}/{{secret_id}}

* {{location}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager regionalsecret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamBinding:RegionalSecretIamBinding editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamBinding:RegionalSecretIamBinding editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamBinding:RegionalSecretIamBinding editor projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetRegionalSecretIamBinding added in v8.3.0

func GetRegionalSecretIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RegionalSecretIamBindingState, opts ...pulumi.ResourceOption) (*RegionalSecretIamBinding, error)

GetRegionalSecretIamBinding gets an existing RegionalSecretIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRegionalSecretIamBinding added in v8.3.0

func NewRegionalSecretIamBinding(ctx *pulumi.Context,
	name string, args *RegionalSecretIamBindingArgs, opts ...pulumi.ResourceOption) (*RegionalSecretIamBinding, error)

NewRegionalSecretIamBinding registers a new resource with the given unique name, arguments, and options.

func (*RegionalSecretIamBinding) ElementType added in v8.3.0

func (*RegionalSecretIamBinding) ElementType() reflect.Type

func (*RegionalSecretIamBinding) ToRegionalSecretIamBindingOutput added in v8.3.0

func (i *RegionalSecretIamBinding) ToRegionalSecretIamBindingOutput() RegionalSecretIamBindingOutput

func (*RegionalSecretIamBinding) ToRegionalSecretIamBindingOutputWithContext added in v8.3.0

func (i *RegionalSecretIamBinding) ToRegionalSecretIamBindingOutputWithContext(ctx context.Context) RegionalSecretIamBindingOutput

type RegionalSecretIamBindingArgs added in v8.3.0

type RegionalSecretIamBindingArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamBindingConditionPtrInput
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a RegionalSecretIamBinding resource.

func (RegionalSecretIamBindingArgs) ElementType added in v8.3.0

type RegionalSecretIamBindingArray added in v8.3.0

type RegionalSecretIamBindingArray []RegionalSecretIamBindingInput

func (RegionalSecretIamBindingArray) ElementType added in v8.3.0

func (RegionalSecretIamBindingArray) ToRegionalSecretIamBindingArrayOutput added in v8.3.0

func (i RegionalSecretIamBindingArray) ToRegionalSecretIamBindingArrayOutput() RegionalSecretIamBindingArrayOutput

func (RegionalSecretIamBindingArray) ToRegionalSecretIamBindingArrayOutputWithContext added in v8.3.0

func (i RegionalSecretIamBindingArray) ToRegionalSecretIamBindingArrayOutputWithContext(ctx context.Context) RegionalSecretIamBindingArrayOutput

type RegionalSecretIamBindingArrayInput added in v8.3.0

type RegionalSecretIamBindingArrayInput interface {
	pulumi.Input

	ToRegionalSecretIamBindingArrayOutput() RegionalSecretIamBindingArrayOutput
	ToRegionalSecretIamBindingArrayOutputWithContext(context.Context) RegionalSecretIamBindingArrayOutput
}

RegionalSecretIamBindingArrayInput is an input type that accepts RegionalSecretIamBindingArray and RegionalSecretIamBindingArrayOutput values. You can construct a concrete instance of `RegionalSecretIamBindingArrayInput` via:

RegionalSecretIamBindingArray{ RegionalSecretIamBindingArgs{...} }

type RegionalSecretIamBindingArrayOutput added in v8.3.0

type RegionalSecretIamBindingArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamBindingArrayOutput) ElementType added in v8.3.0

func (RegionalSecretIamBindingArrayOutput) Index added in v8.3.0

func (RegionalSecretIamBindingArrayOutput) ToRegionalSecretIamBindingArrayOutput added in v8.3.0

func (o RegionalSecretIamBindingArrayOutput) ToRegionalSecretIamBindingArrayOutput() RegionalSecretIamBindingArrayOutput

func (RegionalSecretIamBindingArrayOutput) ToRegionalSecretIamBindingArrayOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingArrayOutput) ToRegionalSecretIamBindingArrayOutputWithContext(ctx context.Context) RegionalSecretIamBindingArrayOutput

type RegionalSecretIamBindingCondition added in v8.3.0

type RegionalSecretIamBindingCondition struct {
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type RegionalSecretIamBindingConditionArgs added in v8.3.0

type RegionalSecretIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (RegionalSecretIamBindingConditionArgs) ElementType added in v8.3.0

func (RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionOutput added in v8.3.0

func (i RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionOutput() RegionalSecretIamBindingConditionOutput

func (RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionOutputWithContext added in v8.3.0

func (i RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionOutputWithContext(ctx context.Context) RegionalSecretIamBindingConditionOutput

func (RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionPtrOutput added in v8.3.0

func (i RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionPtrOutput() RegionalSecretIamBindingConditionPtrOutput

func (RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionPtrOutputWithContext added in v8.3.0

func (i RegionalSecretIamBindingConditionArgs) ToRegionalSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamBindingConditionPtrOutput

type RegionalSecretIamBindingConditionInput added in v8.3.0

type RegionalSecretIamBindingConditionInput interface {
	pulumi.Input

	ToRegionalSecretIamBindingConditionOutput() RegionalSecretIamBindingConditionOutput
	ToRegionalSecretIamBindingConditionOutputWithContext(context.Context) RegionalSecretIamBindingConditionOutput
}

RegionalSecretIamBindingConditionInput is an input type that accepts RegionalSecretIamBindingConditionArgs and RegionalSecretIamBindingConditionOutput values. You can construct a concrete instance of `RegionalSecretIamBindingConditionInput` via:

RegionalSecretIamBindingConditionArgs{...}

type RegionalSecretIamBindingConditionOutput added in v8.3.0

type RegionalSecretIamBindingConditionOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamBindingConditionOutput) Description added in v8.3.0

func (RegionalSecretIamBindingConditionOutput) ElementType added in v8.3.0

func (RegionalSecretIamBindingConditionOutput) Expression added in v8.3.0

Textual representation of an expression in Common Expression Language syntax.

func (RegionalSecretIamBindingConditionOutput) Title added in v8.3.0

A title for the expression, i.e. a short string describing its purpose.

func (RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionOutput added in v8.3.0

func (o RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionOutput() RegionalSecretIamBindingConditionOutput

func (RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionOutputWithContext(ctx context.Context) RegionalSecretIamBindingConditionOutput

func (RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionPtrOutput added in v8.3.0

func (o RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionPtrOutput() RegionalSecretIamBindingConditionPtrOutput

func (RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingConditionOutput) ToRegionalSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamBindingConditionPtrOutput

type RegionalSecretIamBindingConditionPtrInput added in v8.3.0

type RegionalSecretIamBindingConditionPtrInput interface {
	pulumi.Input

	ToRegionalSecretIamBindingConditionPtrOutput() RegionalSecretIamBindingConditionPtrOutput
	ToRegionalSecretIamBindingConditionPtrOutputWithContext(context.Context) RegionalSecretIamBindingConditionPtrOutput
}

RegionalSecretIamBindingConditionPtrInput is an input type that accepts RegionalSecretIamBindingConditionArgs, RegionalSecretIamBindingConditionPtr and RegionalSecretIamBindingConditionPtrOutput values. You can construct a concrete instance of `RegionalSecretIamBindingConditionPtrInput` via:

        RegionalSecretIamBindingConditionArgs{...}

or:

        nil

type RegionalSecretIamBindingConditionPtrOutput added in v8.3.0

type RegionalSecretIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamBindingConditionPtrOutput) Description added in v8.3.0

func (RegionalSecretIamBindingConditionPtrOutput) Elem added in v8.3.0

func (RegionalSecretIamBindingConditionPtrOutput) ElementType added in v8.3.0

func (RegionalSecretIamBindingConditionPtrOutput) Expression added in v8.3.0

Textual representation of an expression in Common Expression Language syntax.

func (RegionalSecretIamBindingConditionPtrOutput) Title added in v8.3.0

A title for the expression, i.e. a short string describing its purpose.

func (RegionalSecretIamBindingConditionPtrOutput) ToRegionalSecretIamBindingConditionPtrOutput added in v8.3.0

func (o RegionalSecretIamBindingConditionPtrOutput) ToRegionalSecretIamBindingConditionPtrOutput() RegionalSecretIamBindingConditionPtrOutput

func (RegionalSecretIamBindingConditionPtrOutput) ToRegionalSecretIamBindingConditionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingConditionPtrOutput) ToRegionalSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamBindingConditionPtrOutput

type RegionalSecretIamBindingInput added in v8.3.0

type RegionalSecretIamBindingInput interface {
	pulumi.Input

	ToRegionalSecretIamBindingOutput() RegionalSecretIamBindingOutput
	ToRegionalSecretIamBindingOutputWithContext(ctx context.Context) RegionalSecretIamBindingOutput
}

type RegionalSecretIamBindingMap added in v8.3.0

type RegionalSecretIamBindingMap map[string]RegionalSecretIamBindingInput

func (RegionalSecretIamBindingMap) ElementType added in v8.3.0

func (RegionalSecretIamBindingMap) ToRegionalSecretIamBindingMapOutput added in v8.3.0

func (i RegionalSecretIamBindingMap) ToRegionalSecretIamBindingMapOutput() RegionalSecretIamBindingMapOutput

func (RegionalSecretIamBindingMap) ToRegionalSecretIamBindingMapOutputWithContext added in v8.3.0

func (i RegionalSecretIamBindingMap) ToRegionalSecretIamBindingMapOutputWithContext(ctx context.Context) RegionalSecretIamBindingMapOutput

type RegionalSecretIamBindingMapInput added in v8.3.0

type RegionalSecretIamBindingMapInput interface {
	pulumi.Input

	ToRegionalSecretIamBindingMapOutput() RegionalSecretIamBindingMapOutput
	ToRegionalSecretIamBindingMapOutputWithContext(context.Context) RegionalSecretIamBindingMapOutput
}

RegionalSecretIamBindingMapInput is an input type that accepts RegionalSecretIamBindingMap and RegionalSecretIamBindingMapOutput values. You can construct a concrete instance of `RegionalSecretIamBindingMapInput` via:

RegionalSecretIamBindingMap{ "key": RegionalSecretIamBindingArgs{...} }

type RegionalSecretIamBindingMapOutput added in v8.3.0

type RegionalSecretIamBindingMapOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamBindingMapOutput) ElementType added in v8.3.0

func (RegionalSecretIamBindingMapOutput) MapIndex added in v8.3.0

func (RegionalSecretIamBindingMapOutput) ToRegionalSecretIamBindingMapOutput added in v8.3.0

func (o RegionalSecretIamBindingMapOutput) ToRegionalSecretIamBindingMapOutput() RegionalSecretIamBindingMapOutput

func (RegionalSecretIamBindingMapOutput) ToRegionalSecretIamBindingMapOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingMapOutput) ToRegionalSecretIamBindingMapOutputWithContext(ctx context.Context) RegionalSecretIamBindingMapOutput

type RegionalSecretIamBindingOutput added in v8.3.0

type RegionalSecretIamBindingOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamBindingOutput) Condition added in v8.3.0

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (RegionalSecretIamBindingOutput) ElementType added in v8.3.0

func (RegionalSecretIamBindingOutput) Etag added in v8.3.0

(Computed) The etag of the IAM policy.

func (RegionalSecretIamBindingOutput) Location added in v8.3.0

The location of the regional secret. eg us-central1 Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (RegionalSecretIamBindingOutput) Members added in v8.3.0

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (RegionalSecretIamBindingOutput) Project added in v8.3.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (RegionalSecretIamBindingOutput) Role added in v8.3.0

The role that should be applied. Only one `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (RegionalSecretIamBindingOutput) SecretId added in v8.3.0

func (RegionalSecretIamBindingOutput) ToRegionalSecretIamBindingOutput added in v8.3.0

func (o RegionalSecretIamBindingOutput) ToRegionalSecretIamBindingOutput() RegionalSecretIamBindingOutput

func (RegionalSecretIamBindingOutput) ToRegionalSecretIamBindingOutputWithContext added in v8.3.0

func (o RegionalSecretIamBindingOutput) ToRegionalSecretIamBindingOutputWithContext(ctx context.Context) RegionalSecretIamBindingOutput

type RegionalSecretIamBindingState added in v8.3.0

type RegionalSecretIamBindingState struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamBindingConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (RegionalSecretIamBindingState) ElementType added in v8.3.0

type RegionalSecretIamMember added in v8.3.0

type RegionalSecretIamMember struct {
	pulumi.CustomResourceState

	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager RegionalSecret Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}

* {{project}}/{{location}}/{{secret_id}}

* {{location}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager regionalsecret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamMember:RegionalSecretIamMember editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamMember:RegionalSecretIamMember editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamMember:RegionalSecretIamMember editor projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetRegionalSecretIamMember added in v8.3.0

func GetRegionalSecretIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RegionalSecretIamMemberState, opts ...pulumi.ResourceOption) (*RegionalSecretIamMember, error)

GetRegionalSecretIamMember gets an existing RegionalSecretIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRegionalSecretIamMember added in v8.3.0

func NewRegionalSecretIamMember(ctx *pulumi.Context,
	name string, args *RegionalSecretIamMemberArgs, opts ...pulumi.ResourceOption) (*RegionalSecretIamMember, error)

NewRegionalSecretIamMember registers a new resource with the given unique name, arguments, and options.

func (*RegionalSecretIamMember) ElementType added in v8.3.0

func (*RegionalSecretIamMember) ElementType() reflect.Type

func (*RegionalSecretIamMember) ToRegionalSecretIamMemberOutput added in v8.3.0

func (i *RegionalSecretIamMember) ToRegionalSecretIamMemberOutput() RegionalSecretIamMemberOutput

func (*RegionalSecretIamMember) ToRegionalSecretIamMemberOutputWithContext added in v8.3.0

func (i *RegionalSecretIamMember) ToRegionalSecretIamMemberOutputWithContext(ctx context.Context) RegionalSecretIamMemberOutput

type RegionalSecretIamMemberArgs added in v8.3.0

type RegionalSecretIamMemberArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamMemberConditionPtrInput
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a RegionalSecretIamMember resource.

func (RegionalSecretIamMemberArgs) ElementType added in v8.3.0

type RegionalSecretIamMemberArray added in v8.3.0

type RegionalSecretIamMemberArray []RegionalSecretIamMemberInput

func (RegionalSecretIamMemberArray) ElementType added in v8.3.0

func (RegionalSecretIamMemberArray) ToRegionalSecretIamMemberArrayOutput added in v8.3.0

func (i RegionalSecretIamMemberArray) ToRegionalSecretIamMemberArrayOutput() RegionalSecretIamMemberArrayOutput

func (RegionalSecretIamMemberArray) ToRegionalSecretIamMemberArrayOutputWithContext added in v8.3.0

func (i RegionalSecretIamMemberArray) ToRegionalSecretIamMemberArrayOutputWithContext(ctx context.Context) RegionalSecretIamMemberArrayOutput

type RegionalSecretIamMemberArrayInput added in v8.3.0

type RegionalSecretIamMemberArrayInput interface {
	pulumi.Input

	ToRegionalSecretIamMemberArrayOutput() RegionalSecretIamMemberArrayOutput
	ToRegionalSecretIamMemberArrayOutputWithContext(context.Context) RegionalSecretIamMemberArrayOutput
}

RegionalSecretIamMemberArrayInput is an input type that accepts RegionalSecretIamMemberArray and RegionalSecretIamMemberArrayOutput values. You can construct a concrete instance of `RegionalSecretIamMemberArrayInput` via:

RegionalSecretIamMemberArray{ RegionalSecretIamMemberArgs{...} }

type RegionalSecretIamMemberArrayOutput added in v8.3.0

type RegionalSecretIamMemberArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamMemberArrayOutput) ElementType added in v8.3.0

func (RegionalSecretIamMemberArrayOutput) Index added in v8.3.0

func (RegionalSecretIamMemberArrayOutput) ToRegionalSecretIamMemberArrayOutput added in v8.3.0

func (o RegionalSecretIamMemberArrayOutput) ToRegionalSecretIamMemberArrayOutput() RegionalSecretIamMemberArrayOutput

func (RegionalSecretIamMemberArrayOutput) ToRegionalSecretIamMemberArrayOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberArrayOutput) ToRegionalSecretIamMemberArrayOutputWithContext(ctx context.Context) RegionalSecretIamMemberArrayOutput

type RegionalSecretIamMemberCondition added in v8.3.0

type RegionalSecretIamMemberCondition struct {
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type RegionalSecretIamMemberConditionArgs added in v8.3.0

type RegionalSecretIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (RegionalSecretIamMemberConditionArgs) ElementType added in v8.3.0

func (RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionOutput added in v8.3.0

func (i RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionOutput() RegionalSecretIamMemberConditionOutput

func (RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionOutputWithContext added in v8.3.0

func (i RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionOutputWithContext(ctx context.Context) RegionalSecretIamMemberConditionOutput

func (RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionPtrOutput added in v8.3.0

func (i RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionPtrOutput() RegionalSecretIamMemberConditionPtrOutput

func (RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionPtrOutputWithContext added in v8.3.0

func (i RegionalSecretIamMemberConditionArgs) ToRegionalSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamMemberConditionPtrOutput

type RegionalSecretIamMemberConditionInput added in v8.3.0

type RegionalSecretIamMemberConditionInput interface {
	pulumi.Input

	ToRegionalSecretIamMemberConditionOutput() RegionalSecretIamMemberConditionOutput
	ToRegionalSecretIamMemberConditionOutputWithContext(context.Context) RegionalSecretIamMemberConditionOutput
}

RegionalSecretIamMemberConditionInput is an input type that accepts RegionalSecretIamMemberConditionArgs and RegionalSecretIamMemberConditionOutput values. You can construct a concrete instance of `RegionalSecretIamMemberConditionInput` via:

