HashiCorp Vault v6.4.0 published on Wednesday, Nov 20, 2024 by Pulumi
vault.kv.getSecretsList
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as vault from "@pulumi/vault";
const kvv1 = new vault.Mount("kvv1", {
path: "kvv1",
type: "kv",
options: {
version: "1",
},
description: "KV Version 1 secret engine mount",
});
const awsSecret = new vault.kv.Secret("aws_secret", {
path: pulumi.interpolate`${kvv1.path}/aws-secret`,
dataJson: JSON.stringify({
zip: "zap",
}),
});
const azureSecret = new vault.kv.Secret("azure_secret", {
path: pulumi.interpolate`${kvv1.path}/azure-secret`,
dataJson: JSON.stringify({
foo: "bar",
}),
});
const secrets = vault.kv.getSecretsListOutput({
path: kvv1.path,
});
import pulumi
import json
import pulumi_vault as vault
kvv1 = vault.Mount("kvv1",
path="kvv1",
type="kv",
options={
"version": "1",
},
description="KV Version 1 secret engine mount")
aws_secret = vault.kv.Secret("aws_secret",
path=kvv1.path.apply(lambda path: f"{path}/aws-secret"),
data_json=json.dumps({
"zip": "zap",
}))
azure_secret = vault.kv.Secret("azure_secret",
path=kvv1.path.apply(lambda path: f"{path}/azure-secret"),
data_json=json.dumps({
"foo": "bar",
}))
secrets = vault.kv.get_secrets_list_output(path=kvv1.path)
package main
import (
"encoding/json"
"fmt"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault"
"github.com/pulumi/pulumi-vault/sdk/v6/go/vault/kv"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
kvv1, err := vault.NewMount(ctx, "kvv1", &vault.MountArgs{
Path: pulumi.String("kvv1"),
Type: pulumi.String("kv"),
Options: pulumi.StringMap{
"version": pulumi.String("1"),
},
Description: pulumi.String("KV Version 1 secret engine mount"),
})
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"zip": "zap",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = kv.NewSecret(ctx, "aws_secret", &kv.SecretArgs{
Path: kvv1.Path.ApplyT(func(path string) (string, error) {
return fmt.Sprintf("%v/aws-secret", path), nil
}).(pulumi.StringOutput),
DataJson: pulumi.String(json0),
})
if err != nil {
return err
}
tmpJSON1, err := json.Marshal(map[string]interface{}{
"foo": "bar",
})
if err != nil {
return err
}
json1 := string(tmpJSON1)
_, err = kv.NewSecret(ctx, "azure_secret", &kv.SecretArgs{
Path: kvv1.Path.ApplyT(func(path string) (string, error) {
return fmt.Sprintf("%v/azure-secret", path), nil
}).(pulumi.StringOutput),
DataJson: pulumi.String(json1),
})
if err != nil {
return err
}
_ = kv.GetSecretsListOutput(ctx, kv.GetSecretsListOutputArgs{
Path: kvv1.Path,
}, nil)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Vault = Pulumi.Vault;
return await Deployment.RunAsync(() =>
{
var kvv1 = new Vault.Mount("kvv1", new()
{
Path = "kvv1",
Type = "kv",
Options =
{
{ "version", "1" },
},
Description = "KV Version 1 secret engine mount",
});
var awsSecret = new Vault.Kv.Secret("aws_secret", new()
{
Path = kvv1.Path.Apply(path => $"{path}/aws-secret"),
DataJson = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["zip"] = "zap",
}),
});
var azureSecret = new Vault.Kv.Secret("azure_secret", new()
{
Path = kvv1.Path.Apply(path => $"{path}/azure-secret"),
DataJson = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["foo"] = "bar",
}),
});
var secrets = Vault.kv.GetSecretsList.Invoke(new()
{
Path = kvv1.Path,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.vault.Mount;
import com.pulumi.vault.MountArgs;
import com.pulumi.vault.kv.Secret;
import com.pulumi.vault.kv.SecretArgs;
import com.pulumi.vault.kv.KvFunctions;
import com.pulumi.vault.kv.inputs.GetSecretsListArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var kvv1 = new Mount("kvv1", MountArgs.builder()
.path("kvv1")
.type("kv")
.options(Map.of("version", "1"))
.description("KV Version 1 secret engine mount")
.build());
var awsSecret = new Secret("awsSecret", SecretArgs.builder()
.path(kvv1.path().applyValue(path -> String.format("%s/aws-secret", path)))
.dataJson(serializeJson(
jsonObject(
jsonProperty("zip", "zap")
)))
.build());
var azureSecret = new Secret("azureSecret", SecretArgs.builder()
.path(kvv1.path().applyValue(path -> String.format("%s/azure-secret", path)))
.dataJson(serializeJson(
jsonObject(
jsonProperty("foo", "bar")
)))
.build());
final var secrets = KvFunctions.getSecretsList(GetSecretsListArgs.builder()
.path(kvv1.path())
.build());
}
}
resources:
kvv1:
type: vault:Mount
properties:
path: kvv1
type: kv
options:
version: '1'
description: KV Version 1 secret engine mount
awsSecret:
type: vault:kv:Secret
name: aws_secret
properties:
path: ${kvv1.path}/aws-secret
dataJson:
fn::toJSON:
zip: zap
azureSecret:
type: vault:kv:Secret
name: azure_secret
properties:
path: ${kvv1.path}/azure-secret
dataJson:
fn::toJSON:
foo: bar
variables:
secrets:
fn::invoke:
Function: vault:kv:getSecretsList
Arguments:
path: ${kvv1.path}
Required Vault Capabilities
Use of this resource requires the read
capability on the given path.
Using getSecretsList
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecretsList(args: GetSecretsListArgs, opts?: InvokeOptions): Promise<GetSecretsListResult>
function getSecretsListOutput(args: GetSecretsListOutputArgs, opts?: InvokeOptions): Output<GetSecretsListResult>
def get_secrets_list(namespace: Optional[str] = None,
path: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretsListResult
def get_secrets_list_output(namespace: Optional[pulumi.Input[str]] = None,
path: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretsListResult]
func GetSecretsList(ctx *Context, args *GetSecretsListArgs, opts ...InvokeOption) (*GetSecretsListResult, error)
func GetSecretsListOutput(ctx *Context, args *GetSecretsListOutputArgs, opts ...InvokeOption) GetSecretsListResultOutput
> Note: This function is named GetSecretsList
in the Go SDK.
public static class GetSecretsList
{
public static Task<GetSecretsListResult> InvokeAsync(GetSecretsListArgs args, InvokeOptions? opts = null)
public static Output<GetSecretsListResult> Invoke(GetSecretsListInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetSecretsListResult> getSecretsList(GetSecretsListArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: vault:kv/getSecretsList:getSecretsList
arguments:
# arguments dictionary
The following arguments are supported:
getSecretsList Result
The following output properties are available:
Package Details
- Repository
- Vault pulumi/pulumi-vault
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
vault
Terraform Provider.