Docs Home
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi
azure-native.secretsynccontroller.SecretSync
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi
The SecretSync resource. Azure REST API version: 2024-08-21-preview.
Example Usage
SecretSyncs_CreateOrUpdate
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var secretSync = new AzureNative.SecretSyncController.SecretSync("secretSync", new()
{
ExtendedLocation = new AzureNative.SecretSyncController.Inputs.AzureResourceManagerCommonTypesExtendedLocationArgs
{
Name = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location",
Type = AzureNative.SecretSyncController.ExtendedLocationType.CustomLocation,
},
KubernetesSecretType = AzureNative.SecretSyncController.KubernetesSecretType.Opaque,
Location = "eastus",
ObjectSecretMapping = new[]
{
new AzureNative.SecretSyncController.Inputs.KubernetesSecretObjectMappingArgs
{
SourcePath = "kv-secret-name/0",
TargetKey = "kv-secret-name/0",
},
},
ResourceGroupName = "rg-ssc-example",
SecretProviderClassName = "akvspc-ssc-example",
SecretSyncName = "secretsync-ssc-example",
ServiceAccountName = "example-k8s-sa-name",
Tags =
{
{ "example-tag", "example-tag-value" },
},
});
});
package main
import (
secretsynccontroller "github.com/pulumi/pulumi-azure-native-sdk/secretsynccontroller/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := secretsynccontroller.NewSecretSync(ctx, "secretSync", &secretsynccontroller.SecretSyncArgs{
ExtendedLocation: &secretsynccontroller.AzureResourceManagerCommonTypesExtendedLocationArgs{
Name: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location"),
Type: pulumi.String(secretsynccontroller.ExtendedLocationTypeCustomLocation),
},
KubernetesSecretType: pulumi.String(secretsynccontroller.KubernetesSecretTypeOpaque),
Location: pulumi.String("eastus"),
ObjectSecretMapping: secretsynccontroller.KubernetesSecretObjectMappingArray{
&secretsynccontroller.KubernetesSecretObjectMappingArgs{
SourcePath: pulumi.String("kv-secret-name/0"),
TargetKey: pulumi.String("kv-secret-name/0"),
},
},
ResourceGroupName: pulumi.String("rg-ssc-example"),
SecretProviderClassName: pulumi.String("akvspc-ssc-example"),
SecretSyncName: pulumi.String("secretsync-ssc-example"),
ServiceAccountName: pulumi.String("example-k8s-sa-name"),
Tags: pulumi.StringMap{
"example-tag": pulumi.String("example-tag-value"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.secretsynccontroller.SecretSync;
import com.pulumi.azurenative.secretsynccontroller.SecretSyncArgs;
import com.pulumi.azurenative.secretsynccontroller.inputs.AzureResourceManagerCommonTypesExtendedLocationArgs;
import com.pulumi.azurenative.secretsynccontroller.inputs.KubernetesSecretObjectMappingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var secretSync = new SecretSync("secretSync", SecretSyncArgs.builder()
.extendedLocation(AzureResourceManagerCommonTypesExtendedLocationArgs.builder()
.name("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location")
.type("CustomLocation")
.build())
.kubernetesSecretType("Opaque")
.location("eastus")
.objectSecretMapping(KubernetesSecretObjectMappingArgs.builder()
.sourcePath("kv-secret-name/0")
.targetKey("kv-secret-name/0")
.build())
.resourceGroupName("rg-ssc-example")
.secretProviderClassName("akvspc-ssc-example")
.secretSyncName("secretsync-ssc-example")
.serviceAccountName("example-k8s-sa-name")
.tags(Map.of("example-tag", "example-tag-value"))
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
secret_sync = azure_native.secretsynccontroller.SecretSync("secretSync",
extended_location={
"name": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location",
"type": azure_native.secretsynccontroller.ExtendedLocationType.CUSTOM_LOCATION,
},
kubernetes_secret_type=azure_native.secretsynccontroller.KubernetesSecretType.OPAQUE,
location="eastus",
object_secret_mapping=[{
"source_path": "kv-secret-name/0",
"target_key": "kv-secret-name/0",
}],
resource_group_name="rg-ssc-example",
secret_provider_class_name="akvspc-ssc-example",
secret_sync_name="secretsync-ssc-example",
service_account_name="example-k8s-sa-name",
tags={
"example-tag": "example-tag-value",
})
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const secretSync = new azure_native.secretsynccontroller.SecretSync("secretSync", {
extendedLocation: {
name: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location",
type: azure_native.secretsynccontroller.ExtendedLocationType.CustomLocation,
},
kubernetesSecretType: azure_native.secretsynccontroller.KubernetesSecretType.Opaque,
location: "eastus",
objectSecretMapping: [{
sourcePath: "kv-secret-name/0",
targetKey: "kv-secret-name/0",
}],
resourceGroupName: "rg-ssc-example",
secretProviderClassName: "akvspc-ssc-example",
secretSyncName: "secretsync-ssc-example",
serviceAccountName: "example-k8s-sa-name",
tags: {
"example-tag": "example-tag-value",
},
});
resources:
secretSync:
type: azure-native:secretsynccontroller:SecretSync
properties:
extendedLocation:
name: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-ssc-example/providers/Microsoft.ExtendedLocation/customLocations/example-custom-location
type: CustomLocation
kubernetesSecretType: Opaque
location: eastus
objectSecretMapping:
- sourcePath: kv-secret-name/0
targetKey: kv-secret-name/0
resourceGroupName: rg-ssc-example
secretProviderClassName: akvspc-ssc-example
secretSyncName: secretsync-ssc-example
serviceAccountName: example-k8s-sa-name
tags:
example-tag: example-tag-value
Create SecretSync Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecretSync(name: string, args: SecretSyncArgs, opts?: CustomResourceOptions);@overload
def SecretSync(resource_name: str,
args: SecretSyncArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecretSync(resource_name: str,
opts: Optional[ResourceOptions] = None,
kubernetes_secret_type: Optional[Union[str, KubernetesSecretType]] = None,
object_secret_mapping: Optional[Sequence[KubernetesSecretObjectMappingArgs]] = None,
resource_group_name: Optional[str] = None,
secret_provider_class_name: Optional[str] = None,
service_account_name: Optional[str] = None,
extended_location: Optional[AzureResourceManagerCommonTypesExtendedLocationArgs] = None,
force_synchronization: Optional[str] = None,
location: Optional[str] = None,
secret_sync_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)func NewSecretSync(ctx *Context, name string, args SecretSyncArgs, opts ...ResourceOption) (*SecretSync, error)public SecretSync(string name, SecretSyncArgs args, CustomResourceOptions? opts = null)
public SecretSync(String name, SecretSyncArgs args)
public SecretSync(String name, SecretSyncArgs args, CustomResourceOptions options)
type: azure-native:secretsynccontroller:SecretSync
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecretSyncArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecretSyncArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecretSyncArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecretSyncArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecretSyncArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secretSyncResource = new AzureNative.SecretSyncController.SecretSync("secretSyncResource", new()
{
KubernetesSecretType = "string",
ObjectSecretMapping = new[]
{
new AzureNative.SecretSyncController.Inputs.KubernetesSecretObjectMappingArgs
{
SourcePath = "string",
TargetKey = "string",
},
},
ResourceGroupName = "string",
SecretProviderClassName = "string",
ServiceAccountName = "string",
ExtendedLocation = new AzureNative.SecretSyncController.Inputs.AzureResourceManagerCommonTypesExtendedLocationArgs
{
Name = "string",
Type = "string",
},
ForceSynchronization = "string",
Location = "string",
SecretSyncName = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := secretsynccontroller.NewSecretSync(ctx, "secretSyncResource", &secretsynccontroller.SecretSyncArgs{
KubernetesSecretType: pulumi.String("string"),
ObjectSecretMapping: secretsynccontroller.KubernetesSecretObjectMappingArray{
&secretsynccontroller.KubernetesSecretObjectMappingArgs{
SourcePath: pulumi.String("string"),
TargetKey: pulumi.String("string"),
},
},
ResourceGroupName: pulumi.String("string"),
SecretProviderClassName: pulumi.String("string"),
ServiceAccountName: pulumi.String("string"),
ExtendedLocation: &secretsynccontroller.AzureResourceManagerCommonTypesExtendedLocationArgs{
Name: pulumi.String("string"),
Type: pulumi.String("string"),
},
ForceSynchronization: pulumi.String("string"),
Location: pulumi.String("string"),
SecretSyncName: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var secretSyncResource = new SecretSync("secretSyncResource", SecretSyncArgs.builder()
.kubernetesSecretType("string")
.objectSecretMapping(KubernetesSecretObjectMappingArgs.builder()
.sourcePath("string")
.targetKey("string")
.build())
.resourceGroupName("string")
.secretProviderClassName("string")
.serviceAccountName("string")
.extendedLocation(AzureResourceManagerCommonTypesExtendedLocationArgs.builder()
.name("string")
.type("string")
.build())
.forceSynchronization("string")
.location("string")
.secretSyncName("string")
.tags(Map.of("string", "string"))
.build());
secret_sync_resource = azure_native.secretsynccontroller.SecretSync("secretSyncResource",
kubernetes_secret_type="string",
object_secret_mapping=[{
"source_path": "string",
"target_key": "string",
}],
resource_group_name="string",
secret_provider_class_name="string",
service_account_name="string",
extended_location={
"name": "string",
"type": "string",
},
force_synchronization="string",
location="string",
secret_sync_name="string",
tags={
"string": "string",
})
const secretSyncResource = new azure_native.secretsynccontroller.SecretSync("secretSyncResource", {
kubernetesSecretType: "string",
objectSecretMapping: [{
sourcePath: "string",
targetKey: "string",
}],
resourceGroupName: "string",
secretProviderClassName: "string",
serviceAccountName: "string",
extendedLocation: {
name: "string",
type: "string",
},
forceSynchronization: "string",
location: "string",
secretSyncName: "string",
tags: {
string: "string",
},
});
type: azure-native:secretsynccontroller:SecretSync
properties:
extendedLocation:
name: string
type: string
forceSynchronization: string
kubernetesSecretType: string
location: string
objectSecretMapping:
- sourcePath: string
targetKey: string
resourceGroupName: string
secretProviderClassName: string
secretSyncName: string
serviceAccountName: string
tags:
string: string
SecretSync Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecretSync resource accepts the following input properties:
- Kubernetes
Secret string | Pulumi.Type Azure Native. Secret Sync Controller. Kubernetes Secret Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- Object
Secret List<Pulumi.Mapping Azure Native. Secret Sync Controller. Inputs. Kubernetes Secret Object Mapping> - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Secret
Provider stringClass Name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- Service
Account stringName - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- Extended
Location Pulumi.Azure Native. Secret Sync Controller. Inputs. Azure Resource Manager Common Types Extended Location - The complex type of the extended location.
- Force
Synchronization string - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- Location string
- The geo-location where the resource lives
- Secret
Sync stringName - The name of the SecretSync
- Dictionary<string, string>
- Resource tags.
- Kubernetes
Secret string | KubernetesType Secret Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- Object
Secret []KubernetesMapping Secret Object Mapping Args - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Secret
Provider stringClass Name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- Service
Account stringName - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- Extended
Location AzureResource Manager Common Types Extended Location Args - The complex type of the extended location.
- Force
Synchronization string - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- Location string
- The geo-location where the resource lives
- Secret
Sync stringName - The name of the SecretSync
- map[string]string
- Resource tags.
- kubernetes
Secret String | KubernetesType Secret Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- object
Secret List<KubernetesMapping Secret Object Mapping> - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- secret
Provider StringClass Name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- service
Account StringName - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- extended
Location AzureResource Manager Common Types Extended Location - The complex type of the extended location.
- force
Synchronization String - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- location String
- The geo-location where the resource lives
- secret
Sync StringName - The name of the SecretSync
- Map<String,String>
- Resource tags.
- kubernetes
Secret string | KubernetesType Secret Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- object
Secret KubernetesMapping Secret Object Mapping[] - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- secret
Provider stringClass Name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- service
Account stringName - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- extended
Location AzureResource Manager Common Types Extended Location - The complex type of the extended location.
- force
Synchronization string - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- location string
- The geo-location where the resource lives
- secret
Sync stringName - The name of the SecretSync
- {[key: string]: string}
- Resource tags.
- kubernetes_
secret_ str | Kubernetestype Secret Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- object_
secret_ Sequence[Kubernetesmapping Secret Object Mapping Args] - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- secret_
provider_ strclass_ name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- service_
account_ strname - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- extended_
location AzureResource Manager Common Types Extended Location Args - The complex type of the extended location.
- force_
synchronization str - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- location str
- The geo-location where the resource lives
- secret_
sync_ strname - The name of the SecretSync
- Mapping[str, str]
- Resource tags.
- kubernetes
Secret String | "Opaque" | "kubernetes.io/tls"Type - Type specifies the type of the Kubernetes secret object, e.g. "Opaque" or"kubernetes.io/tls". The controller must have permission to create secrets of the specified type.
- object
Secret List<Property Map>Mapping - An array of SecretObjectData that maps secret data from the external secret provider to the Kubernetes secret. Each entry specifies the source secret in the external provider and the corresponding key in the Kubernetes secret.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- secret
Provider StringClass Name - SecretProviderClassName specifies the name of the SecretProviderClass resource, which contains the information needed to access the cloud provider secret store.
- service
Account StringName - ServiceAccountName specifies the name of the service account used to access the cloud provider secret store. The audience field in the service account token must be passed as parameter in the controller configuration. The audience is used when requesting a token from the API server for the service account; the supported audiences are defined by each provider.
- extended
Location Property Map - The complex type of the extended location.
- force
Synchronization String - ForceSynchronization can be used to force the secret synchronization. The secret synchronization is triggered by changing the value in this field. This field is not used to resolve synchronization conflicts.
- location String
- The geo-location where the resource lives
- secret
Sync StringName - The name of the SecretSync
- Map<String>
- Resource tags.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecretSync resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Provisioning
State string - Provisioning state of the SecretSync instance.
- Status
Pulumi.
Azure Native. Secret Sync Controller. Outputs. Secret Sync Status Response - SecretSyncStatus defines the observed state of the secret synchronization process.
- System
Data Pulumi.Azure Native. Secret Sync Controller. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Provisioning
State string - Provisioning state of the SecretSync instance.
- Status
Secret
Sync Status Response - SecretSyncStatus defines the observed state of the secret synchronization process.
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- provisioning
State String - Provisioning state of the SecretSync instance.
- status
Secret
Sync Status Response - SecretSyncStatus defines the observed state of the secret synchronization process.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the resource
- provisioning
State string - Provisioning state of the SecretSync instance.
- status
Secret
Sync Status Response - SecretSyncStatus defines the observed state of the secret synchronization process.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the resource
- provisioning_
state str - Provisioning state of the SecretSync instance.
- status
Secret
Sync Status Response - SecretSyncStatus defines the observed state of the secret synchronization process.
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- provisioning
State String - Provisioning state of the SecretSync instance.
- status Property Map
- SecretSyncStatus defines the observed state of the secret synchronization process.
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Supporting Types
AzureResourceManagerCommonTypesExtendedLocation, AzureResourceManagerCommonTypesExtendedLocationArgs
- Name string
- The name of the extended location.
- Type
string | Pulumi.
Azure Native. Secret Sync Controller. Extended Location Type - The type of the extended location.
- Name string
- The name of the extended location.
- Type
string | Extended
Location Type - The type of the extended location.
- name String
- The name of the extended location.
- type
String | Extended
Location Type - The type of the extended location.
- name string
- The name of the extended location.
- type
string | Extended
Location Type - The type of the extended location.
- name str
- The name of the extended location.
- type
str | Extended
Location Type - The type of the extended location.
- name String
- The name of the extended location.
- type
String | "Edge
Zone" | "Custom Location" - The type of the extended location.
AzureResourceManagerCommonTypesExtendedLocationResponse, AzureResourceManagerCommonTypesExtendedLocationResponseArgs
ExtendedLocationType, ExtendedLocationTypeArgs
- Edge
Zone - EdgeZoneAzure Edge Zones location type
- Custom
Location - CustomLocationAzure Custom Locations type
- Extended
Location Type Edge Zone - EdgeZoneAzure Edge Zones location type
- Extended
Location Type Custom Location - CustomLocationAzure Custom Locations type
- Edge
Zone - EdgeZoneAzure Edge Zones location type
- Custom
Location - CustomLocationAzure Custom Locations type
- Edge
Zone - EdgeZoneAzure Edge Zones location type
- Custom
Location - CustomLocationAzure Custom Locations type
- EDGE_ZONE
- EdgeZoneAzure Edge Zones location type
- CUSTOM_LOCATION
- CustomLocationAzure Custom Locations type
- "Edge
Zone" - EdgeZoneAzure Edge Zones location type
- "Custom
Location" - CustomLocationAzure Custom Locations type
KubernetesSecretObjectMapping, KubernetesSecretObjectMappingArgs
- Source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- Target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- Source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- Target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path String - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key String - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source_
path str - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target_
key str - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path String - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key String - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
KubernetesSecretObjectMappingResponse, KubernetesSecretObjectMappingResponseArgs
- Source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- Target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- Source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- Target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path String - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key String - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path string - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key string - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source_
path str - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target_
key str - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
- source
Path String - SourcePath is the identifier for the secret data as defined by the external secret provider. This is the key or path to the secret in the provider's system, which gets mounted to a specific path in the pod. The value should match the name of the secret as specified in the SecretProviderClass's objects array.
- target
Key String - TargetKey is the key in the Kubernetes secret's data field where the secret value will be stored. This key is used to reference the secret data within Kubernetes, and it should be unique within the secret.
KubernetesSecretType, KubernetesSecretTypeArgs
- Opaque
- OpaqueOpaque is the default secret type.
- Tls
- kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
- Kubernetes
Secret Type Opaque - OpaqueOpaque is the default secret type.
- Kubernetes
Secret Type Tls - kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
- Opaque
- OpaqueOpaque is the default secret type.
- Tls
- kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
- Opaque
- OpaqueOpaque is the default secret type.
- Tls
- kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
- OPAQUE
- OpaqueOpaque is the default secret type.
- TLS
- kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
- "Opaque"
- OpaqueOpaque is the default secret type.
- "kubernetes.io/tls"
- kubernetes.io/tlsThe kubernetes.io/tls secret type is for storing a certificate and its associated key that are typically used for TLS.
SecretSyncConditionResponse, SecretSyncConditionResponseArgs
- Last
Transition stringTime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- Message string
- Message is a human readable message indicating details about the transition. This may be an empty string.
- Observed
Generation double - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- Reason string
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- Status string
- Status of the condition, one of True, False, Unknown.
- Type string
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- Last
Transition stringTime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- Message string
- Message is a human readable message indicating details about the transition. This may be an empty string.
- Observed
Generation float64 - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- Reason string
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- Status string
- Status of the condition, one of True, False, Unknown.
- Type string
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- last
Transition StringTime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- message String
- Message is a human readable message indicating details about the transition. This may be an empty string.
- observed
Generation Double - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- reason String
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- status String
- Status of the condition, one of True, False, Unknown.
- type String
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- last
Transition stringTime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- message string
- Message is a human readable message indicating details about the transition. This may be an empty string.
- observed
Generation number - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- reason string
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- status string
- Status of the condition, one of True, False, Unknown.
- type string
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- last_
transition_ strtime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- message str
- Message is a human readable message indicating details about the transition. This may be an empty string.
- observed_
generation float - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- reason str
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- status str
- Status of the condition, one of True, False, Unknown.
- type str
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- last
Transition StringTime - LastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- message String
- Message is a human readable message indicating details about the transition. This may be an empty string.
- observed
Generation Number - ObservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
- reason String
- Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
- status String
- Status of the condition, one of True, False, Unknown.
- type String
- Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to de-conflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
SecretSyncStatusResponse, SecretSyncStatusResponseArgs
- Conditions
List<Pulumi.
Azure Native. Secret Sync Controller. Inputs. Secret Sync Condition Response> - Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- Last
Successful stringSync Time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
- Conditions
[]Secret
Sync Condition Response - Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- Last
Successful stringSync Time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
- conditions
List<Secret
Sync Condition Response> - Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- last
Successful StringSync Time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
- conditions
Secret
Sync Condition Response[] - Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- last
Successful stringSync Time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
- conditions
Sequence[Secret
Sync Condition Response] - Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- last_
successful_ strsync_ time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
- conditions List<Property Map>
- Conditions represent the status of the secret create and update processes. The status can be True, False, or Unknown with various reasons and messages explaining the state. Examples of reasons include CreateSucceeded, ProviderError, InvalidClusterSecretLabelError, InvalidClusterSecretAnnotationError, UnknownError, ValidatingAdmissionPolicyCheckFailed, UserInputValidationFailed, ControllerSpcError, ControllerInternalError, NoValueChange, and ValueChangeOrForceUpdateDetected.
- last
Successful StringSync Time - LastSuccessfulSyncTime represents the last time the secret was retrieved from the Provider and updated.
SystemDataResponse, SystemDataResponseArgs
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:secretsynccontroller:SecretSync secretsync-ssc-example /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecretSyncController/secretSyncs/{secretSyncName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v1 docs if using the v1 version of this package.
Azure Native v2.73.0 published on Wednesday, Nov 20, 2024 by Pulumi