RegionalSecretIamMemberConditionArgs{...}

type RegionalSecretIamMemberConditionOutput added in v8.3.0

type RegionalSecretIamMemberConditionOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamMemberConditionOutput) Description added in v8.3.0

func (RegionalSecretIamMemberConditionOutput) ElementType added in v8.3.0

func (RegionalSecretIamMemberConditionOutput) Expression added in v8.3.0

Textual representation of an expression in Common Expression Language syntax.

func (RegionalSecretIamMemberConditionOutput) Title added in v8.3.0

A title for the expression, i.e. a short string describing its purpose.

func (RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionOutput added in v8.3.0

func (o RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionOutput() RegionalSecretIamMemberConditionOutput

func (RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionOutputWithContext(ctx context.Context) RegionalSecretIamMemberConditionOutput

func (RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionPtrOutput added in v8.3.0

func (o RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionPtrOutput() RegionalSecretIamMemberConditionPtrOutput

func (RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberConditionOutput) ToRegionalSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamMemberConditionPtrOutput

type RegionalSecretIamMemberConditionPtrInput added in v8.3.0

type RegionalSecretIamMemberConditionPtrInput interface {
	pulumi.Input

	ToRegionalSecretIamMemberConditionPtrOutput() RegionalSecretIamMemberConditionPtrOutput
	ToRegionalSecretIamMemberConditionPtrOutputWithContext(context.Context) RegionalSecretIamMemberConditionPtrOutput
}

RegionalSecretIamMemberConditionPtrInput is an input type that accepts RegionalSecretIamMemberConditionArgs, RegionalSecretIamMemberConditionPtr and RegionalSecretIamMemberConditionPtrOutput values. You can construct a concrete instance of `RegionalSecretIamMemberConditionPtrInput` via:

        RegionalSecretIamMemberConditionArgs{...}

or:

        nil

type RegionalSecretIamMemberConditionPtrOutput added in v8.3.0

type RegionalSecretIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamMemberConditionPtrOutput) Description added in v8.3.0

func (RegionalSecretIamMemberConditionPtrOutput) Elem added in v8.3.0

func (RegionalSecretIamMemberConditionPtrOutput) ElementType added in v8.3.0

func (RegionalSecretIamMemberConditionPtrOutput) Expression added in v8.3.0

Textual representation of an expression in Common Expression Language syntax.

func (RegionalSecretIamMemberConditionPtrOutput) Title added in v8.3.0

A title for the expression, i.e. a short string describing its purpose.

func (RegionalSecretIamMemberConditionPtrOutput) ToRegionalSecretIamMemberConditionPtrOutput added in v8.3.0

func (o RegionalSecretIamMemberConditionPtrOutput) ToRegionalSecretIamMemberConditionPtrOutput() RegionalSecretIamMemberConditionPtrOutput

func (RegionalSecretIamMemberConditionPtrOutput) ToRegionalSecretIamMemberConditionPtrOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberConditionPtrOutput) ToRegionalSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) RegionalSecretIamMemberConditionPtrOutput

type RegionalSecretIamMemberInput added in v8.3.0

type RegionalSecretIamMemberInput interface {
	pulumi.Input

	ToRegionalSecretIamMemberOutput() RegionalSecretIamMemberOutput
	ToRegionalSecretIamMemberOutputWithContext(ctx context.Context) RegionalSecretIamMemberOutput
}

type RegionalSecretIamMemberMap added in v8.3.0

type RegionalSecretIamMemberMap map[string]RegionalSecretIamMemberInput

func (RegionalSecretIamMemberMap) ElementType added in v8.3.0

func (RegionalSecretIamMemberMap) ElementType() reflect.Type

func (RegionalSecretIamMemberMap) ToRegionalSecretIamMemberMapOutput added in v8.3.0

func (i RegionalSecretIamMemberMap) ToRegionalSecretIamMemberMapOutput() RegionalSecretIamMemberMapOutput

func (RegionalSecretIamMemberMap) ToRegionalSecretIamMemberMapOutputWithContext added in v8.3.0

func (i RegionalSecretIamMemberMap) ToRegionalSecretIamMemberMapOutputWithContext(ctx context.Context) RegionalSecretIamMemberMapOutput

type RegionalSecretIamMemberMapInput added in v8.3.0

type RegionalSecretIamMemberMapInput interface {
	pulumi.Input

	ToRegionalSecretIamMemberMapOutput() RegionalSecretIamMemberMapOutput
	ToRegionalSecretIamMemberMapOutputWithContext(context.Context) RegionalSecretIamMemberMapOutput
}

RegionalSecretIamMemberMapInput is an input type that accepts RegionalSecretIamMemberMap and RegionalSecretIamMemberMapOutput values. You can construct a concrete instance of `RegionalSecretIamMemberMapInput` via:

RegionalSecretIamMemberMap{ "key": RegionalSecretIamMemberArgs{...} }

type RegionalSecretIamMemberMapOutput added in v8.3.0

type RegionalSecretIamMemberMapOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamMemberMapOutput) ElementType added in v8.3.0

func (RegionalSecretIamMemberMapOutput) MapIndex added in v8.3.0

func (RegionalSecretIamMemberMapOutput) ToRegionalSecretIamMemberMapOutput added in v8.3.0

func (o RegionalSecretIamMemberMapOutput) ToRegionalSecretIamMemberMapOutput() RegionalSecretIamMemberMapOutput

func (RegionalSecretIamMemberMapOutput) ToRegionalSecretIamMemberMapOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberMapOutput) ToRegionalSecretIamMemberMapOutputWithContext(ctx context.Context) RegionalSecretIamMemberMapOutput

type RegionalSecretIamMemberOutput added in v8.3.0

type RegionalSecretIamMemberOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamMemberOutput) Condition added in v8.3.0

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (RegionalSecretIamMemberOutput) ElementType added in v8.3.0

func (RegionalSecretIamMemberOutput) Etag added in v8.3.0

(Computed) The etag of the IAM policy.

func (RegionalSecretIamMemberOutput) Location added in v8.3.0

The location of the regional secret. eg us-central1 Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (RegionalSecretIamMemberOutput) Member added in v8.3.0

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (RegionalSecretIamMemberOutput) Project added in v8.3.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (RegionalSecretIamMemberOutput) Role added in v8.3.0

The role that should be applied. Only one `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (RegionalSecretIamMemberOutput) SecretId added in v8.3.0

func (RegionalSecretIamMemberOutput) ToRegionalSecretIamMemberOutput added in v8.3.0

func (o RegionalSecretIamMemberOutput) ToRegionalSecretIamMemberOutput() RegionalSecretIamMemberOutput

func (RegionalSecretIamMemberOutput) ToRegionalSecretIamMemberOutputWithContext added in v8.3.0

func (o RegionalSecretIamMemberOutput) ToRegionalSecretIamMemberOutputWithContext(ctx context.Context) RegionalSecretIamMemberOutput

type RegionalSecretIamMemberState added in v8.3.0

type RegionalSecretIamMemberState struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition RegionalSecretIamMemberConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.RegionalSecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (RegionalSecretIamMemberState) ElementType added in v8.3.0

type RegionalSecretIamPolicy added in v8.3.0

type RegionalSecretIamPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringOutput `pulumi:"location"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringOutput `pulumi:"project"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager RegionalSecret Three different resources help you manage your IAM policy for Secret Manager RegionalSecret. Each of these resources serves a different use case:

* `secretmanager.RegionalSecretIamPolicy`: Authoritative. Sets the IAM policy for the regionalsecret and replaces any existing policy already attached. * `secretmanager.RegionalSecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the regionalsecret are preserved. * `secretmanager.RegionalSecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the regionalsecret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.RegionalSecretIamPolicy`: Retrieves the IAM policy for the regionalsecret

> **Note:** `secretmanager.RegionalSecretIamPolicy` **cannot** be used in conjunction with `secretmanager.RegionalSecretIamBinding` and `secretmanager.RegionalSecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.RegionalSecretIamBinding` resources **can be** used in conjunction with `secretmanager.RegionalSecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.RegionalSecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretIamPolicy(ctx, "policy", &secretmanager.RegionalSecretIamPolicyArgs{
			Project:    pulumi.Any(regional_secret_basic.Project),
			Location:   pulumi.Any(regional_secret_basic.Location),
			SecretId:   pulumi.Any(regional_secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamBinding(ctx, "binding", &secretmanager.RegionalSecretIamBindingArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.RegionalSecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.RegionalSecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecretIamMember(ctx, "member", &secretmanager.RegionalSecretIamMemberArgs{
			Project:  pulumi.Any(regional_secret_basic.Project),
			Location: pulumi.Any(regional_secret_basic.Location),
			SecretId: pulumi.Any(regional_secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.RegionalSecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}

* {{project}}/{{location}}/{{secret_id}}

* {{location}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager regionalsecret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamPolicy:RegionalSecretIamPolicy editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamPolicy:RegionalSecretIamPolicy editor "projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/regionalSecretIamPolicy:RegionalSecretIamPolicy editor projects/{{project}}/locations/{{location}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetRegionalSecretIamPolicy added in v8.3.0

func GetRegionalSecretIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RegionalSecretIamPolicyState, opts ...pulumi.ResourceOption) (*RegionalSecretIamPolicy, error)

GetRegionalSecretIamPolicy gets an existing RegionalSecretIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRegionalSecretIamPolicy added in v8.3.0

func NewRegionalSecretIamPolicy(ctx *pulumi.Context,
	name string, args *RegionalSecretIamPolicyArgs, opts ...pulumi.ResourceOption) (*RegionalSecretIamPolicy, error)

NewRegionalSecretIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*RegionalSecretIamPolicy) ElementType added in v8.3.0

func (*RegionalSecretIamPolicy) ElementType() reflect.Type

func (*RegionalSecretIamPolicy) ToRegionalSecretIamPolicyOutput added in v8.3.0

func (i *RegionalSecretIamPolicy) ToRegionalSecretIamPolicyOutput() RegionalSecretIamPolicyOutput

func (*RegionalSecretIamPolicy) ToRegionalSecretIamPolicyOutputWithContext added in v8.3.0

func (i *RegionalSecretIamPolicy) ToRegionalSecretIamPolicyOutputWithContext(ctx context.Context) RegionalSecretIamPolicyOutput

type RegionalSecretIamPolicyArgs added in v8.3.0

type RegionalSecretIamPolicyArgs struct {
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a RegionalSecretIamPolicy resource.

func (RegionalSecretIamPolicyArgs) ElementType added in v8.3.0

type RegionalSecretIamPolicyArray added in v8.3.0

type RegionalSecretIamPolicyArray []RegionalSecretIamPolicyInput

func (RegionalSecretIamPolicyArray) ElementType added in v8.3.0

func (RegionalSecretIamPolicyArray) ToRegionalSecretIamPolicyArrayOutput added in v8.3.0

func (i RegionalSecretIamPolicyArray) ToRegionalSecretIamPolicyArrayOutput() RegionalSecretIamPolicyArrayOutput

func (RegionalSecretIamPolicyArray) ToRegionalSecretIamPolicyArrayOutputWithContext added in v8.3.0

func (i RegionalSecretIamPolicyArray) ToRegionalSecretIamPolicyArrayOutputWithContext(ctx context.Context) RegionalSecretIamPolicyArrayOutput

type RegionalSecretIamPolicyArrayInput added in v8.3.0

type RegionalSecretIamPolicyArrayInput interface {
	pulumi.Input

	ToRegionalSecretIamPolicyArrayOutput() RegionalSecretIamPolicyArrayOutput
	ToRegionalSecretIamPolicyArrayOutputWithContext(context.Context) RegionalSecretIamPolicyArrayOutput
}

RegionalSecretIamPolicyArrayInput is an input type that accepts RegionalSecretIamPolicyArray and RegionalSecretIamPolicyArrayOutput values. You can construct a concrete instance of `RegionalSecretIamPolicyArrayInput` via:

RegionalSecretIamPolicyArray{ RegionalSecretIamPolicyArgs{...} }

type RegionalSecretIamPolicyArrayOutput added in v8.3.0

type RegionalSecretIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamPolicyArrayOutput) ElementType added in v8.3.0

func (RegionalSecretIamPolicyArrayOutput) Index added in v8.3.0

func (RegionalSecretIamPolicyArrayOutput) ToRegionalSecretIamPolicyArrayOutput added in v8.3.0

func (o RegionalSecretIamPolicyArrayOutput) ToRegionalSecretIamPolicyArrayOutput() RegionalSecretIamPolicyArrayOutput

func (RegionalSecretIamPolicyArrayOutput) ToRegionalSecretIamPolicyArrayOutputWithContext added in v8.3.0

func (o RegionalSecretIamPolicyArrayOutput) ToRegionalSecretIamPolicyArrayOutputWithContext(ctx context.Context) RegionalSecretIamPolicyArrayOutput

type RegionalSecretIamPolicyInput added in v8.3.0

type RegionalSecretIamPolicyInput interface {
	pulumi.Input

	ToRegionalSecretIamPolicyOutput() RegionalSecretIamPolicyOutput
	ToRegionalSecretIamPolicyOutputWithContext(ctx context.Context) RegionalSecretIamPolicyOutput
}

type RegionalSecretIamPolicyMap added in v8.3.0

type RegionalSecretIamPolicyMap map[string]RegionalSecretIamPolicyInput

func (RegionalSecretIamPolicyMap) ElementType added in v8.3.0

func (RegionalSecretIamPolicyMap) ElementType() reflect.Type

func (RegionalSecretIamPolicyMap) ToRegionalSecretIamPolicyMapOutput added in v8.3.0

func (i RegionalSecretIamPolicyMap) ToRegionalSecretIamPolicyMapOutput() RegionalSecretIamPolicyMapOutput

func (RegionalSecretIamPolicyMap) ToRegionalSecretIamPolicyMapOutputWithContext added in v8.3.0

func (i RegionalSecretIamPolicyMap) ToRegionalSecretIamPolicyMapOutputWithContext(ctx context.Context) RegionalSecretIamPolicyMapOutput

type RegionalSecretIamPolicyMapInput added in v8.3.0

type RegionalSecretIamPolicyMapInput interface {
	pulumi.Input

	ToRegionalSecretIamPolicyMapOutput() RegionalSecretIamPolicyMapOutput
	ToRegionalSecretIamPolicyMapOutputWithContext(context.Context) RegionalSecretIamPolicyMapOutput
}

RegionalSecretIamPolicyMapInput is an input type that accepts RegionalSecretIamPolicyMap and RegionalSecretIamPolicyMapOutput values. You can construct a concrete instance of `RegionalSecretIamPolicyMapInput` via:

RegionalSecretIamPolicyMap{ "key": RegionalSecretIamPolicyArgs{...} }

type RegionalSecretIamPolicyMapOutput added in v8.3.0

type RegionalSecretIamPolicyMapOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamPolicyMapOutput) ElementType added in v8.3.0

func (RegionalSecretIamPolicyMapOutput) MapIndex added in v8.3.0

func (RegionalSecretIamPolicyMapOutput) ToRegionalSecretIamPolicyMapOutput added in v8.3.0

func (o RegionalSecretIamPolicyMapOutput) ToRegionalSecretIamPolicyMapOutput() RegionalSecretIamPolicyMapOutput

func (RegionalSecretIamPolicyMapOutput) ToRegionalSecretIamPolicyMapOutputWithContext added in v8.3.0

func (o RegionalSecretIamPolicyMapOutput) ToRegionalSecretIamPolicyMapOutputWithContext(ctx context.Context) RegionalSecretIamPolicyMapOutput

type RegionalSecretIamPolicyOutput added in v8.3.0

type RegionalSecretIamPolicyOutput struct{ *pulumi.OutputState }

func (RegionalSecretIamPolicyOutput) ElementType added in v8.3.0

func (RegionalSecretIamPolicyOutput) Etag added in v8.3.0

(Computed) The etag of the IAM policy.

func (RegionalSecretIamPolicyOutput) Location added in v8.3.0

The location of the regional secret. eg us-central1 Used to find the parent resource to bind the IAM policy to. If not specified, the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no location is specified, it is taken from the provider configuration.

func (RegionalSecretIamPolicyOutput) PolicyData added in v8.3.0

The policy data generated by a `organizations.getIAMPolicy` data source.

func (RegionalSecretIamPolicyOutput) Project added in v8.3.0

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (RegionalSecretIamPolicyOutput) SecretId added in v8.3.0

func (RegionalSecretIamPolicyOutput) ToRegionalSecretIamPolicyOutput added in v8.3.0

func (o RegionalSecretIamPolicyOutput) ToRegionalSecretIamPolicyOutput() RegionalSecretIamPolicyOutput

func (RegionalSecretIamPolicyOutput) ToRegionalSecretIamPolicyOutputWithContext added in v8.3.0

func (o RegionalSecretIamPolicyOutput) ToRegionalSecretIamPolicyOutputWithContext(ctx context.Context) RegionalSecretIamPolicyOutput

type RegionalSecretIamPolicyState added in v8.3.0

type RegionalSecretIamPolicyState struct {
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The location of the regional secret. eg us-central1
	// Used to find the parent resource to bind the IAM policy to. If not specified,
	// the value will be parsed from the identifier of the parent resource. If no location is provided in the parent identifier and no
	// location is specified, it is taken from the provider configuration.
	Location pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (RegionalSecretIamPolicyState) ElementType added in v8.3.0

type RegionalSecretInput added in v8.3.0

type RegionalSecretInput interface {
	pulumi.Input

	ToRegionalSecretOutput() RegionalSecretOutput
	ToRegionalSecretOutputWithContext(ctx context.Context) RegionalSecretOutput
}

type RegionalSecretMap added in v8.3.0

type RegionalSecretMap map[string]RegionalSecretInput

func (RegionalSecretMap) ElementType added in v8.3.0

func (RegionalSecretMap) ElementType() reflect.Type

func (RegionalSecretMap) ToRegionalSecretMapOutput added in v8.3.0

func (i RegionalSecretMap) ToRegionalSecretMapOutput() RegionalSecretMapOutput

func (RegionalSecretMap) ToRegionalSecretMapOutputWithContext added in v8.3.0

func (i RegionalSecretMap) ToRegionalSecretMapOutputWithContext(ctx context.Context) RegionalSecretMapOutput

type RegionalSecretMapInput added in v8.3.0

type RegionalSecretMapInput interface {
	pulumi.Input

	ToRegionalSecretMapOutput() RegionalSecretMapOutput
	ToRegionalSecretMapOutputWithContext(context.Context) RegionalSecretMapOutput
}

RegionalSecretMapInput is an input type that accepts RegionalSecretMap and RegionalSecretMapOutput values. You can construct a concrete instance of `RegionalSecretMapInput` via:

RegionalSecretMap{ "key": RegionalSecretArgs{...} }

type RegionalSecretMapOutput added in v8.3.0

type RegionalSecretMapOutput struct{ *pulumi.OutputState }

func (RegionalSecretMapOutput) ElementType added in v8.3.0

func (RegionalSecretMapOutput) ElementType() reflect.Type

func (RegionalSecretMapOutput) MapIndex added in v8.3.0

func (RegionalSecretMapOutput) ToRegionalSecretMapOutput added in v8.3.0

func (o RegionalSecretMapOutput) ToRegionalSecretMapOutput() RegionalSecretMapOutput

func (RegionalSecretMapOutput) ToRegionalSecretMapOutputWithContext added in v8.3.0

func (o RegionalSecretMapOutput) ToRegionalSecretMapOutputWithContext(ctx context.Context) RegionalSecretMapOutput

type RegionalSecretOutput added in v8.3.0

type RegionalSecretOutput struct{ *pulumi.OutputState }

func (RegionalSecretOutput) Annotations added in v8.3.0

Custom metadata about the regional secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

**Note**: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource.

func (RegionalSecretOutput) CreateTime added in v8.3.0

func (o RegionalSecretOutput) CreateTime() pulumi.StringOutput

The time at which the regional secret was created.

func (RegionalSecretOutput) CustomerManagedEncryption added in v8.3.0

The customer-managed encryption configuration of the regional secret. Structure is documented below.

func (RegionalSecretOutput) EffectiveAnnotations added in v8.3.0

func (o RegionalSecretOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (RegionalSecretOutput) EffectiveLabels added in v8.3.0

func (o RegionalSecretOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (RegionalSecretOutput) ElementType added in v8.3.0

func (RegionalSecretOutput) ElementType() reflect.Type

func (RegionalSecretOutput) ExpireTime added in v8.3.0

func (o RegionalSecretOutput) ExpireTime() pulumi.StringOutput

Timestamp in UTC when the regional secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". Only one of `expireTime` or `ttl` can be provided.

func (RegionalSecretOutput) Labels added in v8.3.0

The labels assigned to this regional secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

**Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field `effectiveLabels` for all of the labels present on the resource.

func (RegionalSecretOutput) Location added in v8.3.0

The location of the regional secret. eg us-central1

func (RegionalSecretOutput) Name added in v8.3.0

The resource name of the regional secret. Format: `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}`

func (RegionalSecretOutput) Project added in v8.3.0

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

func (RegionalSecretOutput) PulumiLabels added in v8.3.0

func (o RegionalSecretOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (RegionalSecretOutput) Rotation added in v8.3.0

The rotation time and period for a regional secret. At `nextRotationTime`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation. Structure is documented below.

func (RegionalSecretOutput) SecretId added in v8.3.0

This must be unique within the project.

***

func (RegionalSecretOutput) ToRegionalSecretOutput added in v8.3.0

func (o RegionalSecretOutput) ToRegionalSecretOutput() RegionalSecretOutput

func (RegionalSecretOutput) ToRegionalSecretOutputWithContext added in v8.3.0

func (o RegionalSecretOutput) ToRegionalSecretOutputWithContext(ctx context.Context) RegionalSecretOutput

func (RegionalSecretOutput) Topics added in v8.3.0

A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the regional secret or its versions. Structure is documented below.

func (RegionalSecretOutput) Ttl added in v8.3.0

The TTL for the regional secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of `ttl` or `expireTime` can be provided.

func (RegionalSecretOutput) VersionAliases added in v8.3.0

func (o RegionalSecretOutput) VersionAliases() pulumi.StringMapOutput

Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

func (RegionalSecretOutput) VersionDestroyTtl added in v8.3.0

func (o RegionalSecretOutput) VersionDestroyTtl() pulumi.StringPtrOutput

Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and the actual destruction happens after this TTL expires. It must be atleast 24h.

type RegionalSecretRotation added in v8.3.0

type RegionalSecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
	// fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime *string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h)
	// and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must
	// be set. `nextRotationTime` will be advanced by this period when the service
	// automatically sends rotation notifications.
	RotationPeriod *string `pulumi:"rotationPeriod"`
}

type RegionalSecretRotationArgs added in v8.3.0

type RegionalSecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine
	// fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime pulumi.StringPtrInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h)
	// and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must
	// be set. `nextRotationTime` will be advanced by this period when the service
	// automatically sends rotation notifications.
	RotationPeriod pulumi.StringPtrInput `pulumi:"rotationPeriod"`
}

func (RegionalSecretRotationArgs) ElementType added in v8.3.0

func (RegionalSecretRotationArgs) ElementType() reflect.Type

func (RegionalSecretRotationArgs) ToRegionalSecretRotationOutput added in v8.3.0

func (i RegionalSecretRotationArgs) ToRegionalSecretRotationOutput() RegionalSecretRotationOutput

func (RegionalSecretRotationArgs) ToRegionalSecretRotationOutputWithContext added in v8.3.0

func (i RegionalSecretRotationArgs) ToRegionalSecretRotationOutputWithContext(ctx context.Context) RegionalSecretRotationOutput

func (RegionalSecretRotationArgs) ToRegionalSecretRotationPtrOutput added in v8.3.0

func (i RegionalSecretRotationArgs) ToRegionalSecretRotationPtrOutput() RegionalSecretRotationPtrOutput

func (RegionalSecretRotationArgs) ToRegionalSecretRotationPtrOutputWithContext added in v8.3.0

func (i RegionalSecretRotationArgs) ToRegionalSecretRotationPtrOutputWithContext(ctx context.Context) RegionalSecretRotationPtrOutput

type RegionalSecretRotationInput added in v8.3.0

type RegionalSecretRotationInput interface {
	pulumi.Input

	ToRegionalSecretRotationOutput() RegionalSecretRotationOutput
	ToRegionalSecretRotationOutputWithContext(context.Context) RegionalSecretRotationOutput
}

RegionalSecretRotationInput is an input type that accepts RegionalSecretRotationArgs and RegionalSecretRotationOutput values. You can construct a concrete instance of `RegionalSecretRotationInput` via:

RegionalSecretRotationArgs{...}

type RegionalSecretRotationOutput added in v8.3.0

type RegionalSecretRotationOutput struct{ *pulumi.OutputState }

func (RegionalSecretRotationOutput) ElementType added in v8.3.0

func (RegionalSecretRotationOutput) NextRotationTime added in v8.3.0

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (RegionalSecretRotationOutput) RotationPeriod added in v8.3.0

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (RegionalSecretRotationOutput) ToRegionalSecretRotationOutput added in v8.3.0

func (o RegionalSecretRotationOutput) ToRegionalSecretRotationOutput() RegionalSecretRotationOutput

func (RegionalSecretRotationOutput) ToRegionalSecretRotationOutputWithContext added in v8.3.0

func (o RegionalSecretRotationOutput) ToRegionalSecretRotationOutputWithContext(ctx context.Context) RegionalSecretRotationOutput

func (RegionalSecretRotationOutput) ToRegionalSecretRotationPtrOutput added in v8.3.0

func (o RegionalSecretRotationOutput) ToRegionalSecretRotationPtrOutput() RegionalSecretRotationPtrOutput

func (RegionalSecretRotationOutput) ToRegionalSecretRotationPtrOutputWithContext added in v8.3.0

func (o RegionalSecretRotationOutput) ToRegionalSecretRotationPtrOutputWithContext(ctx context.Context) RegionalSecretRotationPtrOutput

type RegionalSecretRotationPtrInput added in v8.3.0

type RegionalSecretRotationPtrInput interface {
	pulumi.Input

	ToRegionalSecretRotationPtrOutput() RegionalSecretRotationPtrOutput
	ToRegionalSecretRotationPtrOutputWithContext(context.Context) RegionalSecretRotationPtrOutput
}

RegionalSecretRotationPtrInput is an input type that accepts RegionalSecretRotationArgs, RegionalSecretRotationPtr and RegionalSecretRotationPtrOutput values. You can construct a concrete instance of `RegionalSecretRotationPtrInput` via:

        RegionalSecretRotationArgs{...}

or:

        nil

func RegionalSecretRotationPtr added in v8.3.0

func RegionalSecretRotationPtr(v *RegionalSecretRotationArgs) RegionalSecretRotationPtrInput

type RegionalSecretRotationPtrOutput added in v8.3.0

type RegionalSecretRotationPtrOutput struct{ *pulumi.OutputState }

func (RegionalSecretRotationPtrOutput) Elem added in v8.3.0

func (RegionalSecretRotationPtrOutput) ElementType added in v8.3.0

func (RegionalSecretRotationPtrOutput) NextRotationTime added in v8.3.0

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (RegionalSecretRotationPtrOutput) RotationPeriod added in v8.3.0

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (RegionalSecretRotationPtrOutput) ToRegionalSecretRotationPtrOutput added in v8.3.0

func (o RegionalSecretRotationPtrOutput) ToRegionalSecretRotationPtrOutput() RegionalSecretRotationPtrOutput

func (RegionalSecretRotationPtrOutput) ToRegionalSecretRotationPtrOutputWithContext added in v8.3.0

func (o RegionalSecretRotationPtrOutput) ToRegionalSecretRotationPtrOutputWithContext(ctx context.Context) RegionalSecretRotationPtrOutput

type RegionalSecretState added in v8.3.0

type RegionalSecretState struct {
	// Custom metadata about the regional secret.
	// Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database.
	// Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
	// may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
	// symbols.
	// The total size of annotation keys and values must be less than 16KiB.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration.
	// Please refer to the field `effectiveAnnotations` for all of the annotations present on the resource.
	Annotations pulumi.StringMapInput
	// The time at which the regional secret was created.
	CreateTime pulumi.StringPtrInput
	// The customer-managed encryption configuration of the regional secret.
	// Structure is documented below.
	CustomerManagedEncryption RegionalSecretCustomerManagedEncryptionPtrInput
	EffectiveAnnotations      pulumi.StringMapInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Timestamp in UTC when the regional secret is scheduled to expire. This is always provided on
	// output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with
	// nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and
	// "2014-10-02T15:01:23.045123456Z". Only one of `expireTime` or `ttl` can be provided.
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this regional secret.
	// Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes,
	// and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63}
	// No more than 64 labels can be assigned to a given resource.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	//
	// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
	// Please refer to the field `effectiveLabels` for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The location of the regional secret. eg us-central1
	Location pulumi.StringPtrInput
	// The resource name of the regional secret. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}`
	Name pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the provider project is used.
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// The rotation time and period for a regional secret. At `nextRotationTime`, Secret Manager
	// will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be
	// set to configure rotation.
	// Structure is documented below.
	Rotation RegionalSecretRotationPtrInput
	// This must be unique within the project.
	//
	// ***
	SecretId pulumi.StringPtrInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane
	// operations are called on the regional secret or its versions.
	// Structure is documented below.
	Topics RegionalSecretTopicArrayInput
	// The TTL for the regional secret. A duration in seconds with up to nine fractional digits,
	// terminated by 's'. Example: "3.5s". Only one of `ttl` or `expireTime` can be provided.
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name.
	// A version alias is a string with a maximum length of 63 characters and can contain
	// uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_')
	// characters. An alias string must start with a letter and cannot be the string
	// 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.
	// An object containing a list of "key": value pairs. Example:
	// { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
	// Secret Version TTL after destruction request.
	// This is a part of the delayed delete feature on Secret Version.
	// For secret with versionDestroyTtl>0, version destruction doesn't happen immediately
	// on calling destroy instead the version goes to a disabled state and
	// the actual destruction happens after this TTL expires. It must be atleast 24h.
	VersionDestroyTtl pulumi.StringPtrInput
}

func (RegionalSecretState) ElementType added in v8.3.0

func (RegionalSecretState) ElementType() reflect.Type

type RegionalSecretTopic added in v8.3.0

type RegionalSecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format:
	// projects/*/topics/*. For publication to succeed, the Secret Manager Service
	// Agent service account must have pubsub.publisher permissions on the topic.
	Name string `pulumi:"name"`
}

type RegionalSecretTopicArgs added in v8.3.0

type RegionalSecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format:
	// projects/*/topics/*. For publication to succeed, the Secret Manager Service
	// Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringInput `pulumi:"name"`
}

func (RegionalSecretTopicArgs) ElementType added in v8.3.0

func (RegionalSecretTopicArgs) ElementType() reflect.Type

func (RegionalSecretTopicArgs) ToRegionalSecretTopicOutput added in v8.3.0

func (i RegionalSecretTopicArgs) ToRegionalSecretTopicOutput() RegionalSecretTopicOutput

func (RegionalSecretTopicArgs) ToRegionalSecretTopicOutputWithContext added in v8.3.0

func (i RegionalSecretTopicArgs) ToRegionalSecretTopicOutputWithContext(ctx context.Context) RegionalSecretTopicOutput

type RegionalSecretTopicArray added in v8.3.0

type RegionalSecretTopicArray []RegionalSecretTopicInput

func (RegionalSecretTopicArray) ElementType added in v8.3.0

func (RegionalSecretTopicArray) ElementType() reflect.Type

func (RegionalSecretTopicArray) ToRegionalSecretTopicArrayOutput added in v8.3.0

func (i RegionalSecretTopicArray) ToRegionalSecretTopicArrayOutput() RegionalSecretTopicArrayOutput

func (RegionalSecretTopicArray) ToRegionalSecretTopicArrayOutputWithContext added in v8.3.0

func (i RegionalSecretTopicArray) ToRegionalSecretTopicArrayOutputWithContext(ctx context.Context) RegionalSecretTopicArrayOutput

type RegionalSecretTopicArrayInput added in v8.3.0

type RegionalSecretTopicArrayInput interface {
	pulumi.Input

	ToRegionalSecretTopicArrayOutput() RegionalSecretTopicArrayOutput
	ToRegionalSecretTopicArrayOutputWithContext(context.Context) RegionalSecretTopicArrayOutput
}

RegionalSecretTopicArrayInput is an input type that accepts RegionalSecretTopicArray and RegionalSecretTopicArrayOutput values. You can construct a concrete instance of `RegionalSecretTopicArrayInput` via:

RegionalSecretTopicArray{ RegionalSecretTopicArgs{...} }

type RegionalSecretTopicArrayOutput added in v8.3.0

type RegionalSecretTopicArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretTopicArrayOutput) ElementType added in v8.3.0

func (RegionalSecretTopicArrayOutput) Index added in v8.3.0

func (RegionalSecretTopicArrayOutput) ToRegionalSecretTopicArrayOutput added in v8.3.0

func (o RegionalSecretTopicArrayOutput) ToRegionalSecretTopicArrayOutput() RegionalSecretTopicArrayOutput

func (RegionalSecretTopicArrayOutput) ToRegionalSecretTopicArrayOutputWithContext added in v8.3.0

func (o RegionalSecretTopicArrayOutput) ToRegionalSecretTopicArrayOutputWithContext(ctx context.Context) RegionalSecretTopicArrayOutput

type RegionalSecretTopicInput added in v8.3.0

type RegionalSecretTopicInput interface {
	pulumi.Input

	ToRegionalSecretTopicOutput() RegionalSecretTopicOutput
	ToRegionalSecretTopicOutputWithContext(context.Context) RegionalSecretTopicOutput
}

RegionalSecretTopicInput is an input type that accepts RegionalSecretTopicArgs and RegionalSecretTopicOutput values. You can construct a concrete instance of `RegionalSecretTopicInput` via:

RegionalSecretTopicArgs{...}

type RegionalSecretTopicOutput added in v8.3.0

type RegionalSecretTopicOutput struct{ *pulumi.OutputState }

func (RegionalSecretTopicOutput) ElementType added in v8.3.0

func (RegionalSecretTopicOutput) ElementType() reflect.Type

func (RegionalSecretTopicOutput) Name added in v8.3.0

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (RegionalSecretTopicOutput) ToRegionalSecretTopicOutput added in v8.3.0

func (o RegionalSecretTopicOutput) ToRegionalSecretTopicOutput() RegionalSecretTopicOutput

func (RegionalSecretTopicOutput) ToRegionalSecretTopicOutputWithContext added in v8.3.0

func (o RegionalSecretTopicOutput) ToRegionalSecretTopicOutputWithContext(ctx context.Context) RegionalSecretTopicOutput

type RegionalSecretVersion added in v8.3.0

type RegionalSecretVersion struct {
	pulumi.CustomResourceState

	// The time at which the regional secret version was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The customer-managed encryption configuration of the regional secret.
	// Structure is documented below.
	CustomerManagedEncryptions RegionalSecretVersionCustomerManagedEncryptionArrayOutput `pulumi:"customerManagedEncryptions"`
	// The deletion policy for the regional secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrOutput `pulumi:"deletionPolicy"`
	// The time at which the regional secret version was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringOutput `pulumi:"destroyTime"`
	// The current state of the regional secret version.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrOutput `pulumi:"isSecretDataBase64"`
	// Location of Secret Manager regional secret resource.
	Location pulumi.StringOutput `pulumi:"location"`
	// The resource name of the regional secret version. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringOutput `pulumi:"name"`
	// Secret Manager regional secret resource.
	//
	// ***
	Secret pulumi.StringOutput `pulumi:"secret"`
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringOutput `pulumi:"secretData"`
	// The version of the Regional Secret.
	Version pulumi.StringOutput `pulumi:"version"`
}

A regional secret version resource.

## Example Usage

### Regional Secret Version Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("secret-version"),
			Location: pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretVersion(ctx, "regional_secret_version_basic", &secretmanager.RegionalSecretVersionArgs{
			Secret:     secret_basic.ID(),
			SecretData: pulumi.String("secret-data"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret Version With Base64 Data

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("secret-version"),
			Location: pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		invokeFilebase64, err := std.Filebase64(ctx, &std.Filebase64Args{
			Input: "secret-data.pfx",
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretVersion(ctx, "regional_secret_version_base64", &secretmanager.RegionalSecretVersionArgs{
			Secret:             secret_basic.ID(),
			SecretData:         pulumi.String(invokeFilebase64.Result),
			IsSecretDataBase64: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret Version Disabled

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("secret-version"),
			Location: pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretVersion(ctx, "regional_secret_version_disabled", &secretmanager.RegionalSecretVersionArgs{
			Secret:     secret_basic.ID(),
			SecretData: pulumi.String("secret-data"),
			Enabled:    pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret Version Deletion Policy Abandon

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("secret-version"),
			Location: pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretVersion(ctx, "regional_secret_version_deletion_policy", &secretmanager.RegionalSecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("ABANDON"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Regional Secret Version Deletion Policy Disable

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewRegionalSecret(ctx, "secret-basic", &secretmanager.RegionalSecretArgs{
			SecretId: pulumi.String("secret-version"),
			Location: pulumi.String("us-central1"),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewRegionalSecretVersion(ctx, "regional_secret_version_deletion_policy", &secretmanager.RegionalSecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("DISABLE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

RegionalSecretVersion can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`

When using the `pulumi import` command, RegionalSecretVersion can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:secretmanager/regionalSecretVersion:RegionalSecretVersion default projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}} ```

func GetRegionalSecretVersion added in v8.3.0

func GetRegionalSecretVersion(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *RegionalSecretVersionState, opts ...pulumi.ResourceOption) (*RegionalSecretVersion, error)

GetRegionalSecretVersion gets an existing RegionalSecretVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewRegionalSecretVersion added in v8.3.0

func NewRegionalSecretVersion(ctx *pulumi.Context,
	name string, args *RegionalSecretVersionArgs, opts ...pulumi.ResourceOption) (*RegionalSecretVersion, error)

NewRegionalSecretVersion registers a new resource with the given unique name, arguments, and options.

func (*RegionalSecretVersion) ElementType added in v8.3.0

func (*RegionalSecretVersion) ElementType() reflect.Type

func (*RegionalSecretVersion) ToRegionalSecretVersionOutput added in v8.3.0

func (i *RegionalSecretVersion) ToRegionalSecretVersionOutput() RegionalSecretVersionOutput

func (*RegionalSecretVersion) ToRegionalSecretVersionOutputWithContext added in v8.3.0

func (i *RegionalSecretVersion) ToRegionalSecretVersionOutputWithContext(ctx context.Context) RegionalSecretVersionOutput

type RegionalSecretVersionArgs added in v8.3.0

type RegionalSecretVersionArgs struct {
	// The deletion policy for the regional secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The current state of the regional secret version.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// Secret Manager regional secret resource.
	//
	// ***
	Secret pulumi.StringInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringInput
}

The set of arguments for constructing a RegionalSecretVersion resource.

func (RegionalSecretVersionArgs) ElementType added in v8.3.0

func (RegionalSecretVersionArgs) ElementType() reflect.Type

type RegionalSecretVersionArray added in v8.3.0

type RegionalSecretVersionArray []RegionalSecretVersionInput

func (RegionalSecretVersionArray) ElementType added in v8.3.0

func (RegionalSecretVersionArray) ElementType() reflect.Type

func (RegionalSecretVersionArray) ToRegionalSecretVersionArrayOutput added in v8.3.0

func (i RegionalSecretVersionArray) ToRegionalSecretVersionArrayOutput() RegionalSecretVersionArrayOutput

func (RegionalSecretVersionArray) ToRegionalSecretVersionArrayOutputWithContext added in v8.3.0

func (i RegionalSecretVersionArray) ToRegionalSecretVersionArrayOutputWithContext(ctx context.Context) RegionalSecretVersionArrayOutput

type RegionalSecretVersionArrayInput added in v8.3.0

type RegionalSecretVersionArrayInput interface {
	pulumi.Input

	ToRegionalSecretVersionArrayOutput() RegionalSecretVersionArrayOutput
	ToRegionalSecretVersionArrayOutputWithContext(context.Context) RegionalSecretVersionArrayOutput
}

RegionalSecretVersionArrayInput is an input type that accepts RegionalSecretVersionArray and RegionalSecretVersionArrayOutput values. You can construct a concrete instance of `RegionalSecretVersionArrayInput` via:

RegionalSecretVersionArray{ RegionalSecretVersionArgs{...} }

type RegionalSecretVersionArrayOutput added in v8.3.0

type RegionalSecretVersionArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretVersionArrayOutput) ElementType added in v8.3.0

func (RegionalSecretVersionArrayOutput) Index added in v8.3.0

func (RegionalSecretVersionArrayOutput) ToRegionalSecretVersionArrayOutput added in v8.3.0

func (o RegionalSecretVersionArrayOutput) ToRegionalSecretVersionArrayOutput() RegionalSecretVersionArrayOutput

func (RegionalSecretVersionArrayOutput) ToRegionalSecretVersionArrayOutputWithContext added in v8.3.0

func (o RegionalSecretVersionArrayOutput) ToRegionalSecretVersionArrayOutputWithContext(ctx context.Context) RegionalSecretVersionArrayOutput

type RegionalSecretVersionCustomerManagedEncryption added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryption struct {
	// (Output)
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyVersionName *string `pulumi:"kmsKeyVersionName"`
}

type RegionalSecretVersionCustomerManagedEncryptionArgs added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionArgs struct {
	// (Output)
	// The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.
	KmsKeyVersionName pulumi.StringPtrInput `pulumi:"kmsKeyVersionName"`
}

func (RegionalSecretVersionCustomerManagedEncryptionArgs) ElementType added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionArgs) ToRegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

func (i RegionalSecretVersionCustomerManagedEncryptionArgs) ToRegionalSecretVersionCustomerManagedEncryptionOutput() RegionalSecretVersionCustomerManagedEncryptionOutput

func (RegionalSecretVersionCustomerManagedEncryptionArgs) ToRegionalSecretVersionCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (i RegionalSecretVersionCustomerManagedEncryptionArgs) ToRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(ctx context.Context) RegionalSecretVersionCustomerManagedEncryptionOutput

type RegionalSecretVersionCustomerManagedEncryptionArray added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionArray []RegionalSecretVersionCustomerManagedEncryptionInput

func (RegionalSecretVersionCustomerManagedEncryptionArray) ElementType added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionArray) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

func (i RegionalSecretVersionCustomerManagedEncryptionArray) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutput() RegionalSecretVersionCustomerManagedEncryptionArrayOutput

func (RegionalSecretVersionCustomerManagedEncryptionArray) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (i RegionalSecretVersionCustomerManagedEncryptionArray) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) RegionalSecretVersionCustomerManagedEncryptionArrayOutput

type RegionalSecretVersionCustomerManagedEncryptionArrayInput added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionArrayInput interface {
	pulumi.Input

	ToRegionalSecretVersionCustomerManagedEncryptionArrayOutput() RegionalSecretVersionCustomerManagedEncryptionArrayOutput
	ToRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(context.Context) RegionalSecretVersionCustomerManagedEncryptionArrayOutput
}

RegionalSecretVersionCustomerManagedEncryptionArrayInput is an input type that accepts RegionalSecretVersionCustomerManagedEncryptionArray and RegionalSecretVersionCustomerManagedEncryptionArrayOutput values. You can construct a concrete instance of `RegionalSecretVersionCustomerManagedEncryptionArrayInput` via:

RegionalSecretVersionCustomerManagedEncryptionArray{ RegionalSecretVersionCustomerManagedEncryptionArgs{...} }

type RegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionArrayOutput struct{ *pulumi.OutputState }

func (RegionalSecretVersionCustomerManagedEncryptionArrayOutput) ElementType added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionArrayOutput) Index added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutput added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext added in v8.3.0

func (o RegionalSecretVersionCustomerManagedEncryptionArrayOutput) ToRegionalSecretVersionCustomerManagedEncryptionArrayOutputWithContext(ctx context.Context) RegionalSecretVersionCustomerManagedEncryptionArrayOutput

type RegionalSecretVersionCustomerManagedEncryptionInput added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToRegionalSecretVersionCustomerManagedEncryptionOutput() RegionalSecretVersionCustomerManagedEncryptionOutput
	ToRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(context.Context) RegionalSecretVersionCustomerManagedEncryptionOutput
}

RegionalSecretVersionCustomerManagedEncryptionInput is an input type that accepts RegionalSecretVersionCustomerManagedEncryptionArgs and RegionalSecretVersionCustomerManagedEncryptionOutput values. You can construct a concrete instance of `RegionalSecretVersionCustomerManagedEncryptionInput` via:

RegionalSecretVersionCustomerManagedEncryptionArgs{...}

type RegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

type RegionalSecretVersionCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (RegionalSecretVersionCustomerManagedEncryptionOutput) ElementType added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionOutput) KmsKeyVersionName added in v8.3.0

(Output) The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads.

func (RegionalSecretVersionCustomerManagedEncryptionOutput) ToRegionalSecretVersionCustomerManagedEncryptionOutput added in v8.3.0

func (RegionalSecretVersionCustomerManagedEncryptionOutput) ToRegionalSecretVersionCustomerManagedEncryptionOutputWithContext added in v8.3.0

func (o RegionalSecretVersionCustomerManagedEncryptionOutput) ToRegionalSecretVersionCustomerManagedEncryptionOutputWithContext(ctx context.Context) RegionalSecretVersionCustomerManagedEncryptionOutput

type RegionalSecretVersionInput added in v8.3.0

type RegionalSecretVersionInput interface {
	pulumi.Input

	ToRegionalSecretVersionOutput() RegionalSecretVersionOutput
	ToRegionalSecretVersionOutputWithContext(ctx context.Context) RegionalSecretVersionOutput
}

type RegionalSecretVersionMap added in v8.3.0

type RegionalSecretVersionMap map[string]RegionalSecretVersionInput

func (RegionalSecretVersionMap) ElementType added in v8.3.0

func (RegionalSecretVersionMap) ElementType() reflect.Type

func (RegionalSecretVersionMap) ToRegionalSecretVersionMapOutput added in v8.3.0

func (i RegionalSecretVersionMap) ToRegionalSecretVersionMapOutput() RegionalSecretVersionMapOutput

func (RegionalSecretVersionMap) ToRegionalSecretVersionMapOutputWithContext added in v8.3.0

func (i RegionalSecretVersionMap) ToRegionalSecretVersionMapOutputWithContext(ctx context.Context) RegionalSecretVersionMapOutput

type RegionalSecretVersionMapInput added in v8.3.0

type RegionalSecretVersionMapInput interface {
	pulumi.Input

	ToRegionalSecretVersionMapOutput() RegionalSecretVersionMapOutput
	ToRegionalSecretVersionMapOutputWithContext(context.Context) RegionalSecretVersionMapOutput
}

RegionalSecretVersionMapInput is an input type that accepts RegionalSecretVersionMap and RegionalSecretVersionMapOutput values. You can construct a concrete instance of `RegionalSecretVersionMapInput` via:

RegionalSecretVersionMap{ "key": RegionalSecretVersionArgs{...} }

type RegionalSecretVersionMapOutput added in v8.3.0

type RegionalSecretVersionMapOutput struct{ *pulumi.OutputState }

func (RegionalSecretVersionMapOutput) ElementType added in v8.3.0

func (RegionalSecretVersionMapOutput) MapIndex added in v8.3.0

func (RegionalSecretVersionMapOutput) ToRegionalSecretVersionMapOutput added in v8.3.0

func (o RegionalSecretVersionMapOutput) ToRegionalSecretVersionMapOutput() RegionalSecretVersionMapOutput

func (RegionalSecretVersionMapOutput) ToRegionalSecretVersionMapOutputWithContext added in v8.3.0

func (o RegionalSecretVersionMapOutput) ToRegionalSecretVersionMapOutputWithContext(ctx context.Context) RegionalSecretVersionMapOutput

type RegionalSecretVersionOutput added in v8.3.0

type RegionalSecretVersionOutput struct{ *pulumi.OutputState }

func (RegionalSecretVersionOutput) CreateTime added in v8.3.0

The time at which the regional secret version was created.

func (RegionalSecretVersionOutput) CustomerManagedEncryptions added in v8.3.0

The customer-managed encryption configuration of the regional secret. Structure is documented below.

func (RegionalSecretVersionOutput) DeletionPolicy added in v8.3.0

The deletion policy for the regional secret version. Setting `ABANDON` allows the resource to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be disabled rather than deleted. Default is `DELETE`. Possible values are: * DELETE * DISABLE * ABANDON

func (RegionalSecretVersionOutput) DestroyTime added in v8.3.0

The time at which the regional secret version was destroyed. Only present if state is DESTROYED.

func (RegionalSecretVersionOutput) ElementType added in v8.3.0

func (RegionalSecretVersionOutput) Enabled added in v8.3.0

The current state of the regional secret version.

func (RegionalSecretVersionOutput) IsSecretDataBase64 added in v8.3.0

func (o RegionalSecretVersionOutput) IsSecretDataBase64() pulumi.BoolPtrOutput

If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.

func (RegionalSecretVersionOutput) Location added in v8.3.0

Location of Secret Manager regional secret resource.

func (RegionalSecretVersionOutput) Name added in v8.3.0

The resource name of the regional secret version. Format: `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`

func (RegionalSecretVersionOutput) Secret added in v8.3.0

Secret Manager regional secret resource.

***

func (RegionalSecretVersionOutput) SecretData added in v8.3.0

The secret data. Must be no larger than 64KiB. **Note**: This property is sensitive and will not be displayed in the plan.

func (RegionalSecretVersionOutput) ToRegionalSecretVersionOutput added in v8.3.0

func (o RegionalSecretVersionOutput) ToRegionalSecretVersionOutput() RegionalSecretVersionOutput

func (RegionalSecretVersionOutput) ToRegionalSecretVersionOutputWithContext added in v8.3.0

func (o RegionalSecretVersionOutput) ToRegionalSecretVersionOutputWithContext(ctx context.Context) RegionalSecretVersionOutput

func (RegionalSecretVersionOutput) Version added in v8.3.0

The version of the Regional Secret.

type RegionalSecretVersionState added in v8.3.0

type RegionalSecretVersionState struct {
	// The time at which the regional secret version was created.
	CreateTime pulumi.StringPtrInput
	// The customer-managed encryption configuration of the regional secret.
	// Structure is documented below.
	CustomerManagedEncryptions RegionalSecretVersionCustomerManagedEncryptionArrayInput
	// The deletion policy for the regional secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The time at which the regional secret version was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringPtrInput
	// The current state of the regional secret version.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// Location of Secret Manager regional secret resource.
	Location pulumi.StringPtrInput
	// The resource name of the regional secret version. Format:
	// `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringPtrInput
	// Secret Manager regional secret resource.
	//
	// ***
	Secret pulumi.StringPtrInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringPtrInput
	// The version of the Regional Secret.
	Version pulumi.StringPtrInput
}

func (RegionalSecretVersionState) ElementType added in v8.3.0

func (RegionalSecretVersionState) ElementType() reflect.Type

type Secret

type Secret struct {
	pulumi.CustomResourceState

	// Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63
	// characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]),
	// and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of
	// annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: {
	// "name": "wrench", "mass": "1.3kg", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
	// annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations
	// present on the resource.
	Annotations pulumi.StringMapOutput `pulumi:"annotations"`
	// The time at which the Secret was created.
	CreateTime           pulumi.StringOutput    `pulumi:"createTime"`
	EffectiveAnnotations pulumi.StringMapOutput `pulumi:"effectiveAnnotations"`
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"`
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent
	// on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". Only one of 'expire_time' or 'ttl' can be
	// provided.
	ExpireTime pulumi.StringOutput `pulumi:"expireTime"`
	// The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to
	// the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given
	// resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3"
	// }. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please
	// refer to the field 'effective_labels' for all of the labels present on the resource.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// The resource name of the Secret. Format:
	// `projects/{{project}}/secrets/{{secret_id}}`
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"`
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationOutput `pulumi:"replication"`
	// The rotation time and period for a Secret. At 'next_rotation_time', Secret Manager will send a Pub/Sub notification to
	// the topics configured on the Secret. 'topics' must be set to configure rotation.
	Rotation SecretRotationPtrOutput `pulumi:"rotation"`
	// This must be unique within the project.
	SecretId pulumi.StringOutput `pulumi:"secretId"`
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret
	// or its versions.
	Topics SecretTopicArrayOutput `pulumi:"topics"`
	// The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	// Only one of 'ttl' or 'expire_time' can be provided.
	Ttl pulumi.StringPtrOutput `pulumi:"ttl"`
	// Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can
	// contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string
	// must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given
	// secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapOutput `pulumi:"versionAliases"`
	// Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret
	// with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to
	// a disabled state and the actual destruction happens after this TTL expires.
	VersionDestroyTtl pulumi.StringPtrOutput `pulumi:"versionDestroyTtl"`
}

A Secret is a logical secret whose value and versions can be accessed.

To get more information about Secret, see:

* [API documentation](https://cloud.google.com/secret-manager/docs/reference/rest/v1/projects.secrets)

## Example Usage

### Secret Config Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-east1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret With Annotations

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-with-annotations", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Annotations: pulumi.StringMap{
				"key1": pulumi.String("someval"),
				"key2": pulumi.String("someval2"),
				"key3": pulumi.String("someval3"),
				"key4": pulumi.String("someval4"),
				"key5": pulumi.String("someval5"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret With Version Destroy Ttl

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-with-version-destroy-ttl", &secretmanager.SecretArgs{
			SecretId:          pulumi.String("secret"),
			VersionDestroyTtl: pulumi.String("2592000s"),
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret With Automatic Cmek

```go package main

import (

"fmt"

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/kms"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
		if err != nil {
			return err
		}
		_, err = kms.NewCryptoKeyIAMMember(ctx, "kms-secret-binding", &kms.CryptoKeyIAMMemberArgs{
			CryptoKeyId: pulumi.String("kms-key"),
			Role:        pulumi.String("roles/cloudkms.cryptoKeyEncrypterDecrypter"),
			Member:      pulumi.Sprintf("serviceAccount:service-%v@gcp-sa-secretmanager.iam.gserviceaccount.com", project.Number),
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecret(ctx, "secret-with-automatic-cmek", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret"),
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{
					CustomerManagedEncryption: &secretmanager.SecretReplicationAutoCustomerManagedEncryptionArgs{
						KmsKeyName: pulumi.String("kms-key"),
					},
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			kms_secret_binding,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Secret can be imported using any of these accepted formats:

* `projects/{{project}}/secrets/{{secret_id}}`

* `{{project}}/{{secret_id}}`

* `{{secret_id}}`

When using the `pulumi import` command, Secret can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:secretmanager/secret:Secret default projects/{{project}}/secrets/{{secret_id}} ```

```sh $ pulumi import gcp:secretmanager/secret:Secret default {{project}}/{{secret_id}} ```

```sh $ pulumi import gcp:secretmanager/secret:Secret default {{secret_id}} ```

func GetSecret

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ElementType

func (*Secret) ElementType() reflect.Type

func (*Secret) ToSecretOutput

func (i *Secret) ToSecretOutput() SecretOutput

func (*Secret) ToSecretOutputWithContext

func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput

type SecretArgs

type SecretArgs struct {
	// Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63
	// characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]),
	// and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of
	// annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: {
	// "name": "wrench", "mass": "1.3kg", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
	// annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations
	// present on the resource.
	Annotations pulumi.StringMapInput
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent
	// on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". Only one of 'expire_time' or 'ttl' can be
	// provided.
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to
	// the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given
	// resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3"
	// }. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please
	// refer to the field 'effective_labels' for all of the labels present on the resource.
	Labels  pulumi.StringMapInput
	Project pulumi.StringPtrInput
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationInput
	// The rotation time and period for a Secret. At 'next_rotation_time', Secret Manager will send a Pub/Sub notification to
	// the topics configured on the Secret. 'topics' must be set to configure rotation.
	Rotation SecretRotationPtrInput
	// This must be unique within the project.
	SecretId pulumi.StringInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret
	// or its versions.
	Topics SecretTopicArrayInput
	// The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	// Only one of 'ttl' or 'expire_time' can be provided.
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can
	// contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string
	// must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given
	// secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
	// Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret
	// with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to
	// a disabled state and the actual destruction happens after this TTL expires.
	VersionDestroyTtl pulumi.StringPtrInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType

func (SecretArgs) ElementType() reflect.Type

type SecretArray

type SecretArray []SecretInput

func (SecretArray) ElementType

func (SecretArray) ElementType() reflect.Type

func (SecretArray) ToSecretArrayOutput

func (i SecretArray) ToSecretArrayOutput() SecretArrayOutput

func (SecretArray) ToSecretArrayOutputWithContext

func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretArrayInput

type SecretArrayInput interface {
	pulumi.Input

	ToSecretArrayOutput() SecretArrayOutput
	ToSecretArrayOutputWithContext(context.Context) SecretArrayOutput
}

SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. You can construct a concrete instance of `SecretArrayInput` via:

SecretArray{ SecretArgs{...} }

type SecretArrayOutput

type SecretArrayOutput struct{ *pulumi.OutputState }

func (SecretArrayOutput) ElementType

func (SecretArrayOutput) ElementType() reflect.Type

func (SecretArrayOutput) Index

func (SecretArrayOutput) ToSecretArrayOutput

func (o SecretArrayOutput) ToSecretArrayOutput() SecretArrayOutput

func (SecretArrayOutput) ToSecretArrayOutputWithContext

func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretIamBinding

type SecretIamBinding struct {
	pulumi.CustomResourceState

	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamBindingConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager Secret Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/secrets/{{secret_id}}

* {{project}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamBinding:SecretIamBinding editor projects/{{project}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamBinding

func GetSecretIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamBindingState, opts ...pulumi.ResourceOption) (*SecretIamBinding, error)

GetSecretIamBinding gets an existing SecretIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamBinding

func NewSecretIamBinding(ctx *pulumi.Context,
	name string, args *SecretIamBindingArgs, opts ...pulumi.ResourceOption) (*SecretIamBinding, error)

NewSecretIamBinding registers a new resource with the given unique name, arguments, and options.

func (*SecretIamBinding) ElementType

func (*SecretIamBinding) ElementType() reflect.Type

func (*SecretIamBinding) ToSecretIamBindingOutput

func (i *SecretIamBinding) ToSecretIamBindingOutput() SecretIamBindingOutput

func (*SecretIamBinding) ToSecretIamBindingOutputWithContext

func (i *SecretIamBinding) ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput

type SecretIamBindingArgs

type SecretIamBindingArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamBindingConditionPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamBinding resource.

func (SecretIamBindingArgs) ElementType

func (SecretIamBindingArgs) ElementType() reflect.Type

type SecretIamBindingArray

type SecretIamBindingArray []SecretIamBindingInput

func (SecretIamBindingArray) ElementType

func (SecretIamBindingArray) ElementType() reflect.Type

func (SecretIamBindingArray) ToSecretIamBindingArrayOutput

func (i SecretIamBindingArray) ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput

func (SecretIamBindingArray) ToSecretIamBindingArrayOutputWithContext

func (i SecretIamBindingArray) ToSecretIamBindingArrayOutputWithContext(ctx context.Context) SecretIamBindingArrayOutput

type SecretIamBindingArrayInput

type SecretIamBindingArrayInput interface {
	pulumi.Input

	ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput
	ToSecretIamBindingArrayOutputWithContext(context.Context) SecretIamBindingArrayOutput
}

SecretIamBindingArrayInput is an input type that accepts SecretIamBindingArray and SecretIamBindingArrayOutput values. You can construct a concrete instance of `SecretIamBindingArrayInput` via:

SecretIamBindingArray{ SecretIamBindingArgs{...} }

type SecretIamBindingArrayOutput

type SecretIamBindingArrayOutput struct{ *pulumi.OutputState }

func (SecretIamBindingArrayOutput) ElementType

func (SecretIamBindingArrayOutput) Index

func (SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutput

func (o SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutput() SecretIamBindingArrayOutput

func (SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutputWithContext

func (o SecretIamBindingArrayOutput) ToSecretIamBindingArrayOutputWithContext(ctx context.Context) SecretIamBindingArrayOutput

type SecretIamBindingCondition

type SecretIamBindingCondition struct {
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type SecretIamBindingConditionArgs

type SecretIamBindingConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (SecretIamBindingConditionArgs) ElementType

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutput

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutputWithContext

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionOutputWithContext(ctx context.Context) SecretIamBindingConditionOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutput

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutputWithContext

func (i SecretIamBindingConditionArgs) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionInput

type SecretIamBindingConditionInput interface {
	pulumi.Input

	ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput
	ToSecretIamBindingConditionOutputWithContext(context.Context) SecretIamBindingConditionOutput
}

SecretIamBindingConditionInput is an input type that accepts SecretIamBindingConditionArgs and SecretIamBindingConditionOutput values. You can construct a concrete instance of `SecretIamBindingConditionInput` via:

SecretIamBindingConditionArgs{...}

type SecretIamBindingConditionOutput

type SecretIamBindingConditionOutput struct{ *pulumi.OutputState }

func (SecretIamBindingConditionOutput) Description

func (SecretIamBindingConditionOutput) ElementType

func (SecretIamBindingConditionOutput) Expression

Textual representation of an expression in Common Expression Language syntax.

func (SecretIamBindingConditionOutput) Title

A title for the expression, i.e. a short string describing its purpose.

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutput

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutput() SecretIamBindingConditionOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutputWithContext

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionOutputWithContext(ctx context.Context) SecretIamBindingConditionOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutput

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutputWithContext

func (o SecretIamBindingConditionOutput) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionPtrInput

type SecretIamBindingConditionPtrInput interface {
	pulumi.Input

	ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput
	ToSecretIamBindingConditionPtrOutputWithContext(context.Context) SecretIamBindingConditionPtrOutput
}

SecretIamBindingConditionPtrInput is an input type that accepts SecretIamBindingConditionArgs, SecretIamBindingConditionPtr and SecretIamBindingConditionPtrOutput values. You can construct a concrete instance of `SecretIamBindingConditionPtrInput` via:

        SecretIamBindingConditionArgs{...}

or:

        nil

type SecretIamBindingConditionPtrOutput

type SecretIamBindingConditionPtrOutput struct{ *pulumi.OutputState }

func (SecretIamBindingConditionPtrOutput) Description

func (SecretIamBindingConditionPtrOutput) Elem

func (SecretIamBindingConditionPtrOutput) ElementType

func (SecretIamBindingConditionPtrOutput) Expression

Textual representation of an expression in Common Expression Language syntax.

func (SecretIamBindingConditionPtrOutput) Title

A title for the expression, i.e. a short string describing its purpose.

func (SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutput

func (o SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutput() SecretIamBindingConditionPtrOutput

func (SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutputWithContext

func (o SecretIamBindingConditionPtrOutput) ToSecretIamBindingConditionPtrOutputWithContext(ctx context.Context) SecretIamBindingConditionPtrOutput

type SecretIamBindingInput

type SecretIamBindingInput interface {
	pulumi.Input

	ToSecretIamBindingOutput() SecretIamBindingOutput
	ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput
}

type SecretIamBindingMap

type SecretIamBindingMap map[string]SecretIamBindingInput

func (SecretIamBindingMap) ElementType

func (SecretIamBindingMap) ElementType() reflect.Type

func (SecretIamBindingMap) ToSecretIamBindingMapOutput

func (i SecretIamBindingMap) ToSecretIamBindingMapOutput() SecretIamBindingMapOutput

func (SecretIamBindingMap) ToSecretIamBindingMapOutputWithContext

func (i SecretIamBindingMap) ToSecretIamBindingMapOutputWithContext(ctx context.Context) SecretIamBindingMapOutput

type SecretIamBindingMapInput

type SecretIamBindingMapInput interface {
	pulumi.Input

	ToSecretIamBindingMapOutput() SecretIamBindingMapOutput
	ToSecretIamBindingMapOutputWithContext(context.Context) SecretIamBindingMapOutput
}

SecretIamBindingMapInput is an input type that accepts SecretIamBindingMap and SecretIamBindingMapOutput values. You can construct a concrete instance of `SecretIamBindingMapInput` via:

SecretIamBindingMap{ "key": SecretIamBindingArgs{...} }

type SecretIamBindingMapOutput

type SecretIamBindingMapOutput struct{ *pulumi.OutputState }

func (SecretIamBindingMapOutput) ElementType

func (SecretIamBindingMapOutput) ElementType() reflect.Type

func (SecretIamBindingMapOutput) MapIndex

func (SecretIamBindingMapOutput) ToSecretIamBindingMapOutput

func (o SecretIamBindingMapOutput) ToSecretIamBindingMapOutput() SecretIamBindingMapOutput

func (SecretIamBindingMapOutput) ToSecretIamBindingMapOutputWithContext

func (o SecretIamBindingMapOutput) ToSecretIamBindingMapOutputWithContext(ctx context.Context) SecretIamBindingMapOutput

type SecretIamBindingOutput

type SecretIamBindingOutput struct{ *pulumi.OutputState }

func (SecretIamBindingOutput) Condition

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (SecretIamBindingOutput) ElementType

func (SecretIamBindingOutput) ElementType() reflect.Type

func (SecretIamBindingOutput) Etag

(Computed) The etag of the IAM policy.

func (SecretIamBindingOutput) Members

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (SecretIamBindingOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (SecretIamBindingOutput) Role

The role that should be applied. Only one `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (SecretIamBindingOutput) SecretId

func (SecretIamBindingOutput) ToSecretIamBindingOutput

func (o SecretIamBindingOutput) ToSecretIamBindingOutput() SecretIamBindingOutput

func (SecretIamBindingOutput) ToSecretIamBindingOutputWithContext

func (o SecretIamBindingOutput) ToSecretIamBindingOutputWithContext(ctx context.Context) SecretIamBindingOutput

type SecretIamBindingState

type SecretIamBindingState struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamBindingConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Members pulumi.StringArrayInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamBindingState) ElementType

func (SecretIamBindingState) ElementType() reflect.Type

type SecretIamMember

type SecretIamMember struct {
	pulumi.CustomResourceState

	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamMemberConditionPtrOutput `pulumi:"condition"`
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringOutput `pulumi:"member"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringOutput `pulumi:"project"`
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringOutput `pulumi:"role"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager Secret Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/secrets/{{secret_id}}

* {{project}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamMember:SecretIamMember editor projects/{{project}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamMember

func GetSecretIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamMemberState, opts ...pulumi.ResourceOption) (*SecretIamMember, error)

GetSecretIamMember gets an existing SecretIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamMember

func NewSecretIamMember(ctx *pulumi.Context,
	name string, args *SecretIamMemberArgs, opts ...pulumi.ResourceOption) (*SecretIamMember, error)

NewSecretIamMember registers a new resource with the given unique name, arguments, and options.

func (*SecretIamMember) ElementType

func (*SecretIamMember) ElementType() reflect.Type

func (*SecretIamMember) ToSecretIamMemberOutput

func (i *SecretIamMember) ToSecretIamMemberOutput() SecretIamMemberOutput

func (*SecretIamMember) ToSecretIamMemberOutputWithContext

func (i *SecretIamMember) ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput

type SecretIamMemberArgs

type SecretIamMemberArgs struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamMemberConditionPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamMember resource.

func (SecretIamMemberArgs) ElementType

func (SecretIamMemberArgs) ElementType() reflect.Type

type SecretIamMemberArray

type SecretIamMemberArray []SecretIamMemberInput

func (SecretIamMemberArray) ElementType

func (SecretIamMemberArray) ElementType() reflect.Type

func (SecretIamMemberArray) ToSecretIamMemberArrayOutput

func (i SecretIamMemberArray) ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput

func (SecretIamMemberArray) ToSecretIamMemberArrayOutputWithContext

func (i SecretIamMemberArray) ToSecretIamMemberArrayOutputWithContext(ctx context.Context) SecretIamMemberArrayOutput

type SecretIamMemberArrayInput

type SecretIamMemberArrayInput interface {
	pulumi.Input

	ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput
	ToSecretIamMemberArrayOutputWithContext(context.Context) SecretIamMemberArrayOutput
}

SecretIamMemberArrayInput is an input type that accepts SecretIamMemberArray and SecretIamMemberArrayOutput values. You can construct a concrete instance of `SecretIamMemberArrayInput` via:

SecretIamMemberArray{ SecretIamMemberArgs{...} }

type SecretIamMemberArrayOutput

type SecretIamMemberArrayOutput struct{ *pulumi.OutputState }

func (SecretIamMemberArrayOutput) ElementType

func (SecretIamMemberArrayOutput) ElementType() reflect.Type

func (SecretIamMemberArrayOutput) Index

func (SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutput

func (o SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutput() SecretIamMemberArrayOutput

func (SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutputWithContext

func (o SecretIamMemberArrayOutput) ToSecretIamMemberArrayOutputWithContext(ctx context.Context) SecretIamMemberArrayOutput

type SecretIamMemberCondition

type SecretIamMemberCondition struct {
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title string `pulumi:"title"`
}

type SecretIamMemberConditionArgs

type SecretIamMemberConditionArgs struct {
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringInput `pulumi:"expression"`
	// A title for the expression, i.e. a short string describing its purpose.
	Title pulumi.StringInput `pulumi:"title"`
}

func (SecretIamMemberConditionArgs) ElementType

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutput

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutputWithContext

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionOutputWithContext(ctx context.Context) SecretIamMemberConditionOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutput

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutputWithContext

func (i SecretIamMemberConditionArgs) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionInput

type SecretIamMemberConditionInput interface {
	pulumi.Input

	ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput
	ToSecretIamMemberConditionOutputWithContext(context.Context) SecretIamMemberConditionOutput
}

SecretIamMemberConditionInput is an input type that accepts SecretIamMemberConditionArgs and SecretIamMemberConditionOutput values. You can construct a concrete instance of `SecretIamMemberConditionInput` via:

SecretIamMemberConditionArgs{...}

type SecretIamMemberConditionOutput

type SecretIamMemberConditionOutput struct{ *pulumi.OutputState }

func (SecretIamMemberConditionOutput) Description

func (SecretIamMemberConditionOutput) ElementType

func (SecretIamMemberConditionOutput) Expression

Textual representation of an expression in Common Expression Language syntax.

func (SecretIamMemberConditionOutput) Title

A title for the expression, i.e. a short string describing its purpose.

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutput

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutput() SecretIamMemberConditionOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutputWithContext

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionOutputWithContext(ctx context.Context) SecretIamMemberConditionOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutput

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutputWithContext

func (o SecretIamMemberConditionOutput) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionPtrInput

type SecretIamMemberConditionPtrInput interface {
	pulumi.Input

	ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput
	ToSecretIamMemberConditionPtrOutputWithContext(context.Context) SecretIamMemberConditionPtrOutput
}

SecretIamMemberConditionPtrInput is an input type that accepts SecretIamMemberConditionArgs, SecretIamMemberConditionPtr and SecretIamMemberConditionPtrOutput values. You can construct a concrete instance of `SecretIamMemberConditionPtrInput` via:

        SecretIamMemberConditionArgs{...}

or:

        nil

type SecretIamMemberConditionPtrOutput

type SecretIamMemberConditionPtrOutput struct{ *pulumi.OutputState }

func (SecretIamMemberConditionPtrOutput) Description

func (SecretIamMemberConditionPtrOutput) Elem

func (SecretIamMemberConditionPtrOutput) ElementType

func (SecretIamMemberConditionPtrOutput) Expression

Textual representation of an expression in Common Expression Language syntax.

func (SecretIamMemberConditionPtrOutput) Title

A title for the expression, i.e. a short string describing its purpose.

func (SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutput

func (o SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutput() SecretIamMemberConditionPtrOutput

func (SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutputWithContext

func (o SecretIamMemberConditionPtrOutput) ToSecretIamMemberConditionPtrOutputWithContext(ctx context.Context) SecretIamMemberConditionPtrOutput

type SecretIamMemberInput

type SecretIamMemberInput interface {
	pulumi.Input

	ToSecretIamMemberOutput() SecretIamMemberOutput
	ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput
}

type SecretIamMemberMap

type SecretIamMemberMap map[string]SecretIamMemberInput

func (SecretIamMemberMap) ElementType

func (SecretIamMemberMap) ElementType() reflect.Type

func (SecretIamMemberMap) ToSecretIamMemberMapOutput

func (i SecretIamMemberMap) ToSecretIamMemberMapOutput() SecretIamMemberMapOutput

func (SecretIamMemberMap) ToSecretIamMemberMapOutputWithContext

func (i SecretIamMemberMap) ToSecretIamMemberMapOutputWithContext(ctx context.Context) SecretIamMemberMapOutput

type SecretIamMemberMapInput

type SecretIamMemberMapInput interface {
	pulumi.Input

	ToSecretIamMemberMapOutput() SecretIamMemberMapOutput
	ToSecretIamMemberMapOutputWithContext(context.Context) SecretIamMemberMapOutput
}

SecretIamMemberMapInput is an input type that accepts SecretIamMemberMap and SecretIamMemberMapOutput values. You can construct a concrete instance of `SecretIamMemberMapInput` via:

SecretIamMemberMap{ "key": SecretIamMemberArgs{...} }

type SecretIamMemberMapOutput

type SecretIamMemberMapOutput struct{ *pulumi.OutputState }

func (SecretIamMemberMapOutput) ElementType

func (SecretIamMemberMapOutput) ElementType() reflect.Type

func (SecretIamMemberMapOutput) MapIndex

func (SecretIamMemberMapOutput) ToSecretIamMemberMapOutput

func (o SecretIamMemberMapOutput) ToSecretIamMemberMapOutput() SecretIamMemberMapOutput

func (SecretIamMemberMapOutput) ToSecretIamMemberMapOutputWithContext

func (o SecretIamMemberMapOutput) ToSecretIamMemberMapOutputWithContext(ctx context.Context) SecretIamMemberMapOutput

type SecretIamMemberOutput

type SecretIamMemberOutput struct{ *pulumi.OutputState }

func (SecretIamMemberOutput) Condition

An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding. Structure is documented below.

func (SecretIamMemberOutput) ElementType

func (SecretIamMemberOutput) ElementType() reflect.Type

func (SecretIamMemberOutput) Etag

(Computed) The etag of the IAM policy.

func (SecretIamMemberOutput) Member

Identities that will be granted the privilege in `role`. Each entry can have one of the following values: * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"

func (SecretIamMemberOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (SecretIamMemberOutput) Role

The role that should be applied. Only one `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format `[projects|organizations]/{parent-name}/roles/{role-name}`.

func (SecretIamMemberOutput) SecretId

func (SecretIamMemberOutput) ToSecretIamMemberOutput

func (o SecretIamMemberOutput) ToSecretIamMemberOutput() SecretIamMemberOutput

func (SecretIamMemberOutput) ToSecretIamMemberOutputWithContext

func (o SecretIamMemberOutput) ToSecretIamMemberOutputWithContext(ctx context.Context) SecretIamMemberOutput

type SecretIamMemberState

type SecretIamMemberState struct {
	// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
	// Structure is documented below.
	Condition SecretIamMemberConditionPtrInput
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// Identities that will be granted the privilege in `role`.
	// Each entry can have one of the following values:
	// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.
	// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.
	// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.
	// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project"
	// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project"
	// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project"
	Member pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project pulumi.StringPtrInput
	// The role that should be applied. Only one
	// `secretmanager.SecretIamBinding` can be used per role. Note that custom roles must be of the format
	// `[projects|organizations]/{parent-name}/roles/{role-name}`.
	Role     pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamMemberState) ElementType

func (SecretIamMemberState) ElementType() reflect.Type

type SecretIamPolicy

type SecretIamPolicy struct {
	pulumi.CustomResourceState

	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringOutput `pulumi:"policyData"`
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringOutput `pulumi:"project"`
	SecretId pulumi.StringOutput `pulumi:"secretId"`
}

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## This resource supports User Project Overrides.

-

# IAM policy for Secret Manager Secret Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

* `secretmanager.SecretIamPolicy`: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached. * `secretmanager.SecretIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved. * `secretmanager.SecretIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

A data source can be used to retrieve policy data in advent you do not need creation

* `secretmanager.SecretIamPolicy`: Retrieves the IAM policy for the secret

> **Note:** `secretmanager.SecretIamPolicy` **cannot** be used in conjunction with `secretmanager.SecretIamBinding` and `secretmanager.SecretIamMember` or they will fight over what your policy should be.

> **Note:** `secretmanager.SecretIamBinding` resources **can be** used in conjunction with `secretmanager.SecretIamMember` resources **only if** they do not grant privilege to the same role.

> **Note:** This resource supports IAM Conditions but they have some known limitations which can be found [here](https://cloud.google.com/iam/docs/conditions-overview#limitations). Please review this article if you are having issues with IAM Conditions.

## secretmanager.SecretIamPolicy

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"user:jane@example.com",
					},
					Condition: {
						Title:       "expires_after_2019_12_31",
						Description: pulumi.StringRef("Expiring at midnight of 2019-12-31"),
						Expression:  "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			Project:    pulumi.Any(secret_basic.Project),
			SecretId:   pulumi.Any(secret_basic.SecretId),
			PolicyData: pulumi.String(admin.PolicyData),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamBinding

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamBinding(ctx, "binding", &secretmanager.SecretIamBindingArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Members: pulumi.StringArray{
				pulumi.String("user:jane@example.com"),
			},
			Condition: &secretmanager.SecretIamBindingConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ## secretmanager.SecretIamMember

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

With IAM Conditions:

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecretIamMember(ctx, "member", &secretmanager.SecretIamMemberArgs{
			Project:  pulumi.Any(secret_basic.Project),
			SecretId: pulumi.Any(secret_basic.SecretId),
			Role:     pulumi.String("roles/secretmanager.secretAccessor"),
			Member:   pulumi.String("user:jane@example.com"),
			Condition: &secretmanager.SecretIamMemberConditionArgs{
				Title:       pulumi.String("expires_after_2019_12_31"),
				Description: pulumi.String("Expiring at midnight of 2019-12-31"),
				Expression:  pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

For all import syntaxes, the "resource in question" can take any of the following forms:

* projects/{{project}}/secrets/{{secret_id}}

* {{project}}/{{secret_id}}

* {{secret_id}}

Any variables not passed in the import command will be taken from the provider configuration.

Secret Manager secret IAM resources can be imported using the resource identifiers, role, and member.

IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor user:jane@example.com" ```

IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor "projects/{{project}}/secrets/{{secret_id}} roles/secretmanager.secretAccessor" ```

IAM policy imports use the identifier of the resource in question, e.g.

```sh $ pulumi import gcp:secretmanager/secretIamPolicy:SecretIamPolicy editor projects/{{project}}/secrets/{{secret_id}} ```

-> **Custom Roles** If you're importing a IAM resource with a custom role, make sure to use the

full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.

func GetSecretIamPolicy

func GetSecretIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretIamPolicyState, opts ...pulumi.ResourceOption) (*SecretIamPolicy, error)

GetSecretIamPolicy gets an existing SecretIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretIamPolicy

func NewSecretIamPolicy(ctx *pulumi.Context,
	name string, args *SecretIamPolicyArgs, opts ...pulumi.ResourceOption) (*SecretIamPolicy, error)

NewSecretIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*SecretIamPolicy) ElementType

func (*SecretIamPolicy) ElementType() reflect.Type

func (*SecretIamPolicy) ToSecretIamPolicyOutput

func (i *SecretIamPolicy) ToSecretIamPolicyOutput() SecretIamPolicyOutput

func (*SecretIamPolicy) ToSecretIamPolicyOutputWithContext

func (i *SecretIamPolicy) ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput

type SecretIamPolicyArgs

type SecretIamPolicyArgs struct {
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringInput
}

The set of arguments for constructing a SecretIamPolicy resource.

func (SecretIamPolicyArgs) ElementType

func (SecretIamPolicyArgs) ElementType() reflect.Type

type SecretIamPolicyArray

type SecretIamPolicyArray []SecretIamPolicyInput

func (SecretIamPolicyArray) ElementType

func (SecretIamPolicyArray) ElementType() reflect.Type

func (SecretIamPolicyArray) ToSecretIamPolicyArrayOutput

func (i SecretIamPolicyArray) ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput

func (SecretIamPolicyArray) ToSecretIamPolicyArrayOutputWithContext

func (i SecretIamPolicyArray) ToSecretIamPolicyArrayOutputWithContext(ctx context.Context) SecretIamPolicyArrayOutput

type SecretIamPolicyArrayInput

type SecretIamPolicyArrayInput interface {
	pulumi.Input

	ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput
	ToSecretIamPolicyArrayOutputWithContext(context.Context) SecretIamPolicyArrayOutput
}

SecretIamPolicyArrayInput is an input type that accepts SecretIamPolicyArray and SecretIamPolicyArrayOutput values. You can construct a concrete instance of `SecretIamPolicyArrayInput` via:

SecretIamPolicyArray{ SecretIamPolicyArgs{...} }

type SecretIamPolicyArrayOutput

type SecretIamPolicyArrayOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyArrayOutput) ElementType

func (SecretIamPolicyArrayOutput) ElementType() reflect.Type

func (SecretIamPolicyArrayOutput) Index

func (SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutput

func (o SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutput() SecretIamPolicyArrayOutput

func (SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutputWithContext

func (o SecretIamPolicyArrayOutput) ToSecretIamPolicyArrayOutputWithContext(ctx context.Context) SecretIamPolicyArrayOutput

type SecretIamPolicyInput

type SecretIamPolicyInput interface {
	pulumi.Input

	ToSecretIamPolicyOutput() SecretIamPolicyOutput
	ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput
}

type SecretIamPolicyMap

type SecretIamPolicyMap map[string]SecretIamPolicyInput

func (SecretIamPolicyMap) ElementType

func (SecretIamPolicyMap) ElementType() reflect.Type

func (SecretIamPolicyMap) ToSecretIamPolicyMapOutput

func (i SecretIamPolicyMap) ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput

func (SecretIamPolicyMap) ToSecretIamPolicyMapOutputWithContext

func (i SecretIamPolicyMap) ToSecretIamPolicyMapOutputWithContext(ctx context.Context) SecretIamPolicyMapOutput

type SecretIamPolicyMapInput

type SecretIamPolicyMapInput interface {
	pulumi.Input

	ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput
	ToSecretIamPolicyMapOutputWithContext(context.Context) SecretIamPolicyMapOutput
}

SecretIamPolicyMapInput is an input type that accepts SecretIamPolicyMap and SecretIamPolicyMapOutput values. You can construct a concrete instance of `SecretIamPolicyMapInput` via:

SecretIamPolicyMap{ "key": SecretIamPolicyArgs{...} }

type SecretIamPolicyMapOutput

type SecretIamPolicyMapOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyMapOutput) ElementType

func (SecretIamPolicyMapOutput) ElementType() reflect.Type

func (SecretIamPolicyMapOutput) MapIndex

func (SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutput

func (o SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutput() SecretIamPolicyMapOutput

func (SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutputWithContext

func (o SecretIamPolicyMapOutput) ToSecretIamPolicyMapOutputWithContext(ctx context.Context) SecretIamPolicyMapOutput

type SecretIamPolicyOutput

type SecretIamPolicyOutput struct{ *pulumi.OutputState }

func (SecretIamPolicyOutput) ElementType

func (SecretIamPolicyOutput) ElementType() reflect.Type

func (SecretIamPolicyOutput) Etag

(Computed) The etag of the IAM policy.

func (SecretIamPolicyOutput) PolicyData

func (o SecretIamPolicyOutput) PolicyData() pulumi.StringOutput

The policy data generated by a `organizations.getIAMPolicy` data source.

func (SecretIamPolicyOutput) Project

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

func (SecretIamPolicyOutput) SecretId

func (SecretIamPolicyOutput) ToSecretIamPolicyOutput

func (o SecretIamPolicyOutput) ToSecretIamPolicyOutput() SecretIamPolicyOutput

func (SecretIamPolicyOutput) ToSecretIamPolicyOutputWithContext

func (o SecretIamPolicyOutput) ToSecretIamPolicyOutputWithContext(ctx context.Context) SecretIamPolicyOutput

type SecretIamPolicyState

type SecretIamPolicyState struct {
	// (Computed) The etag of the IAM policy.
	Etag pulumi.StringPtrInput
	// The policy data generated by
	// a `organizations.getIAMPolicy` data source.
	PolicyData pulumi.StringPtrInput
	// The ID of the project in which the resource belongs.
	// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.
	Project  pulumi.StringPtrInput
	SecretId pulumi.StringPtrInput
}

func (SecretIamPolicyState) ElementType

func (SecretIamPolicyState) ElementType() reflect.Type

type SecretInput

type SecretInput interface {
	pulumi.Input

	ToSecretOutput() SecretOutput
	ToSecretOutputWithContext(ctx context.Context) SecretOutput
}

type SecretMap

type SecretMap map[string]SecretInput

func (SecretMap) ElementType

func (SecretMap) ElementType() reflect.Type

func (SecretMap) ToSecretMapOutput

func (i SecretMap) ToSecretMapOutput() SecretMapOutput

func (SecretMap) ToSecretMapOutputWithContext

func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretMapInput

type SecretMapInput interface {
	pulumi.Input

	ToSecretMapOutput() SecretMapOutput
	ToSecretMapOutputWithContext(context.Context) SecretMapOutput
}

SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. You can construct a concrete instance of `SecretMapInput` via:

SecretMap{ "key": SecretArgs{...} }

type SecretMapOutput

type SecretMapOutput struct{ *pulumi.OutputState }

func (SecretMapOutput) ElementType

func (SecretMapOutput) ElementType() reflect.Type

func (SecretMapOutput) MapIndex

func (SecretMapOutput) ToSecretMapOutput

func (o SecretMapOutput) ToSecretMapOutput() SecretMapOutput

func (SecretMapOutput) ToSecretMapOutputWithContext

func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretOutput

type SecretOutput struct{ *pulumi.OutputState }

func (SecretOutput) Annotations

func (o SecretOutput) Annotations() pulumi.StringMapOutput

Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations present on the resource.

func (SecretOutput) CreateTime

func (o SecretOutput) CreateTime() pulumi.StringOutput

The time at which the Secret was created.

func (SecretOutput) EffectiveAnnotations

func (o SecretOutput) EffectiveAnnotations() pulumi.StringMapOutput

func (SecretOutput) EffectiveLabels

func (o SecretOutput) EffectiveLabels() pulumi.StringMapOutput

All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.

func (SecretOutput) ElementType

func (SecretOutput) ElementType() reflect.Type

func (SecretOutput) ExpireTime

func (o SecretOutput) ExpireTime() pulumi.StringOutput

Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". Only one of 'expire_time' or 'ttl' can be provided.

func (SecretOutput) Labels

func (o SecretOutput) Labels() pulumi.StringMapOutput

The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.

func (SecretOutput) Name

func (o SecretOutput) Name() pulumi.StringOutput

The resource name of the Secret. Format: `projects/{{project}}/secrets/{{secret_id}}`

func (SecretOutput) Project

func (o SecretOutput) Project() pulumi.StringOutput

func (SecretOutput) PulumiLabels

func (o SecretOutput) PulumiLabels() pulumi.StringMapOutput

The combination of labels configured directly on the resource and default labels configured on the provider.

func (SecretOutput) Replication

func (o SecretOutput) Replication() SecretReplicationOutput

The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. Structure is documented below.

func (SecretOutput) Rotation

The rotation time and period for a Secret. At 'next_rotation_time', Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. 'topics' must be set to configure rotation.

func (SecretOutput) SecretId

func (o SecretOutput) SecretId() pulumi.StringOutput

This must be unique within the project.

func (SecretOutput) ToSecretOutput

func (o SecretOutput) ToSecretOutput() SecretOutput

func (SecretOutput) ToSecretOutputWithContext

func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutput

func (SecretOutput) Topics

A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.

func (SecretOutput) Ttl

The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.

func (SecretOutput) VersionAliases

func (o SecretOutput) VersionAliases() pulumi.StringMapOutput

Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

func (SecretOutput) VersionDestroyTtl

func (o SecretOutput) VersionDestroyTtl() pulumi.StringPtrOutput

Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and the actual destruction happens after this TTL expires.

type SecretReplication

type SecretReplication struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Auto *SecretReplicationAuto `pulumi:"auto"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManaged *SecretReplicationUserManaged `pulumi:"userManaged"`
}

type SecretReplicationArgs

type SecretReplicationArgs struct {
	// The Secret will automatically be replicated without any restrictions.
	// Structure is documented below.
	Auto SecretReplicationAutoPtrInput `pulumi:"auto"`
	// The Secret will be replicated to the regions specified by the user.
	// Structure is documented below.
	UserManaged SecretReplicationUserManagedPtrInput `pulumi:"userManaged"`
}

func (SecretReplicationArgs) ElementType

func (SecretReplicationArgs) ElementType() reflect.Type

func (SecretReplicationArgs) ToSecretReplicationOutput

func (i SecretReplicationArgs) ToSecretReplicationOutput() SecretReplicationOutput

func (SecretReplicationArgs) ToSecretReplicationOutputWithContext

func (i SecretReplicationArgs) ToSecretReplicationOutputWithContext(ctx context.Context) SecretReplicationOutput

func (SecretReplicationArgs) ToSecretReplicationPtrOutput

func (i SecretReplicationArgs) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationArgs) ToSecretReplicationPtrOutputWithContext

func (i SecretReplicationArgs) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

type SecretReplicationAuto

type SecretReplicationAuto struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	// Structure is documented below.
	CustomerManagedEncryption *SecretReplicationAutoCustomerManagedEncryption `pulumi:"customerManagedEncryption"`
}

type SecretReplicationAutoArgs

type SecretReplicationAutoArgs struct {
	// The customer-managed encryption configuration of the Secret.
	// If no configuration is provided, Google-managed default
	// encryption is used.
	// Structure is documented below.
	CustomerManagedEncryption SecretReplicationAutoCustomerManagedEncryptionPtrInput `pulumi:"customerManagedEncryption"`
}

func (SecretReplicationAutoArgs) ElementType

func (SecretReplicationAutoArgs) ElementType() reflect.Type

func (SecretReplicationAutoArgs) ToSecretReplicationAutoOutput

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoOutput() SecretReplicationAutoOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoOutputWithContext

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoOutputWithContext(ctx context.Context) SecretReplicationAutoOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutput

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutputWithContext

func (i SecretReplicationAutoArgs) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationAutoCustomerManagedEncryption

type SecretReplicationAutoCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type SecretReplicationAutoCustomerManagedEncryptionArgs

type SecretReplicationAutoCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ElementType

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutput

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutput() SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext

func (i SecretReplicationAutoCustomerManagedEncryptionArgs) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoCustomerManagedEncryptionInput

type SecretReplicationAutoCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToSecretReplicationAutoCustomerManagedEncryptionOutput() SecretReplicationAutoCustomerManagedEncryptionOutput
	ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput
}

SecretReplicationAutoCustomerManagedEncryptionInput is an input type that accepts SecretReplicationAutoCustomerManagedEncryptionArgs and SecretReplicationAutoCustomerManagedEncryptionOutput values. You can construct a concrete instance of `SecretReplicationAutoCustomerManagedEncryptionInput` via:

SecretReplicationAutoCustomerManagedEncryptionArgs{...}

type SecretReplicationAutoCustomerManagedEncryptionOutput

type SecretReplicationAutoCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ElementType

func (SecretReplicationAutoCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionOutput

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationAutoCustomerManagedEncryptionOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoCustomerManagedEncryptionPtrInput

type SecretReplicationAutoCustomerManagedEncryptionPtrInput interface {
	pulumi.Input

	ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput() SecretReplicationAutoCustomerManagedEncryptionPtrOutput
	ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput
}

SecretReplicationAutoCustomerManagedEncryptionPtrInput is an input type that accepts SecretReplicationAutoCustomerManagedEncryptionArgs, SecretReplicationAutoCustomerManagedEncryptionPtr and SecretReplicationAutoCustomerManagedEncryptionPtrOutput values. You can construct a concrete instance of `SecretReplicationAutoCustomerManagedEncryptionPtrInput` via:

        SecretReplicationAutoCustomerManagedEncryptionArgs{...}

or:

        nil

type SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoCustomerManagedEncryptionPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) Elem

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ElementType

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutput

func (SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationAutoCustomerManagedEncryptionPtrOutput) ToSecretReplicationAutoCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationAutoCustomerManagedEncryptionPtrOutput

type SecretReplicationAutoInput

type SecretReplicationAutoInput interface {
	pulumi.Input

	ToSecretReplicationAutoOutput() SecretReplicationAutoOutput
	ToSecretReplicationAutoOutputWithContext(context.Context) SecretReplicationAutoOutput
}

SecretReplicationAutoInput is an input type that accepts SecretReplicationAutoArgs and SecretReplicationAutoOutput values. You can construct a concrete instance of `SecretReplicationAutoInput` via:

SecretReplicationAutoArgs{...}

type SecretReplicationAutoOutput

type SecretReplicationAutoOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoOutput) CustomerManagedEncryption

The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Structure is documented below.

func (SecretReplicationAutoOutput) ElementType

func (SecretReplicationAutoOutput) ToSecretReplicationAutoOutput

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoOutput() SecretReplicationAutoOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoOutputWithContext

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoOutputWithContext(ctx context.Context) SecretReplicationAutoOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutput

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutputWithContext

func (o SecretReplicationAutoOutput) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationAutoPtrInput

type SecretReplicationAutoPtrInput interface {
	pulumi.Input

	ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput
	ToSecretReplicationAutoPtrOutputWithContext(context.Context) SecretReplicationAutoPtrOutput
}

SecretReplicationAutoPtrInput is an input type that accepts SecretReplicationAutoArgs, SecretReplicationAutoPtr and SecretReplicationAutoPtrOutput values. You can construct a concrete instance of `SecretReplicationAutoPtrInput` via:

        SecretReplicationAutoArgs{...}

or:

        nil

type SecretReplicationAutoPtrOutput

type SecretReplicationAutoPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationAutoPtrOutput) CustomerManagedEncryption

The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Structure is documented below.

func (SecretReplicationAutoPtrOutput) Elem

func (SecretReplicationAutoPtrOutput) ElementType

func (SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutput

func (o SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutput() SecretReplicationAutoPtrOutput

func (SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutputWithContext

func (o SecretReplicationAutoPtrOutput) ToSecretReplicationAutoPtrOutputWithContext(ctx context.Context) SecretReplicationAutoPtrOutput

type SecretReplicationInput

type SecretReplicationInput interface {
	pulumi.Input

	ToSecretReplicationOutput() SecretReplicationOutput
	ToSecretReplicationOutputWithContext(context.Context) SecretReplicationOutput
}

SecretReplicationInput is an input type that accepts SecretReplicationArgs and SecretReplicationOutput values. You can construct a concrete instance of `SecretReplicationInput` via:

SecretReplicationArgs{...}

type SecretReplicationOutput

type SecretReplicationOutput struct{ *pulumi.OutputState }

func (SecretReplicationOutput) Auto

The Secret will automatically be replicated without any restrictions. Structure is documented below.

func (SecretReplicationOutput) ElementType

func (SecretReplicationOutput) ElementType() reflect.Type

func (SecretReplicationOutput) ToSecretReplicationOutput

func (o SecretReplicationOutput) ToSecretReplicationOutput() SecretReplicationOutput

func (SecretReplicationOutput) ToSecretReplicationOutputWithContext

func (o SecretReplicationOutput) ToSecretReplicationOutputWithContext(ctx context.Context) SecretReplicationOutput

func (SecretReplicationOutput) ToSecretReplicationPtrOutput

func (o SecretReplicationOutput) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationOutput) ToSecretReplicationPtrOutputWithContext

func (o SecretReplicationOutput) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

func (SecretReplicationOutput) UserManaged

The Secret will be replicated to the regions specified by the user. Structure is documented below.

type SecretReplicationPtrInput

type SecretReplicationPtrInput interface {
	pulumi.Input

	ToSecretReplicationPtrOutput() SecretReplicationPtrOutput
	ToSecretReplicationPtrOutputWithContext(context.Context) SecretReplicationPtrOutput
}

SecretReplicationPtrInput is an input type that accepts SecretReplicationArgs, SecretReplicationPtr and SecretReplicationPtrOutput values. You can construct a concrete instance of `SecretReplicationPtrInput` via:

        SecretReplicationArgs{...}

or:

        nil

type SecretReplicationPtrOutput

type SecretReplicationPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationPtrOutput) Auto

The Secret will automatically be replicated without any restrictions. Structure is documented below.

func (SecretReplicationPtrOutput) Elem

func (SecretReplicationPtrOutput) ElementType

func (SecretReplicationPtrOutput) ElementType() reflect.Type

func (SecretReplicationPtrOutput) ToSecretReplicationPtrOutput

func (o SecretReplicationPtrOutput) ToSecretReplicationPtrOutput() SecretReplicationPtrOutput

func (SecretReplicationPtrOutput) ToSecretReplicationPtrOutputWithContext

func (o SecretReplicationPtrOutput) ToSecretReplicationPtrOutputWithContext(ctx context.Context) SecretReplicationPtrOutput

func (SecretReplicationPtrOutput) UserManaged

The Secret will be replicated to the regions specified by the user. Structure is documented below.

type SecretReplicationUserManaged

type SecretReplicationUserManaged struct {
	// The list of Replicas for this Secret. Cannot be empty.
	// Structure is documented below.
	Replicas []SecretReplicationUserManagedReplica `pulumi:"replicas"`
}

type SecretReplicationUserManagedArgs

type SecretReplicationUserManagedArgs struct {
	// The list of Replicas for this Secret. Cannot be empty.
	// Structure is documented below.
	Replicas SecretReplicationUserManagedReplicaArrayInput `pulumi:"replicas"`
}

func (SecretReplicationUserManagedArgs) ElementType

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutput

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutputWithContext

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedOutputWithContext(ctx context.Context) SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutput

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutputWithContext

func (i SecretReplicationUserManagedArgs) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedInput

type SecretReplicationUserManagedInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput
	ToSecretReplicationUserManagedOutputWithContext(context.Context) SecretReplicationUserManagedOutput
}

SecretReplicationUserManagedInput is an input type that accepts SecretReplicationUserManagedArgs and SecretReplicationUserManagedOutput values. You can construct a concrete instance of `SecretReplicationUserManagedInput` via:

SecretReplicationUserManagedArgs{...}

type SecretReplicationUserManagedOutput

type SecretReplicationUserManagedOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedOutput) ElementType

func (SecretReplicationUserManagedOutput) Replicas

The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutput

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutput() SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutputWithContext

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedOutputWithContext(ctx context.Context) SecretReplicationUserManagedOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutput

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutputWithContext

func (o SecretReplicationUserManagedOutput) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedPtrInput

type SecretReplicationUserManagedPtrInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput
	ToSecretReplicationUserManagedPtrOutputWithContext(context.Context) SecretReplicationUserManagedPtrOutput
}

SecretReplicationUserManagedPtrInput is an input type that accepts SecretReplicationUserManagedArgs, SecretReplicationUserManagedPtr and SecretReplicationUserManagedPtrOutput values. You can construct a concrete instance of `SecretReplicationUserManagedPtrInput` via:

        SecretReplicationUserManagedArgs{...}

or:

        nil

type SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedPtrOutput) Elem

func (SecretReplicationUserManagedPtrOutput) ElementType

func (SecretReplicationUserManagedPtrOutput) Replicas

The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

func (SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutput

func (o SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutput() SecretReplicationUserManagedPtrOutput

func (SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutputWithContext

func (o SecretReplicationUserManagedPtrOutput) ToSecretReplicationUserManagedPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedPtrOutput

type SecretReplicationUserManagedReplica

type SecretReplicationUserManagedReplica struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryption *SecretReplicationUserManagedReplicaCustomerManagedEncryption `pulumi:"customerManagedEncryption"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location string `pulumi:"location"`
}

type SecretReplicationUserManagedReplicaArgs

type SecretReplicationUserManagedReplicaArgs struct {
	// Customer Managed Encryption for the secret.
	// Structure is documented below.
	CustomerManagedEncryption SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput `pulumi:"customerManagedEncryption"`
	// The canonical IDs of the location to replicate data. For example: "us-east1".
	Location pulumi.StringInput `pulumi:"location"`
}

func (SecretReplicationUserManagedReplicaArgs) ElementType

func (SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutput

func (i SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput

func (SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutputWithContext

func (i SecretReplicationUserManagedReplicaArgs) ToSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaOutput

type SecretReplicationUserManagedReplicaArray

type SecretReplicationUserManagedReplicaArray []SecretReplicationUserManagedReplicaInput

func (SecretReplicationUserManagedReplicaArray) ElementType

func (SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutput

func (i SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput

func (SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutputWithContext

func (i SecretReplicationUserManagedReplicaArray) ToSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaArrayInput

type SecretReplicationUserManagedReplicaArrayInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput
	ToSecretReplicationUserManagedReplicaArrayOutputWithContext(context.Context) SecretReplicationUserManagedReplicaArrayOutput
}

SecretReplicationUserManagedReplicaArrayInput is an input type that accepts SecretReplicationUserManagedReplicaArray and SecretReplicationUserManagedReplicaArrayOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaArrayInput` via:

SecretReplicationUserManagedReplicaArray{ SecretReplicationUserManagedReplicaArgs{...} }

type SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaArrayOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaArrayOutput) ElementType

func (SecretReplicationUserManagedReplicaArrayOutput) Index

func (SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutput

func (o SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutput() SecretReplicationUserManagedReplicaArrayOutput

func (SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutputWithContext

func (o SecretReplicationUserManagedReplicaArrayOutput) ToSecretReplicationUserManagedReplicaArrayOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaArrayOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryption

type SecretReplicationUserManagedReplicaCustomerManagedEncryption struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName string `pulumi:"kmsKeyName"`
}

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs struct {
	// Describes the Cloud KMS encryption key that will be used to protect destination secret.
	//
	// ***
	KmsKeyName pulumi.StringInput `pulumi:"kmsKeyName"`
}

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (i SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (i SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput() SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput
}

SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput is an input type that accepts SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs and SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaCustomerManagedEncryptionInput` via:

SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput() SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput
	ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput
}

SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput is an input type that accepts SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs, SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtr and SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrInput` via:

        SecretReplicationUserManagedReplicaCustomerManagedEncryptionArgs{...}

or:

        nil

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) Elem

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ElementType

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) KmsKeyName

Describes the Cloud KMS encryption key that will be used to protect destination secret.

***

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

func (SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext

func (o SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput) ToSecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaCustomerManagedEncryptionPtrOutput

type SecretReplicationUserManagedReplicaInput

type SecretReplicationUserManagedReplicaInput interface {
	pulumi.Input

	ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput
	ToSecretReplicationUserManagedReplicaOutputWithContext(context.Context) SecretReplicationUserManagedReplicaOutput
}

SecretReplicationUserManagedReplicaInput is an input type that accepts SecretReplicationUserManagedReplicaArgs and SecretReplicationUserManagedReplicaOutput values. You can construct a concrete instance of `SecretReplicationUserManagedReplicaInput` via:

SecretReplicationUserManagedReplicaArgs{...}

type SecretReplicationUserManagedReplicaOutput

type SecretReplicationUserManagedReplicaOutput struct{ *pulumi.OutputState }

func (SecretReplicationUserManagedReplicaOutput) CustomerManagedEncryption

Customer Managed Encryption for the secret. Structure is documented below.

func (SecretReplicationUserManagedReplicaOutput) ElementType

func (SecretReplicationUserManagedReplicaOutput) Location

The canonical IDs of the location to replicate data. For example: "us-east1".

func (SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutput

func (o SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutput() SecretReplicationUserManagedReplicaOutput

func (SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutputWithContext

func (o SecretReplicationUserManagedReplicaOutput) ToSecretReplicationUserManagedReplicaOutputWithContext(ctx context.Context) SecretReplicationUserManagedReplicaOutput

type SecretRotation

type SecretRotation struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime *string `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod *string `pulumi:"rotationPeriod"`
}

type SecretRotationArgs

type SecretRotationArgs struct {
	// Timestamp in UTC at which the Secret is scheduled to rotate.
	// A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
	NextRotationTime pulumi.StringPtrInput `pulumi:"nextRotationTime"`
	// The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years).
	// If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.
	RotationPeriod pulumi.StringPtrInput `pulumi:"rotationPeriod"`
}

func (SecretRotationArgs) ElementType

func (SecretRotationArgs) ElementType() reflect.Type

func (SecretRotationArgs) ToSecretRotationOutput

func (i SecretRotationArgs) ToSecretRotationOutput() SecretRotationOutput

func (SecretRotationArgs) ToSecretRotationOutputWithContext

func (i SecretRotationArgs) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (SecretRotationArgs) ToSecretRotationPtrOutput

func (i SecretRotationArgs) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationArgs) ToSecretRotationPtrOutputWithContext

func (i SecretRotationArgs) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationInput

type SecretRotationInput interface {
	pulumi.Input

	ToSecretRotationOutput() SecretRotationOutput
	ToSecretRotationOutputWithContext(context.Context) SecretRotationOutput
}

SecretRotationInput is an input type that accepts SecretRotationArgs and SecretRotationOutput values. You can construct a concrete instance of `SecretRotationInput` via:

SecretRotationArgs{...}

type SecretRotationOutput

type SecretRotationOutput struct{ *pulumi.OutputState }

func (SecretRotationOutput) ElementType

func (SecretRotationOutput) ElementType() reflect.Type

func (SecretRotationOutput) NextRotationTime

func (o SecretRotationOutput) NextRotationTime() pulumi.StringPtrOutput

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (SecretRotationOutput) RotationPeriod

func (o SecretRotationOutput) RotationPeriod() pulumi.StringPtrOutput

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (SecretRotationOutput) ToSecretRotationOutput

func (o SecretRotationOutput) ToSecretRotationOutput() SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationOutputWithContext

func (o SecretRotationOutput) ToSecretRotationOutputWithContext(ctx context.Context) SecretRotationOutput

func (SecretRotationOutput) ToSecretRotationPtrOutput

func (o SecretRotationOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationOutput) ToSecretRotationPtrOutputWithContext

func (o SecretRotationOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretRotationPtrInput

type SecretRotationPtrInput interface {
	pulumi.Input

	ToSecretRotationPtrOutput() SecretRotationPtrOutput
	ToSecretRotationPtrOutputWithContext(context.Context) SecretRotationPtrOutput
}

SecretRotationPtrInput is an input type that accepts SecretRotationArgs, SecretRotationPtr and SecretRotationPtrOutput values. You can construct a concrete instance of `SecretRotationPtrInput` via:

        SecretRotationArgs{...}

or:

        nil

type SecretRotationPtrOutput

type SecretRotationPtrOutput struct{ *pulumi.OutputState }

func (SecretRotationPtrOutput) Elem

func (SecretRotationPtrOutput) ElementType

func (SecretRotationPtrOutput) ElementType() reflect.Type

func (SecretRotationPtrOutput) NextRotationTime

func (o SecretRotationPtrOutput) NextRotationTime() pulumi.StringPtrOutput

Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

func (SecretRotationPtrOutput) RotationPeriod

func (o SecretRotationPtrOutput) RotationPeriod() pulumi.StringPtrOutput

The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `nextRotationTime` must be set. `nextRotationTime` will be advanced by this period when the service automatically sends rotation notifications.

func (SecretRotationPtrOutput) ToSecretRotationPtrOutput

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutput() SecretRotationPtrOutput

func (SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext

func (o SecretRotationPtrOutput) ToSecretRotationPtrOutputWithContext(ctx context.Context) SecretRotationPtrOutput

type SecretState

type SecretState struct {
	// Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow
	// client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63
	// characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]),
	// and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of
	// annotation keys and values must be less than 16KiB. An object containing a list of "key": value pairs. Example: {
	// "name": "wrench", "mass": "1.3kg", "count": "3" }. **Note**: This field is non-authoritative, and will only manage the
	// annotations present in your configuration. Please refer to the field 'effective_annotations' for all of the annotations
	// present on the resource.
	Annotations pulumi.StringMapInput
	// The time at which the Secret was created.
	CreateTime           pulumi.StringPtrInput
	EffectiveAnnotations pulumi.StringMapInput
	// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
	EffectiveLabels pulumi.StringMapInput
	// Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent
	// on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits.
	// Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". Only one of 'expire_time' or 'ttl' can be
	// provided.
	ExpireTime pulumi.StringPtrInput
	// The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of
	// maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
	// Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to
	// the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given
	// resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3"
	// }. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please
	// refer to the field 'effective_labels' for all of the labels present on the resource.
	Labels pulumi.StringMapInput
	// The resource name of the Secret. Format:
	// `projects/{{project}}/secrets/{{secret_id}}`
	Name    pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// The combination of labels configured directly on the resource
	// and default labels configured on the provider.
	PulumiLabels pulumi.StringMapInput
	// The replication policy of the secret data attached to the Secret. It cannot be changed
	// after the Secret has been created.
	// Structure is documented below.
	Replication SecretReplicationPtrInput
	// The rotation time and period for a Secret. At 'next_rotation_time', Secret Manager will send a Pub/Sub notification to
	// the topics configured on the Secret. 'topics' must be set to configure rotation.
	Rotation SecretRotationPtrInput
	// This must be unique within the project.
	SecretId pulumi.StringPtrInput
	// A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret
	// or its versions.
	Topics SecretTopicArrayInput
	// The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
	// Only one of 'ttl' or 'expire_time' can be provided.
	Ttl pulumi.StringPtrInput
	// Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can
	// contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore ('_') characters. An alias string
	// must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given
	// secret. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
	VersionAliases pulumi.StringMapInput
	// Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret
	// with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to
	// a disabled state and the actual destruction happens after this TTL expires.
	VersionDestroyTtl pulumi.StringPtrInput
}

func (SecretState) ElementType

func (SecretState) ElementType() reflect.Type

type SecretTopic

type SecretTopic struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name string `pulumi:"name"`
}

type SecretTopicArgs

type SecretTopicArgs struct {
	// The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*.
	// For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.
	Name pulumi.StringInput `pulumi:"name"`
}

func (SecretTopicArgs) ElementType

func (SecretTopicArgs) ElementType() reflect.Type

func (SecretTopicArgs) ToSecretTopicOutput

func (i SecretTopicArgs) ToSecretTopicOutput() SecretTopicOutput

func (SecretTopicArgs) ToSecretTopicOutputWithContext

func (i SecretTopicArgs) ToSecretTopicOutputWithContext(ctx context.Context) SecretTopicOutput

type SecretTopicArray

type SecretTopicArray []SecretTopicInput

func (SecretTopicArray) ElementType

func (SecretTopicArray) ElementType() reflect.Type

func (SecretTopicArray) ToSecretTopicArrayOutput

func (i SecretTopicArray) ToSecretTopicArrayOutput() SecretTopicArrayOutput

func (SecretTopicArray) ToSecretTopicArrayOutputWithContext

func (i SecretTopicArray) ToSecretTopicArrayOutputWithContext(ctx context.Context) SecretTopicArrayOutput

type SecretTopicArrayInput

type SecretTopicArrayInput interface {
	pulumi.Input

	ToSecretTopicArrayOutput() SecretTopicArrayOutput
	ToSecretTopicArrayOutputWithContext(context.Context) SecretTopicArrayOutput
}

SecretTopicArrayInput is an input type that accepts SecretTopicArray and SecretTopicArrayOutput values. You can construct a concrete instance of `SecretTopicArrayInput` via:

SecretTopicArray{ SecretTopicArgs{...} }

type SecretTopicArrayOutput

type SecretTopicArrayOutput struct{ *pulumi.OutputState }

func (SecretTopicArrayOutput) ElementType

func (SecretTopicArrayOutput) ElementType() reflect.Type

func (SecretTopicArrayOutput) Index

func (SecretTopicArrayOutput) ToSecretTopicArrayOutput

func (o SecretTopicArrayOutput) ToSecretTopicArrayOutput() SecretTopicArrayOutput

func (SecretTopicArrayOutput) ToSecretTopicArrayOutputWithContext

func (o SecretTopicArrayOutput) ToSecretTopicArrayOutputWithContext(ctx context.Context) SecretTopicArrayOutput

type SecretTopicInput

type SecretTopicInput interface {
	pulumi.Input

	ToSecretTopicOutput() SecretTopicOutput
	ToSecretTopicOutputWithContext(context.Context) SecretTopicOutput
}

SecretTopicInput is an input type that accepts SecretTopicArgs and SecretTopicOutput values. You can construct a concrete instance of `SecretTopicInput` via:

SecretTopicArgs{...}

type SecretTopicOutput

type SecretTopicOutput struct{ *pulumi.OutputState }

func (SecretTopicOutput) ElementType

func (SecretTopicOutput) ElementType() reflect.Type

func (SecretTopicOutput) Name

The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

func (SecretTopicOutput) ToSecretTopicOutput

func (o SecretTopicOutput) ToSecretTopicOutput() SecretTopicOutput

func (SecretTopicOutput) ToSecretTopicOutputWithContext

func (o SecretTopicOutput) ToSecretTopicOutputWithContext(ctx context.Context) SecretTopicOutput

type SecretVersion

type SecretVersion struct {
	pulumi.CustomResourceState

	// The time at which the Secret was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrOutput `pulumi:"deletionPolicy"`
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringOutput `pulumi:"destroyTime"`
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrOutput `pulumi:"isSecretDataBase64"`
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringOutput `pulumi:"name"`
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringOutput `pulumi:"secret"`
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringOutput `pulumi:"secretData"`
	// The version of the Secret.
	Version pulumi.StringOutput `pulumi:"version"`
}

A secret version resource.

## Example Usage

### Secret Version Basic

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Labels: pulumi.StringMap{
				"label": pulumi.String("my-label"),
			},
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-basic", &secretmanager.SecretVersionArgs{
			Secret:     secret_basic.ID(),
			SecretData: pulumi.String("secret-data"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version Deletion Policy Abandon

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-deletion-policy", &secretmanager.SecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("ABANDON"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version Deletion Policy Disable

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-deletion-policy", &secretmanager.SecretVersionArgs{
			Secret:         secret_basic.ID(),
			SecretData:     pulumi.String("secret-data"),
			DeletionPolicy: pulumi.String("DISABLE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` ### Secret Version With Base64 String Secret Data

```go package main

import (

"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-version"),
			Replication: &secretmanager.SecretReplicationArgs{
				UserManaged: &secretmanager.SecretReplicationUserManagedArgs{
					Replicas: secretmanager.SecretReplicationUserManagedReplicaArray{
						&secretmanager.SecretReplicationUserManagedReplicaArgs{
							Location: pulumi.String("us-central1"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		invokeFilebase64, err := std.Filebase64(ctx, &std.Filebase64Args{
			Input: "secret-data.pfx",
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "secret-version-base64", &secretmanager.SecretVersionArgs{
			Secret:             secret_basic.ID(),
			IsSecretDataBase64: pulumi.Bool(true),
			SecretData:         pulumi.String(invokeFilebase64.Result),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

SecretVersion can be imported using any of these accepted formats:

* `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

When using the `pulumi import` command, SecretVersion can be imported using one of the formats above. For example:

```sh $ pulumi import gcp:secretmanager/secretVersion:SecretVersion default projects/{{project}}/secrets/{{secret_id}}/versions/{{version}} ```

func GetSecretVersion

func GetSecretVersion(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretVersionState, opts ...pulumi.ResourceOption) (*SecretVersion, error)

GetSecretVersion gets an existing SecretVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretVersion

func NewSecretVersion(ctx *pulumi.Context,
	name string, args *SecretVersionArgs, opts ...pulumi.ResourceOption) (*SecretVersion, error)

NewSecretVersion registers a new resource with the given unique name, arguments, and options.

func (*SecretVersion) ElementType

func (*SecretVersion) ElementType() reflect.Type

func (*SecretVersion) ToSecretVersionOutput

func (i *SecretVersion) ToSecretVersionOutput() SecretVersionOutput

func (*SecretVersion) ToSecretVersionOutputWithContext

func (i *SecretVersion) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

type SecretVersionArgs

type SecretVersionArgs struct {
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringInput
}

The set of arguments for constructing a SecretVersion resource.

func (SecretVersionArgs) ElementType

func (SecretVersionArgs) ElementType() reflect.Type

type SecretVersionArray

type SecretVersionArray []SecretVersionInput

func (SecretVersionArray) ElementType

func (SecretVersionArray) ElementType() reflect.Type

func (SecretVersionArray) ToSecretVersionArrayOutput

func (i SecretVersionArray) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArray) ToSecretVersionArrayOutputWithContext

func (i SecretVersionArray) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionArrayInput

type SecretVersionArrayInput interface {
	pulumi.Input

	ToSecretVersionArrayOutput() SecretVersionArrayOutput
	ToSecretVersionArrayOutputWithContext(context.Context) SecretVersionArrayOutput
}

SecretVersionArrayInput is an input type that accepts SecretVersionArray and SecretVersionArrayOutput values. You can construct a concrete instance of `SecretVersionArrayInput` via:

SecretVersionArray{ SecretVersionArgs{...} }

type SecretVersionArrayOutput

type SecretVersionArrayOutput struct{ *pulumi.OutputState }

func (SecretVersionArrayOutput) ElementType

func (SecretVersionArrayOutput) ElementType() reflect.Type

func (SecretVersionArrayOutput) Index

func (SecretVersionArrayOutput) ToSecretVersionArrayOutput

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutput() SecretVersionArrayOutput

func (SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext

func (o SecretVersionArrayOutput) ToSecretVersionArrayOutputWithContext(ctx context.Context) SecretVersionArrayOutput

type SecretVersionInput

type SecretVersionInput interface {
	pulumi.Input

	ToSecretVersionOutput() SecretVersionOutput
	ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput
}

type SecretVersionMap

type SecretVersionMap map[string]SecretVersionInput

func (SecretVersionMap) ElementType

func (SecretVersionMap) ElementType() reflect.Type

func (SecretVersionMap) ToSecretVersionMapOutput

func (i SecretVersionMap) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMap) ToSecretVersionMapOutputWithContext

func (i SecretVersionMap) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionMapInput

type SecretVersionMapInput interface {
	pulumi.Input

	ToSecretVersionMapOutput() SecretVersionMapOutput
	ToSecretVersionMapOutputWithContext(context.Context) SecretVersionMapOutput
}

SecretVersionMapInput is an input type that accepts SecretVersionMap and SecretVersionMapOutput values. You can construct a concrete instance of `SecretVersionMapInput` via:

SecretVersionMap{ "key": SecretVersionArgs{...} }

type SecretVersionMapOutput

type SecretVersionMapOutput struct{ *pulumi.OutputState }

func (SecretVersionMapOutput) ElementType

func (SecretVersionMapOutput) ElementType() reflect.Type

func (SecretVersionMapOutput) MapIndex

func (SecretVersionMapOutput) ToSecretVersionMapOutput

func (o SecretVersionMapOutput) ToSecretVersionMapOutput() SecretVersionMapOutput

func (SecretVersionMapOutput) ToSecretVersionMapOutputWithContext

func (o SecretVersionMapOutput) ToSecretVersionMapOutputWithContext(ctx context.Context) SecretVersionMapOutput

type SecretVersionOutput

type SecretVersionOutput struct{ *pulumi.OutputState }

func (SecretVersionOutput) CreateTime

func (o SecretVersionOutput) CreateTime() pulumi.StringOutput

The time at which the Secret was created.

func (SecretVersionOutput) DeletionPolicy

func (o SecretVersionOutput) DeletionPolicy() pulumi.StringPtrOutput

The deletion policy for the secret version. Setting `ABANDON` allows the resource to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be disabled rather than deleted. Default is `DELETE`. Possible values are: * DELETE * DISABLE * ABANDON

func (SecretVersionOutput) DestroyTime

func (o SecretVersionOutput) DestroyTime() pulumi.StringOutput

The time at which the Secret was destroyed. Only present if state is DESTROYED.

func (SecretVersionOutput) ElementType

func (SecretVersionOutput) ElementType() reflect.Type

func (SecretVersionOutput) Enabled

The current state of the SecretVersion.

func (SecretVersionOutput) IsSecretDataBase64

func (o SecretVersionOutput) IsSecretDataBase64() pulumi.BoolPtrOutput

If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.

func (SecretVersionOutput) Name

The resource name of the SecretVersion. Format: `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`

func (SecretVersionOutput) Secret

Secret Manager secret resource

***

func (SecretVersionOutput) SecretData

func (o SecretVersionOutput) SecretData() pulumi.StringOutput

The secret data. Must be no larger than 64KiB. **Note**: This property is sensitive and will not be displayed in the plan.

func (SecretVersionOutput) ToSecretVersionOutput

func (o SecretVersionOutput) ToSecretVersionOutput() SecretVersionOutput

func (SecretVersionOutput) ToSecretVersionOutputWithContext

func (o SecretVersionOutput) ToSecretVersionOutputWithContext(ctx context.Context) SecretVersionOutput

func (SecretVersionOutput) Version

The version of the Secret.

type SecretVersionState

type SecretVersionState struct {
	// The time at which the Secret was created.
	CreateTime pulumi.StringPtrInput
	// The deletion policy for the secret version. Setting `ABANDON` allows the resource
	// to be abandoned rather than deleted. Setting `DISABLE` allows the resource to be
	// disabled rather than deleted. Default is `DELETE`. Possible values are:
	// * DELETE
	// * DISABLE
	// * ABANDON
	DeletionPolicy pulumi.StringPtrInput
	// The time at which the Secret was destroyed. Only present if state is DESTROYED.
	DestroyTime pulumi.StringPtrInput
	// The current state of the SecretVersion.
	Enabled pulumi.BoolPtrInput
	// If set to 'true', the secret data is expected to be base64-encoded string and would be sent as is.
	IsSecretDataBase64 pulumi.BoolPtrInput
	// The resource name of the SecretVersion. Format:
	// `projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}`
	Name pulumi.StringPtrInput
	// Secret Manager secret resource
	//
	// ***
	Secret pulumi.StringPtrInput
	// The secret data. Must be no larger than 64KiB.
	// **Note**: This property is sensitive and will not be displayed in the plan.
	SecretData pulumi.StringPtrInput
	// The version of the Secret.
	Version pulumi.StringPtrInput
}

func (SecretVersionState) ElementType

func (SecretVersionState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL