secretsmanager

package
v0.16.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetSecretArgs 

type GetSecretArgs struct {
	// The Amazon Resource Name (ARN) of the secret to retrieve.
	Arn interface{}
	// The name of the secret to retrieve.
	Name interface{}
}

A collection of arguments for invoking getSecret.

type GetSecretResult 

type GetSecretResult struct {
	// The Amazon Resource Name (ARN) of the secret.
	Arn interface{}
	// A description of the secret.
	Description interface{}
	// The Key Management Service (KMS) Customer Master Key (CMK) associated with the secret.
	KmsKeyId interface{}
	Name     interface{}
	// The resource-based policy document that's attached to the secret.
	Policy interface{}
	// Whether rotation is enabled or not.
	RotationEnabled interface{}
	// Rotation Lambda function Amazon Resource Name (ARN) if rotation is enabled.
	RotationLambdaArn interface{}
	// Rotation rules if rotation is enabled.
	RotationRules interface{}
	// Tags of the secret.
	Tags interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getSecret.

func LookupSecret 

func LookupSecret(ctx *pulumi.Context, args *GetSecretArgs) (*GetSecretResult, error)

Retrieve metadata information about a Secrets Manager secret. To retrieve a secret value, see the [`aws_secretsmanager_secret_version` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret_version.html).

type GetSecretVersionArgs 

type GetSecretVersionArgs struct {
	// Specifies the secret containing the version that you want to retrieve. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret.
	SecretId interface{}
	// Specifies the unique identifier of the version of the secret that you want to retrieve. Overrides `version_stage`.
	VersionId interface{}
	// Specifies the secret version that you want to retrieve by the staging label attached to the version. Defaults to `AWSCURRENT`.
	VersionStage interface{}
}

A collection of arguments for invoking getSecretVersion.

type GetSecretVersionResult 

type GetSecretVersionResult struct {
	// The ARN of the secret.
	Arn interface{}
	// The decrypted part of the protected secret information that was originally provided as a binary. Base64 encoded.
	SecretBinary interface{}
	// The decrypted part of the protected secret information that was originally provided as a string.
	SecretString interface{}
	// The unique identifier of this version of the secret.
	VersionId     interface{}
	VersionStages interface{}
	// id is the provider-assigned unique ID for this managed resource.
	Id interface{}
}

A collection of values returned by getSecretVersion.

func LookupSecretVersion 

func LookupSecretVersion(ctx *pulumi.Context, args *GetSecretVersionArgs) (*GetSecretVersionResult, error)

Retrieve information about a Secrets Manager secret version, including its secret value. To retrieve secret metadata, see the [`aws_secretsmanager_secret` data source](https://www.terraform.io/docs/providers/aws/d/secretsmanager_secret.html).

type Secret 

type Secret struct {
	// contains filtered or unexported fields
}

Provides a resource to manage AWS Secrets Manager secret metadata. To manage a secret value, see the [`aws_secretsmanager_secret_version` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret_version.html).

func GetSecret 

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.ID, state *SecretState, opts ...pulumi.ResourceOpt) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret 

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOpt) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) Arn 

func (r *Secret) Arn() *pulumi.StringOutput

Amazon Resource Name (ARN) of the secret.

func (*Secret) Description 

func (r *Secret) Description() *pulumi.StringOutput

A description of the secret.

func (*Secret) ID 

func (r *Secret) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Secret) KmsKeyId 

func (r *Secret) KmsKeyId() *pulumi.StringOutput

Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.

func (*Secret) Name 

func (r *Secret) Name() *pulumi.StringOutput

Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.

func (*Secret) NamePrefix added in v0.16.2 

func (r *Secret) NamePrefix() *pulumi.StringOutput

Creates a unique name beginning with the specified prefix. Conflicts with `name`.

func (*Secret) Policy added in v0.15.1 

func (r *Secret) Policy() *pulumi.StringOutput

A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). For more information about building AWS IAM policy documents with Terraform, see the [AWS IAM Policy Document Guide](https://www.terraform.io/docs/providers/aws/guides/iam-policy-documents.html).

func (*Secret) RecoveryWindowInDays 

func (r *Secret) RecoveryWindowInDays() *pulumi.IntOutput

Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.

func (*Secret) RotationEnabled 

func (r *Secret) RotationEnabled() *pulumi.BoolOutput

Specifies whether automatic rotation is enabled for this secret.

func (*Secret) RotationLambdaArn 

func (r *Secret) RotationLambdaArn() *pulumi.StringOutput

Specifies the ARN of the Lambda function that can rotate the secret.

func (*Secret) RotationRules 

func (r *Secret) RotationRules() *pulumi.Output

A structure that defines the rotation configuration for this secret. Defined below.

func (*Secret) Tags 

func (r *Secret) Tags() *pulumi.MapOutput

Specifies a key-value map of user-defined tags that are attached to the secret.

func (*Secret) URN 

func (r *Secret) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type SecretArgs 

type SecretArgs struct {
	// A description of the secret.
	Description interface{}
	// Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
	KmsKeyId interface{}
	// Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). For more information about building AWS IAM policy documents with Terraform, see the [AWS IAM Policy Document Guide](https://www.terraform.io/docs/providers/aws/guides/iam-policy-documents.html).
	Policy interface{}
	// Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
	RecoveryWindowInDays interface{}
	// Specifies the ARN of the Lambda function that can rotate the secret.
	RotationLambdaArn interface{}
	// A structure that defines the rotation configuration for this secret. Defined below.
	RotationRules interface{}
	// Specifies a key-value map of user-defined tags that are attached to the secret.
	Tags interface{}
}

The set of arguments for constructing a Secret resource.

type SecretState 

type SecretState struct {
	// Amazon Resource Name (ARN) of the secret.
	Arn interface{}
	// A description of the secret.
	Description interface{}
	// Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default CMK (the one named `aws/secretsmanager`). If the default KMS CMK with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
	KmsKeyId interface{}
	// Specifies the friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.@-` Conflicts with `name_prefix`.
	Name interface{}
	// Creates a unique name beginning with the specified prefix. Conflicts with `name`.
	NamePrefix interface{}
	// A valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). For more information about building AWS IAM policy documents with Terraform, see the [AWS IAM Policy Document Guide](https://www.terraform.io/docs/providers/aws/guides/iam-policy-documents.html).
	Policy interface{}
	// Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
	RecoveryWindowInDays interface{}
	// Specifies whether automatic rotation is enabled for this secret.
	RotationEnabled interface{}
	// Specifies the ARN of the Lambda function that can rotate the secret.
	RotationLambdaArn interface{}
	// A structure that defines the rotation configuration for this secret. Defined below.
	RotationRules interface{}
	// Specifies a key-value map of user-defined tags that are attached to the secret.
	Tags interface{}
}

Input properties used for looking up and filtering Secret resources.

type SecretVersion 

type SecretVersion struct {
	// contains filtered or unexported fields
}

Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the [`aws_secretsmanager_secret` resource](https://www.terraform.io/docs/providers/aws/r/secretsmanager_secret.html).

> **NOTE:** If the `AWSCURRENT` staging label is present on this version during resource deletion, that label cannot be removed and will be skipped to prevent errors when fully deleting the secret. That label will leave this secret version active even after the resource is deleted from Terraform unless the secret itself is deleted. Move the `AWSCURRENT` staging label before or after deleting this resource from Terraform to fully trigger version deprecation if necessary.

func GetSecretVersion 

func GetSecretVersion(ctx *pulumi.Context,
	name string, id pulumi.ID, state *SecretVersionState, opts ...pulumi.ResourceOpt) (*SecretVersion, error)

GetSecretVersion gets an existing SecretVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecretVersion 

func NewSecretVersion(ctx *pulumi.Context,
	name string, args *SecretVersionArgs, opts ...pulumi.ResourceOpt) (*SecretVersion, error)

NewSecretVersion registers a new resource with the given unique name, arguments, and options.

func (*SecretVersion) Arn added in v0.15.1 

func (r *SecretVersion) Arn() *pulumi.StringOutput

The ARN of the secret.

func (*SecretVersion) ID 

func (r *SecretVersion) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*SecretVersion) SecretBinary added in v0.16.1 

func (r *SecretVersion) SecretBinary() *pulumi.StringOutput

Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.

func (*SecretVersion) SecretId 

func (r *SecretVersion) SecretId() *pulumi.StringOutput

Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.

func (*SecretVersion) SecretString 

func (r *SecretVersion) SecretString() *pulumi.StringOutput

Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.

func (*SecretVersion) URN 

func (r *SecretVersion) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

func (*SecretVersion) VersionId 

func (r *SecretVersion) VersionId() *pulumi.StringOutput

The unique identifier of the version of the secret.

func (*SecretVersion) VersionStages 

func (r *SecretVersion) VersionStages() *pulumi.ArrayOutput

Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.

type SecretVersionArgs 

type SecretVersionArgs struct {
	// Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.
	SecretBinary interface{}
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId interface{}
	// Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.
	SecretString interface{}
	// Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.
	VersionStages interface{}
}

The set of arguments for constructing a SecretVersion resource.

type SecretVersionState 

type SecretVersionState struct {
	// The ARN of the secret.
	Arn interface{}
	// Specifies binary data that you want to encrypt and store in this version of the secret. This is required if secret_string is not set. Needs to be encoded to base64.
	SecretBinary interface{}
	// Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
	SecretId interface{}
	// Specifies text data that you want to encrypt and store in this version of the secret. This is required if secret_binary is not set.
	SecretString interface{}
	// The unique identifier of the version of the secret.
	VersionId interface{}
	// Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label `AWSCURRENT` to this new version on creation.
	VersionStages interface{}
}

Input properties used for looking up and filtering SecretVersion resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.