1. Packages
  2. Openstack Provider
  3. API Docs
  4. keymanager
  5. SecretV1
OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi

openstack.keymanager.SecretV1

Explore with Pulumi AI

openstack logo
OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi

    Example Usage

    Simple secret

    import * as pulumi from "@pulumi/pulumi";
    import * as openstack from "@pulumi/openstack";
    
    const secret1 = new openstack.keymanager.SecretV1("secret_1", {
        algorithm: "aes",
        bitLength: 256,
        mode: "cbc",
        name: "mysecret",
        payload: "foobar",
        payloadContentType: "text/plain",
        secretType: "passphrase",
        metadata: {
            key: "foo",
        },
    });
    
    import pulumi
    import pulumi_openstack as openstack
    
    secret1 = openstack.keymanager.SecretV1("secret_1",
        algorithm="aes",
        bit_length=256,
        mode="cbc",
        name="mysecret",
        payload="foobar",
        payload_content_type="text/plain",
        secret_type="passphrase",
        metadata={
            "key": "foo",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := keymanager.NewSecretV1(ctx, "secret_1", &keymanager.SecretV1Args{
    			Algorithm:          pulumi.String("aes"),
    			BitLength:          pulumi.Int(256),
    			Mode:               pulumi.String("cbc"),
    			Name:               pulumi.String("mysecret"),
    			Payload:            pulumi.String("foobar"),
    			PayloadContentType: pulumi.String("text/plain"),
    			SecretType:         pulumi.String("passphrase"),
    			Metadata: pulumi.StringMap{
    				"key": pulumi.String("foo"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using OpenStack = Pulumi.OpenStack;
    
    return await Deployment.RunAsync(() => 
    {
        var secret1 = new OpenStack.KeyManager.SecretV1("secret_1", new()
        {
            Algorithm = "aes",
            BitLength = 256,
            Mode = "cbc",
            Name = "mysecret",
            Payload = "foobar",
            PayloadContentType = "text/plain",
            SecretType = "passphrase",
            Metadata = 
            {
                { "key", "foo" },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.openstack.keymanager.SecretV1;
    import com.pulumi.openstack.keymanager.SecretV1Args;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var secret1 = new SecretV1("secret1", SecretV1Args.builder()
                .algorithm("aes")
                .bitLength(256)
                .mode("cbc")
                .name("mysecret")
                .payload("foobar")
                .payloadContentType("text/plain")
                .secretType("passphrase")
                .metadata(Map.of("key", "foo"))
                .build());
    
        }
    }
    
    resources:
      secret1:
        type: openstack:keymanager:SecretV1
        name: secret_1
        properties:
          algorithm: aes
          bitLength: 256
          mode: cbc
          name: mysecret
          payload: foobar
          payloadContentType: text/plain
          secretType: passphrase
          metadata:
            key: foo
    

    Secret with whitespaces

    Note If you want to store payload with leading or trailing whitespaces, it’s recommended to store it in a base64 encoding. Plain text payload can also work, but further addind or removing of the leading or trailing whitespaces won’t be detected as a state change, e.g. changing plain text payload from password to password won’t recreate the secret.

    import * as pulumi from "@pulumi/pulumi";
    import * as openstack from "@pulumi/openstack";
    import * as std from "@pulumi/std";
    
    const secret1 = new openstack.keymanager.SecretV1("secret_1", {
        name: "password",
        payload: std.base64encode({
            input: "password with the whitespace at the end ",
        }).then(invoke => invoke.result),
        secretType: "passphrase",
        payloadContentType: "application/octet-stream",
        payloadContentEncoding: "base64",
    });
    
    import pulumi
    import pulumi_openstack as openstack
    import pulumi_std as std
    
