Docs
PackagesAlibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi
alicloud.kms.getSecrets
Explore with Pulumi AI
This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.
NOTE: Available in v1.86.0+.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
// Declare the data source
const kmsSecretsDs = alicloud.kms.getSecrets({
fetchTags: true,
nameRegex: "name_regex",
tags: {
"k-aa": "v-aa",
"k-bb": "v-bb",
},
});
export const firstSecretId = kmsSecretsDs.then(kmsSecretsDs => kmsSecretsDs.secrets?.[0]?.id);
import pulumi
import pulumi_alicloud as alicloud
# Declare the data source
kms_secrets_ds = alicloud.kms.get_secrets(fetch_tags=True,
name_regex="name_regex",
tags={
"k-aa": "v-aa",
"k-bb": "v-bb",
})
pulumi.export("firstSecretId", kms_secrets_ds.secrets[0].id)
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Declare the data source
kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
FetchTags: pulumi.BoolRef(true),
NameRegex: pulumi.StringRef("name_regex"),
Tags: map[string]interface{}{
"k-aa": "v-aa",
"k-bb": "v-bb",
},
}, nil)
if err != nil {
return err
}
ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
// Declare the data source
var kmsSecretsDs = AliCloud.Kms.GetSecrets.Invoke(new()
{
FetchTags = true,
NameRegex = "name_regex",
Tags =
{
{ "k-aa", "v-aa" },
{ "k-bb", "v-bb" },
},
});
return new Dictionary<string, object?>
{
["firstSecretId"] = kmsSecretsDs.Apply(getSecretsResult => getSecretsResult.Secrets[0]?.Id),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.kms.KmsFunctions;
import com.pulumi.alicloud.kms.inputs.GetSecretsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Declare the data source
final var kmsSecretsDs = KmsFunctions.getSecrets(GetSecretsArgs.builder()
.fetchTags(true)
.nameRegex("name_regex")
.tags(Map.ofEntries(
Map.entry("k-aa", "v-aa"),
Map.entry("k-bb", "v-bb")
))
.build());
ctx.export("firstSecretId", kmsSecretsDs.applyValue(getSecretsResult -> getSecretsResult.secrets()[0].id()));
}
}
variables:
# Declare the data source
kmsSecretsDs:
fn::invoke:
Function: alicloud:kms:getSecrets
Arguments:
fetchTags: true
nameRegex: name_regex
tags:
k-aa: v-aa
k-bb: v-bb
outputs:
firstSecretId: ${kmsSecretsDs.secrets[0].id}
Using getSecrets
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>def get_secrets(enable_details: Optional[bool] = None,
fetch_tags: Optional[bool] = None,
filters: Optional[str] = None,
ids: Optional[Sequence[str]] = None,
name_regex: Optional[str] = None,
output_file: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
opts: Optional[InvokeOptions] = None) -> GetSecretsResult
def get_secrets_output(enable_details: Optional[pulumi.Input[bool]] = None,
fetch_tags: Optional[pulumi.Input[bool]] = None,
filters: Optional[pulumi.Input[str]] = None,
ids: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
name_regex: Optional[pulumi.Input[str]] = None,
output_file: Optional[pulumi.Input[str]] = None,
tags: Optional[pulumi.Input[Mapping[str, Any]]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput> Note: This function is named GetSecrets in the Go SDK.
public static class GetSecrets
{
public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: alicloud:kms/getSecrets:getSecrets
arguments:
# arguments dictionaryThe following arguments are supported:
- Enable
Details bool - Default to
false. Set it to true can output more details. - bool
- Whether to include the predetermined resource tag in the return value. Default to
false. - Filters string
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- Ids List<string>
- A list of KMS Secret ids. The value is same as KMS secret_name.
- Name
Regex string - A regex string to filter the results by the KMS secret_name.
- Output
File string - File name where to save data source results (after running
pulumi preview). - Dictionary<string, object>
- A mapping of tags to assign to the resource.
- Enable
Details bool - Default to
false. Set it to true can output more details. - bool
- Whether to include the predetermined resource tag in the return value. Default to
false. - Filters string
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- Ids []string
- A list of KMS Secret ids. The value is same as KMS secret_name.
- Name
Regex string - A regex string to filter the results by the KMS secret_name.
- Output
File string - File name where to save data source results (after running
pulumi preview). - map[string]interface{}
- A mapping of tags to assign to the resource.
- enable
Details Boolean - Default to
false. Set it to true can output more details. - Boolean
- Whether to include the predetermined resource tag in the return value. Default to
false. - filters String
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids List<String>
- A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex String - A regex string to filter the results by the KMS secret_name.
- output
File String - File name where to save data source results (after running
pulumi preview). - Map<String,Object>
- A mapping of tags to assign to the resource.
- enable
Details boolean - Default to
false. Set it to true can output more details. - boolean
- Whether to include the predetermined resource tag in the return value. Default to
false. - filters string
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids string[]
- A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex string - A regex string to filter the results by the KMS secret_name.
- output
File string - File name where to save data source results (after running
pulumi preview). - {[key: string]: any}
- A mapping of tags to assign to the resource.
- enable_
details bool - Default to
false. Set it to true can output more details. - bool
- Whether to include the predetermined resource tag in the return value. Default to
false. - filters str
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids Sequence[str]
- A list of KMS Secret ids. The value is same as KMS secret_name.
- name_
regex str - A regex string to filter the results by the KMS secret_name.
- output_
file str - File name where to save data source results (after running
pulumi preview). - Mapping[str, Any]
- A mapping of tags to assign to the resource.
- enable
Details Boolean - Default to
false. Set it to true can output more details. - Boolean
- Whether to include the predetermined resource tag in the return value. Default to
false. - filters String
- The secret filter. The filter consists of one or more key-value pairs. More details see API ListSecrets.
- ids List<String>
- A list of KMS Secret ids. The value is same as KMS secret_name.
- name
Regex String - A regex string to filter the results by the KMS secret_name.
- output
File String - File name where to save data source results (after running
pulumi preview). - Map<Any>
- A mapping of tags to assign to the resource.
getSecrets Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids List<string>
- A list of Kms Secret ids. The value is same as KMS secret_name.
- Names List<string>
- A list of KMS Secret names.
- Secrets
List<Pulumi.
Ali Cloud. Kms. Outputs. Get Secrets Secret> - A list of KMS Secrets. Each element contains the following attributes:
- Enable
Details bool - bool
- Filters string
- Name
Regex string - Output
File string - Dictionary<string, object>
- (Optional) A mapping of tags to assign to the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Ids []string
- A list of Kms Secret ids. The value is same as KMS secret_name.
- Names []string
- A list of KMS Secret names.
- Secrets
[]Get
Secrets Secret - A list of KMS Secrets. Each element contains the following attributes:
- Enable
Details bool - bool
- Filters string
- Name
Regex string - Output
File string - map[string]interface{}
- (Optional) A mapping of tags to assign to the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- A list of Kms Secret ids. The value is same as KMS secret_name.
- names List<String>
- A list of KMS Secret names.
- secrets
List<Get
Secrets Secret> - A list of KMS Secrets. Each element contains the following attributes:
- enable
Details Boolean - Boolean
- filters String
- name
Regex String - output
File String - Map<String,Object>
- (Optional) A mapping of tags to assign to the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- ids string[]
- A list of Kms Secret ids. The value is same as KMS secret_name.
- names string[]
- A list of KMS Secret names.
- secrets
Get
Secrets Secret[] - A list of KMS Secrets. Each element contains the following attributes:
- enable
Details boolean - boolean
- filters string
- name
Regex string - output
File string - {[key: string]: any}
- (Optional) A mapping of tags to assign to the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- ids Sequence[str]
- A list of Kms Secret ids. The value is same as KMS secret_name.
- names Sequence[str]
- A list of KMS Secret names.
- secrets
Sequence[Get
Secrets Secret] - A list of KMS Secrets. Each element contains the following attributes:
- enable_
details bool - bool
- filters str
- name_
regex str - output_
file str - Mapping[str, Any]
- (Optional) A mapping of tags to assign to the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- ids List<String>
- A list of Kms Secret ids. The value is same as KMS secret_name.
- names List<String>
- A list of KMS Secret names.
- secrets List<Property Map>
- A list of KMS Secrets. Each element contains the following attributes:
- enable
Details Boolean - Boolean
- filters String
- name
Regex String - output
File String - Map<Any>
- (Optional) A mapping of tags to assign to the resource.
Supporting Types
GetSecretsSecret
- Arn string
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- Description string
- (Available in 1.124.0+) The description of the secret.
- Encryption
Key stringId - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- Id string
- ID of the Kms Secret. The value is same as KMS secret_name.
- Planned
Delete stringTime - Schedule deletion time.
- Secret
Data string - (Available in 1.124.0+) The value of the secret that you want to create.
- Secret
Data stringType - (Available in 1.124.0+) The type of the secret data value.
- Secret
Name string - Name of the KMS Secret.
- Secret
Type string - (Available in 1.124.0+) The type of the secret.
- Dictionary<string, object>
- A mapping of tags to assign to the resource.
- Version
Id string - (Available in 1.124.0+) The version number of the initial version.
- Version
Stages List<string> - (Available in 1.124.0+) The stage labels that mark the new secret version.
- Arn string
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- Description string
- (Available in 1.124.0+) The description of the secret.
- Encryption
Key stringId - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- Id string
- ID of the Kms Secret. The value is same as KMS secret_name.
- Planned
Delete stringTime - Schedule deletion time.
- Secret
Data string - (Available in 1.124.0+) The value of the secret that you want to create.
- Secret
Data stringType - (Available in 1.124.0+) The type of the secret data value.
- Secret
Name string - Name of the KMS Secret.
- Secret
Type string - (Available in 1.124.0+) The type of the secret.
- map[string]interface{}
- A mapping of tags to assign to the resource.
- Version
Id string - (Available in 1.124.0+) The version number of the initial version.
- Version
Stages []string - (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn String
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- description String
- (Available in 1.124.0+) The description of the secret.
- encryption
Key StringId - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id String
- ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete StringTime - Schedule deletion time.
- secret
Data String - (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data StringType - (Available in 1.124.0+) The type of the secret data value.
- secret
Name String - Name of the KMS Secret.
- secret
Type String - (Available in 1.124.0+) The type of the secret.
- Map<String,Object>
- A mapping of tags to assign to the resource.
- version
Id String - (Available in 1.124.0+) The version number of the initial version.
- version
Stages List<String> - (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn string
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- description string
- (Available in 1.124.0+) The description of the secret.
- encryption
Key stringId - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id string
- ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete stringTime - Schedule deletion time.
- secret
Data string - (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data stringType - (Available in 1.124.0+) The type of the secret data value.
- secret
Name string - Name of the KMS Secret.
- secret
Type string - (Available in 1.124.0+) The type of the secret.
- {[key: string]: any}
- A mapping of tags to assign to the resource.
- version
Id string - (Available in 1.124.0+) The version number of the initial version.
- version
Stages string[] - (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn str
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- description str
- (Available in 1.124.0+) The description of the secret.
- encryption_
key_ strid - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id str
- ID of the Kms Secret. The value is same as KMS secret_name.
- planned_
delete_ strtime - Schedule deletion time.
- secret_
data str - (Available in 1.124.0+) The value of the secret that you want to create.
- secret_
data_ strtype - (Available in 1.124.0+) The type of the secret data value.
- secret_
name str - Name of the KMS Secret.
- secret_
type str - (Available in 1.124.0+) The type of the secret.
- Mapping[str, Any]
- A mapping of tags to assign to the resource.
- version_
id str - (Available in 1.124.0+) The version number of the initial version.
- version_
stages Sequence[str] - (Available in 1.124.0+) The stage labels that mark the new secret version.
- arn String
- (Available in 1.124.0+) A mapping of tags to assign to the resource.
- description String
- (Available in 1.124.0+) The description of the secret.
- encryption
Key StringId - (Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.
- id String
- ID of the Kms Secret. The value is same as KMS secret_name.
- planned
Delete StringTime - Schedule deletion time.
- secret
Data String - (Available in 1.124.0+) The value of the secret that you want to create.
- secret
Data StringType - (Available in 1.124.0+) The type of the secret data value.
- secret
Name String - Name of the KMS Secret.
- secret
Type String - (Available in 1.124.0+) The type of the secret.
- Map<Any>
- A mapping of tags to assign to the resource.
- version
Id String - (Available in 1.124.0+) The version number of the initial version.
- version
Stages List<String> - (Available in 1.124.0+) The stage labels that mark the new secret version.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.