    secret1 = openstack.keymanager.SecretV1("secret_1",
        name="password",
        payload=std.base64encode(input="password with the whitespace at the end ").result,
        secret_type="passphrase",
        payload_content_type="application/octet-stream",
        payload_content_encoding="base64")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeBase64encode, err := std.Base64encode(ctx, &std.Base64encodeArgs{
    			Input: "password with the whitespace at the end ",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = keymanager.NewSecretV1(ctx, "secret_1", &keymanager.SecretV1Args{
    			Name:                   pulumi.String("password"),
    			Payload:                pulumi.String(invokeBase64encode.Result),
    			SecretType:             pulumi.String("passphrase"),
    			PayloadContentType:     pulumi.String("application/octet-stream"),
    			PayloadContentEncoding: pulumi.String("base64"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using OpenStack = Pulumi.OpenStack;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var secret1 = new OpenStack.KeyManager.SecretV1("secret_1", new()
        {
            Name = "password",
            Payload = Std.Base64encode.Invoke(new()
            {
                Input = "password with the whitespace at the end ",
            }).Apply(invoke => invoke.Result),
            SecretType = "passphrase",
            PayloadContentType = "application/octet-stream",
            PayloadContentEncoding = "base64",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.openstack.keymanager.SecretV1;
    import com.pulumi.openstack.keymanager.SecretV1Args;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var secret1 = new SecretV1("secret1", SecretV1Args.builder()
                .name("password")
                .payload(StdFunctions.base64encode(Base64encodeArgs.builder()
                    .input("password with the whitespace at the end ")
                    .build()).result())
                .secretType("passphrase")
                .payloadContentType("application/octet-stream")
                .payloadContentEncoding("base64")
                .build());
    
        }
    }
    
    resources:
      secret1:
        type: openstack:keymanager:SecretV1
        name: secret_1
        properties:
          name: password
          payload:
            fn::invoke:
              Function: std:base64encode
              Arguments:
                input: 'password with the whitespace at the end '
              Return: result
          secretType: passphrase
          payloadContentType: application/octet-stream
          payloadContentEncoding: base64
    

    Secret with the ACL

    Note Only read ACLs are supported

    import * as pulumi from "@pulumi/pulumi";
    import * as openstack from "@pulumi/openstack";
    import * as std from "@pulumi/std";
    
    const secret1 = new openstack.keymanager.SecretV1("secret_1", {
        name: "certificate",
        payload: std.file({
            input: "certificate.pem",
        }).then(invoke => invoke.result),
        secretType: "certificate",
        payloadContentType: "text/plain",
        acl: {
            read: {
                projectAccess: false,
                users: [
                    "userid1",
                    "userid2",
                ],
            },
        },
    });
    
    import pulumi
    import pulumi_openstack as openstack
    import pulumi_std as std
    
    secret1 = openstack.keymanager.SecretV1("secret_1",
        name="certificate",
        payload=std.file(input="certificate.pem").result,
        secret_type="certificate",
        payload_content_type="text/plain",
        acl={
            "read": {
                "project_access": False,
                "users": [
                    "userid1",
                    "userid2",
                ],
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "certificate.pem",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = keymanager.NewSecretV1(ctx, "secret_1", &keymanager.SecretV1Args{
    			Name:               pulumi.String("certificate"),
    			Payload:            pulumi.String(invokeFile.Result),
    			SecretType:         pulumi.String("certificate"),
    			PayloadContentType: pulumi.String("text/plain"),
    			Acl: &keymanager.SecretV1AclArgs{
    				Read: &keymanager.SecretV1AclReadArgs{
    					ProjectAccess: pulumi.Bool(false),
    					Users: pulumi.StringArray{
    						pulumi.String("userid1"),
    						pulumi.String("userid2"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using OpenStack = Pulumi.OpenStack;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var secret1 = new OpenStack.KeyManager.SecretV1("secret_1", new()
        {
            Name = "certificate",
            Payload = Std.File.Invoke(new()
            {
                Input = "certificate.pem",
            }).Apply(invoke => invoke.Result),
            SecretType = "certificate",
            PayloadContentType = "text/plain",
            Acl = new OpenStack.KeyManager.Inputs.SecretV1AclArgs
            {
                Read = new OpenStack.KeyManager.Inputs.SecretV1AclReadArgs
                {
                    ProjectAccess = false,
                    Users = new[]
                    {
                        "userid1",
                        "userid2",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.openstack.keymanager.SecretV1;
    import com.pulumi.openstack.keymanager.SecretV1Args;
    import com.pulumi.openstack.keymanager.inputs.SecretV1AclArgs;
    import com.pulumi.openstack.keymanager.inputs.SecretV1AclReadArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var secret1 = new SecretV1("secret1", SecretV1Args.builder()
                .name("certificate")
                .payload(StdFunctions.file(FileArgs.builder()
                    .input("certificate.pem")
                    .build()).result())
                .secretType("certificate")
                .payloadContentType("text/plain")
                .acl(SecretV1AclArgs.builder()
                    .read(SecretV1AclReadArgs.builder()
                        .projectAccess(false)
                        .users(                    
                            "userid1",
                            "userid2")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      secret1:
        type: openstack:keymanager:SecretV1
        name: secret_1
        properties:
          name: certificate
          payload:
            fn::invoke:
              Function: std:file
              Arguments:
                input: certificate.pem
              Return: result
          secretType: certificate
          payloadContentType: text/plain
          acl:
            read:
              projectAccess: false
              users:
                - userid1
                - userid2
    

    Create SecretV1 Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecretV1(name: string, args?: SecretV1Args, opts?: CustomResourceOptions);
    @overload
    def SecretV1(resource_name: str,
                 args: Optional[SecretV1Args] = None,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecretV1(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 acl: Optional[SecretV1AclArgs] = None,
                 algorithm: Optional[str] = None,
                 bit_length: Optional[int] = None,
                 expiration: Optional[str] = None,
                 metadata: Optional[Mapping[str, str]] = None,
                 mode: Optional[str] = None,
                 name: Optional[str] = None,
                 payload: Optional[str] = None,
                 payload_content_encoding: Optional[str] = None,
                 payload_content_type: Optional[str] = None,
                 region: Optional[str] = None,
                 secret_type: Optional[str] = None)
    func NewSecretV1(ctx *Context, name string, args *SecretV1Args, opts ...ResourceOption) (*SecretV1, error)
    public SecretV1(string name, SecretV1Args? args = null, CustomResourceOptions? opts = null)
    public SecretV1(String name, SecretV1Args args)
    public SecretV1(String name, SecretV1Args args, CustomResourceOptions options)
    
    type: openstack:keymanager:SecretV1
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecretV1Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretV1Args
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretV1Args
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretV1Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretV1Args
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var secretV1Resource = new OpenStack.KeyManager.SecretV1("secretV1Resource", new()
    {
        Acl = new OpenStack.KeyManager.Inputs.SecretV1AclArgs
        {
            Read = new OpenStack.KeyManager.Inputs.SecretV1AclReadArgs
            {
                CreatedAt = "string",
                ProjectAccess = false,
                UpdatedAt = "string",
                Users = new[]
                {
                    "string",
                },
            },
        },
        Algorithm = "string",
        BitLength = 0,
        Expiration = "string",
        Metadata = 
        {
            { "string", "string" },
        },
        Mode = "string",
        Name = "string",
        Payload = "string",
        PayloadContentEncoding = "string",
        PayloadContentType = "string",
        Region = "string",
        SecretType = "string",
    });
    
    example, err := keymanager.NewSecretV1(ctx, "secretV1Resource", &keymanager.SecretV1Args{
    	Acl: &keymanager.SecretV1AclArgs{
    		Read: &keymanager.SecretV1AclReadArgs{
    			CreatedAt:     pulumi.String("string"),
    			ProjectAccess: pulumi.Bool(false),
    			UpdatedAt:     pulumi.String("string"),
    			Users: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	Algorithm:  pulumi.String("string"),
    	BitLength:  pulumi.Int(0),
    	Expiration: pulumi.String("string"),
    	Metadata: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Mode:                   pulumi.String("string"),
    	Name:                   pulumi.String("string"),
    	Payload:                pulumi.String("string"),
    	PayloadContentEncoding: pulumi.String("string"),
    	PayloadContentType:     pulumi.String("string"),
    	Region:                 pulumi.String("string"),
    	SecretType:             pulumi.String("string"),
    })
    
    var secretV1Resource = new SecretV1("secretV1Resource", SecretV1Args.builder()
        .acl(SecretV1AclArgs.builder()
            .read(SecretV1AclReadArgs.builder()
                .createdAt("string")
                .projectAccess(false)
                .updatedAt("string")
                .users("string")
                .build())
            .build())
        .algorithm("string")
        .bitLength(0)
        .expiration("string")
        .metadata(Map.of("string", "string"))
        .mode("string")
        .name("string")
        .payload("string")
        .payloadContentEncoding("string")
        .payloadContentType("string")
        .region("string")
        .secretType("string")
        .build());
    
    secret_v1_resource = openstack.keymanager.SecretV1("secretV1Resource",
        acl={
            "read": {
                "created_at": "string",
                "project_access": False,
                "updated_at": "string",
                "users": ["string"],
            },
        },
        algorithm="string",
        bit_length=0,
        expiration="string",
        metadata={
            "string": "string",
        },
        mode="string",
        name="string",
        payload="string",
        payload_content_encoding="string",
        payload_content_type="string",
        region="string",
        secret_type="string")
    
    const secretV1Resource = new openstack.keymanager.SecretV1("secretV1Resource", {
        acl: {
            read: {
                createdAt: "string",
                projectAccess: false,
                updatedAt: "string",
                users: ["string"],
            },
        },
        algorithm: "string",
        bitLength: 0,
        expiration: "string",
        metadata: {
            string: "string",
        },
        mode: "string",
        name: "string",
        payload: "string",
        payloadContentEncoding: "string",
        payloadContentType: "string",
        region: "string",
        secretType: "string",
    });
    
    type: openstack:keymanager:SecretV1
    properties:
        acl:
            read:
                createdAt: string
                projectAccess: false
                updatedAt: string
                users:
                    - string
        algorithm: string
        bitLength: 0
        expiration: string
        metadata:
            string: string
        mode: string
        name: string
        payload: string
        payloadContentEncoding: string
        payloadContentType: string
        region: string
        secretType: string
    

    SecretV1 Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SecretV1 resource accepts the following input properties:

    Acl Pulumi.OpenStack.KeyManager.Inputs.SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    Algorithm string
    Metadata provided by a user or system for informational purposes.
    BitLength int
    Metadata provided by a user or system for informational purposes.
    Expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    Metadata Dictionary<string, string>
    Additional Metadata for the secret.
    Mode string
    Metadata provided by a user or system for informational purposes.
    Name string
    Human-readable name for the Secret. Does not have to be unique.
    Payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    PayloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    PayloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    Region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    SecretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    Acl SecretV1AclArgs
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    Algorithm string
    Metadata provided by a user or system for informational purposes.
    BitLength int
    Metadata provided by a user or system for informational purposes.
    Expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    Metadata map[string]string
    Additional Metadata for the secret.
    Mode string
    Metadata provided by a user or system for informational purposes.
    Name string
    Human-readable name for the Secret. Does not have to be unique.
    Payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    PayloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    PayloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    Region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    SecretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    acl SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm String
    Metadata provided by a user or system for informational purposes.
    bitLength Integer
    Metadata provided by a user or system for informational purposes.
    expiration String
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Map<String,String>
    Additional Metadata for the secret.
    mode String
    Metadata provided by a user or system for informational purposes.
    name String
    Human-readable name for the Secret. Does not have to be unique.
    payload String
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding String
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType String
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region String
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretType String
    Used to indicate the type of secret being stored. For more information see Secret types.
    acl SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm string
    Metadata provided by a user or system for informational purposes.
    bitLength number
    Metadata provided by a user or system for informational purposes.
    expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata {[key: string]: string}
    Additional Metadata for the secret.
    mode string
    Metadata provided by a user or system for informational purposes.
    name string
    Human-readable name for the Secret. Does not have to be unique.
    payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    acl SecretV1AclArgs
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm str
    Metadata provided by a user or system for informational purposes.
    bit_length int
    Metadata provided by a user or system for informational purposes.
    expiration str
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Mapping[str, str]
    Additional Metadata for the secret.
    mode str
    Metadata provided by a user or system for informational purposes.
    name str
    Human-readable name for the Secret. Does not have to be unique.
    payload str
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payload_content_encoding str
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payload_content_type str
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region str
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secret_type str
    Used to indicate the type of secret being stored. For more information see Secret types.
    acl Property Map
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm String
    Metadata provided by a user or system for informational purposes.
    bitLength Number
    Metadata provided by a user or system for informational purposes.
    expiration String
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Map<String>
    Additional Metadata for the secret.
    mode String
    Metadata provided by a user or system for informational purposes.
    name String
    Human-readable name for the Secret. Does not have to be unique.
    payload String
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding String
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType String
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region String
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretType String
    Used to indicate the type of secret being stored. For more information see Secret types.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecretV1 resource produces the following output properties:

    AllMetadata Dictionary<string, string>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    ContentTypes Dictionary<string, string>
    The map of the content types, assigned on the secret.
    CreatedAt string
    The date the secret was created.
    CreatorId string
    The creator of the secret.
    Id string
    The provider-assigned unique ID for this managed resource.
    SecretRef string
    The secret reference / where to find the secret.
    Status string
    The status of the secret.
    UpdatedAt string
    The date the secret was last updated.
    AllMetadata map[string]string
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    ContentTypes map[string]string
    The map of the content types, assigned on the secret.
    CreatedAt string
    The date the secret was created.
    CreatorId string
    The creator of the secret.
    Id string
    The provider-assigned unique ID for this managed resource.
    SecretRef string
    The secret reference / where to find the secret.
    Status string
    The status of the secret.
    UpdatedAt string
    The date the secret was last updated.
    allMetadata Map<String,String>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    contentTypes Map<String,String>
    The map of the content types, assigned on the secret.
    createdAt String
    The date the secret was created.
    creatorId String
    The creator of the secret.
    id String
    The provider-assigned unique ID for this managed resource.
    secretRef String
    The secret reference / where to find the secret.
    status String
    The status of the secret.
    updatedAt String
    The date the secret was last updated.
    allMetadata {[key: string]: string}
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    contentTypes {[key: string]: string}
    The map of the content types, assigned on the secret.
    createdAt string
    The date the secret was created.
    creatorId string
    The creator of the secret.
    id string
    The provider-assigned unique ID for this managed resource.
    secretRef string
    The secret reference / where to find the secret.
    status string
    The status of the secret.
    updatedAt string
    The date the secret was last updated.
    all_metadata Mapping[str, str]
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    content_types Mapping[str, str]
    The map of the content types, assigned on the secret.
    created_at str
    The date the secret was created.
    creator_id str
    The creator of the secret.
    id str
    The provider-assigned unique ID for this managed resource.
    secret_ref str
    The secret reference / where to find the secret.
    status str
    The status of the secret.
    updated_at str
    The date the secret was last updated.
    allMetadata Map<String>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    contentTypes Map<String>
    The map of the content types, assigned on the secret.
    createdAt String
    The date the secret was created.
    creatorId String
    The creator of the secret.
    id String
    The provider-assigned unique ID for this managed resource.
    secretRef String
    The secret reference / where to find the secret.
    status String
    The status of the secret.
    updatedAt String
    The date the secret was last updated.

    Look up Existing SecretV1 Resource

    Get an existing SecretV1 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretV1State, opts?: CustomResourceOptions): SecretV1
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acl: Optional[SecretV1AclArgs] = None,
            algorithm: Optional[str] = None,
            all_metadata: Optional[Mapping[str, str]] = None,
            bit_length: Optional[int] = None,
            content_types: Optional[Mapping[str, str]] = None,
            created_at: Optional[str] = None,
            creator_id: Optional[str] = None,
            expiration: Optional[str] = None,
            metadata: Optional[Mapping[str, str]] = None,
            mode: Optional[str] = None,
            name: Optional[str] = None,
            payload: Optional[str] = None,
            payload_content_encoding: Optional[str] = None,
            payload_content_type: Optional[str] = None,
            region: Optional[str] = None,
            secret_ref: Optional[str] = None,
            secret_type: Optional[str] = None,
            status: Optional[str] = None,
            updated_at: Optional[str] = None) -> SecretV1
    func GetSecretV1(ctx *Context, name string, id IDInput, state *SecretV1State, opts ...ResourceOption) (*SecretV1, error)
    public static SecretV1 Get(string name, Input<string> id, SecretV1State? state, CustomResourceOptions? opts = null)
    public static SecretV1 get(String name, Output<String> id, SecretV1State state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Acl Pulumi.OpenStack.KeyManager.Inputs.SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    Algorithm string
    Metadata provided by a user or system for informational purposes.
    AllMetadata Dictionary<string, string>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    BitLength int
    Metadata provided by a user or system for informational purposes.
    ContentTypes Dictionary<string, string>
    The map of the content types, assigned on the secret.
    CreatedAt string
    The date the secret was created.
    CreatorId string
    The creator of the secret.
    Expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    Metadata Dictionary<string, string>
    Additional Metadata for the secret.
    Mode string
    Metadata provided by a user or system for informational purposes.
    Name string
    Human-readable name for the Secret. Does not have to be unique.
    Payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    PayloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    PayloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    Region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    SecretRef string
    The secret reference / where to find the secret.
    SecretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    Status string
    The status of the secret.
    UpdatedAt string
    The date the secret was last updated.
    Acl SecretV1AclArgs
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    Algorithm string
    Metadata provided by a user or system for informational purposes.
    AllMetadata map[string]string
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    BitLength int
    Metadata provided by a user or system for informational purposes.
    ContentTypes map[string]string
    The map of the content types, assigned on the secret.
    CreatedAt string
    The date the secret was created.
    CreatorId string
    The creator of the secret.
    Expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    Metadata map[string]string
    Additional Metadata for the secret.
    Mode string
    Metadata provided by a user or system for informational purposes.
    Name string
    Human-readable name for the Secret. Does not have to be unique.
    Payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    PayloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    PayloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    Region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    SecretRef string
    The secret reference / where to find the secret.
    SecretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    Status string
    The status of the secret.
    UpdatedAt string
    The date the secret was last updated.
    acl SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm String
    Metadata provided by a user or system for informational purposes.
    allMetadata Map<String,String>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    bitLength Integer
    Metadata provided by a user or system for informational purposes.
    contentTypes Map<String,String>
    The map of the content types, assigned on the secret.
    createdAt String
    The date the secret was created.
    creatorId String
    The creator of the secret.
    expiration String
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Map<String,String>
    Additional Metadata for the secret.
    mode String
    Metadata provided by a user or system for informational purposes.
    name String
    Human-readable name for the Secret. Does not have to be unique.
    payload String
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding String
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType String
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region String
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretRef String
    The secret reference / where to find the secret.
    secretType String
    Used to indicate the type of secret being stored. For more information see Secret types.
    status String
    The status of the secret.
    updatedAt String
    The date the secret was last updated.
    acl SecretV1Acl
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm string
    Metadata provided by a user or system for informational purposes.
    allMetadata {[key: string]: string}
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    bitLength number
    Metadata provided by a user or system for informational purposes.
    contentTypes {[key: string]: string}
    The map of the content types, assigned on the secret.
    createdAt string
    The date the secret was created.
    creatorId string
    The creator of the secret.
    expiration string
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata {[key: string]: string}
    Additional Metadata for the secret.
    mode string
    Metadata provided by a user or system for informational purposes.
    name string
    Human-readable name for the Secret. Does not have to be unique.
    payload string
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding string
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType string
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region string
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretRef string
    The secret reference / where to find the secret.
    secretType string
    Used to indicate the type of secret being stored. For more information see Secret types.
    status string
    The status of the secret.
    updatedAt string
    The date the secret was last updated.
    acl SecretV1AclArgs
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm str
    Metadata provided by a user or system for informational purposes.
    all_metadata Mapping[str, str]
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    bit_length int
    Metadata provided by a user or system for informational purposes.
    content_types Mapping[str, str]
    The map of the content types, assigned on the secret.
    created_at str
    The date the secret was created.
    creator_id str
    The creator of the secret.
    expiration str
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Mapping[str, str]
    Additional Metadata for the secret.
    mode str
    Metadata provided by a user or system for informational purposes.
    name str
    Human-readable name for the Secret. Does not have to be unique.
    payload str
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payload_content_encoding str
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payload_content_type str
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region str
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secret_ref str
    The secret reference / where to find the secret.
    secret_type str
    Used to indicate the type of secret being stored. For more information see Secret types.
    status str
    The status of the secret.
    updated_at str
    The date the secret was last updated.
    acl Property Map
    Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.
    algorithm String
    Metadata provided by a user or system for informational purposes.
    allMetadata Map<String>
    The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
    bitLength Number
    Metadata provided by a user or system for informational purposes.
    contentTypes Map<String>
    The map of the content types, assigned on the secret.
    createdAt String
    The date the secret was created.
    creatorId String
    The creator of the secret.
    expiration String
    The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.
    metadata Map<String>
    Additional Metadata for the secret.
    mode String
    Metadata provided by a user or system for informational purposes.
    name String
    Human-readable name for the Secret. Does not have to be unique.
    payload String
    The secret's data to be stored. payload_content_type must also be supplied if payload is included.
    payloadContentEncoding String
    (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.
    payloadContentType String
    (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.
    region String
    The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.
    secretRef String
    The secret reference / where to find the secret.
    secretType String
    Used to indicate the type of secret being stored. For more information see Secret types.
    status String
    The status of the secret.
    updatedAt String
    The date the secret was last updated.

    Supporting Types

    SecretV1Acl, SecretV1AclArgs

    SecretV1AclRead, SecretV1AclReadArgs

    CreatedAt string
    The date the secret was created.
    ProjectAccess bool
    Whether the secret is accessible project wide. Defaults to true.
    UpdatedAt string
    The date the secret was last updated.
    Users List<string>
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.
    CreatedAt string
    The date the secret was created.
    ProjectAccess bool
    Whether the secret is accessible project wide. Defaults to true.
    UpdatedAt string
    The date the secret was last updated.
    Users []string
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.
    createdAt String
    The date the secret was created.
    projectAccess Boolean
    Whether the secret is accessible project wide. Defaults to true.
    updatedAt String
    The date the secret was last updated.
    users List<String>
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.
    createdAt string
    The date the secret was created.
    projectAccess boolean
    Whether the secret is accessible project wide. Defaults to true.
    updatedAt string
    The date the secret was last updated.
    users string[]
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.
    created_at str
    The date the secret was created.
    project_access bool
    Whether the secret is accessible project wide. Defaults to true.
    updated_at str
    The date the secret was last updated.
    users Sequence[str]
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.
    createdAt String
    The date the secret was created.
    projectAccess Boolean
    Whether the secret is accessible project wide. Defaults to true.
    updatedAt String
    The date the secret was last updated.
    users List<String>
    The list of user IDs, which are allowed to access the secret, when project_access is set to false.

    Import

    Secrets can be imported using the secret id (the last part of the secret reference), e.g.:

    $ pulumi import openstack:keymanager/secretV1:SecretV1 secret_1 8a7a79c2-cf17-4e65-b2ae-ddc8bfcf6c74
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    OpenStack pulumi/pulumi-openstack
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the openstack Terraform Provider.
    openstack logo
    OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi