azure-native.keyvault.Secret
Explore with Pulumi AI
Resource information with extended details.
Uses Azure REST API version 2024-11-01. In version 2.x of the Azure Native provider, it used API version 2023-02-01.
Other available API versions: 2023-02-01, 2023-07-01, 2024-04-01-preview, 2024-12-01-preview. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native keyvault [ApiVersion]
. See the version guide for details.
Create Secret Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Secret(name: string, args: SecretArgs, opts?: CustomResourceOptions);
@overload
def Secret(resource_name: str,
args: SecretArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Secret(resource_name: str,
opts: Optional[ResourceOptions] = None,
properties: Optional[SecretPropertiesArgs] = None,
resource_group_name: Optional[str] = None,
vault_name: Optional[str] = None,
secret_name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
func NewSecret(ctx *Context, name string, args SecretArgs, opts ...ResourceOption) (*Secret, error)
public Secret(string name, SecretArgs args, CustomResourceOptions? opts = null)
public Secret(String name, SecretArgs args)
public Secret(String name, SecretArgs args, CustomResourceOptions options)
type: azure-native:keyvault:Secret
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecretArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. SecretArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecretArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecretArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. SecretArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var examplesecretResourceResourceFromKeyvault = new AzureNative.KeyVault.Secret("examplesecretResourceResourceFromKeyvault", new()
{
Properties = new AzureNative.KeyVault.Inputs.SecretPropertiesArgs
{
Attributes = new AzureNative.KeyVault.Inputs.SecretAttributesArgs
{
Enabled = false,
Expires = 0,
NotBefore = 0,
},
ContentType = "string",
Value = "string",
},
ResourceGroupName = "string",
VaultName = "string",
SecretName = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := keyvault.NewSecret(ctx, "examplesecretResourceResourceFromKeyvault", &keyvault.SecretArgs{
Properties: &keyvault.SecretPropertiesArgs{
Attributes: &keyvault.SecretAttributesArgs{
Enabled: pulumi.Bool(false),
Expires: pulumi.Int(0),
NotBefore: pulumi.Int(0),
},
ContentType: pulumi.String("string"),
Value: pulumi.String("string"),
},
ResourceGroupName: pulumi.String("string"),
VaultName: pulumi.String("string"),
SecretName: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var examplesecretResourceResourceFromKeyvault = new Secret("examplesecretResourceResourceFromKeyvault", SecretArgs.builder()
.properties(SecretPropertiesArgs.builder()
.attributes(SecretAttributesArgs.builder()
.enabled(false)
.expires(0)
.notBefore(0)
.build())
.contentType("string")
.value("string")
.build())
.resourceGroupName("string")
.vaultName("string")
.secretName("string")
.tags(Map.of("string", "string"))
.build());
examplesecret_resource_resource_from_keyvault = azure_native.keyvault.Secret("examplesecretResourceResourceFromKeyvault",
properties={
"attributes": {
"enabled": False,
"expires": 0,
"not_before": 0,
},
"content_type": "string",
"value": "string",
},
resource_group_name="string",
vault_name="string",
secret_name="string",
tags={
"string": "string",
})
const examplesecretResourceResourceFromKeyvault = new azure_native.keyvault.Secret("examplesecretResourceResourceFromKeyvault", {
properties: {
attributes: {
enabled: false,
expires: 0,
notBefore: 0,
},
contentType: "string",
value: "string",
},
resourceGroupName: "string",
vaultName: "string",
secretName: "string",
tags: {
string: "string",
},
});
type: azure-native:keyvault:Secret
properties:
properties:
attributes:
enabled: false
expires: 0
notBefore: 0
contentType: string
value: string
resourceGroupName: string
secretName: string
tags:
string: string
vaultName: string
Secret Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Secret resource accepts the following input properties:
- Properties
This property is required. Pulumi.Azure Native. Key Vault. Inputs. Secret Properties - Properties of the secret
- Resource
Group Name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- Vault
Name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- Secret
Name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- Dictionary<string, string>
- The tags that will be assigned to the secret.
- Properties
This property is required. SecretProperties Args - Properties of the secret
- Resource
Group Name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- Vault
Name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- Secret
Name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- map[string]string
- The tags that will be assigned to the secret.
- properties
This property is required. SecretProperties - Properties of the secret
- resource
Group Name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- vault
Name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- secret
Name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- Map<String,String>
- The tags that will be assigned to the secret.
- properties
This property is required. SecretProperties - Properties of the secret
- resource
Group Name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- vault
Name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- secret
Name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- {[key: string]: string}
- The tags that will be assigned to the secret.
- properties
This property is required. SecretProperties Args - Properties of the secret
- resource_
group_ name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- vault_
name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- secret_
name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- Mapping[str, str]
- The tags that will be assigned to the secret.
- properties
This property is required. Property Map - Properties of the secret
- resource
Group Name This property is required. Changes to this property will trigger replacement.
- The name of the Resource Group to which the vault belongs.
- vault
Name This property is required. Changes to this property will trigger replacement.
- Name of the vault
- secret
Name Changes to this property will trigger replacement.
- Name of the secret. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information.
- Map<String>
- The tags that will be assigned to the secret.
Outputs
All input properties are implicitly available as output properties. Additionally, the Secret resource produces the following output properties:
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Location string
- Azure location of the key vault resource.
- Name string
- Name of the key vault resource.
- Type string
- Resource type of the key vault resource.
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Location string
- Azure location of the key vault resource.
- Name string
- Name of the key vault resource.
- Type string
- Resource type of the key vault resource.
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- location String
- Azure location of the key vault resource.
- name String
- Name of the key vault resource.
- type String
- Resource type of the key vault resource.
- azure
Api stringVersion - The Azure API version of the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- location string
- Azure location of the key vault resource.
- name string
- Name of the key vault resource.
- type string
- Resource type of the key vault resource.
- azure_
api_ strversion - The Azure API version of the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- location str
- Azure location of the key vault resource.
- name str
- Name of the key vault resource.
- type str
- Resource type of the key vault resource.
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- location String
- Azure location of the key vault resource.
- name String
- Name of the key vault resource.
- type String
- Resource type of the key vault resource.
Supporting Types
SecretAttributes, SecretAttributesArgs
- enabled bool
- Determines whether the object is enabled.
- expires int
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not_
before int - Not before date in seconds since 1970-01-01T00:00:00Z.
SecretAttributesResponse, SecretAttributesResponseArgs
- Created
This property is required. int - Creation time in seconds since 1970-01-01T00:00:00Z.
- Updated
This property is required. int - Last updated time in seconds since 1970-01-01T00:00:00Z.
- Enabled bool
- Determines whether the object is enabled.
- Expires int
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- Not
Before int - Not before date in seconds since 1970-01-01T00:00:00Z.
- Created
This property is required. int - Creation time in seconds since 1970-01-01T00:00:00Z.
- Updated
This property is required. int - Last updated time in seconds since 1970-01-01T00:00:00Z.
- Enabled bool
- Determines whether the object is enabled.
- Expires int
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- Not
Before int - Not before date in seconds since 1970-01-01T00:00:00Z.
- created
This property is required. Integer - Creation time in seconds since 1970-01-01T00:00:00Z.
- updated
This property is required. Integer - Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled Boolean
- Determines whether the object is enabled.
- expires Integer
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before Integer - Not before date in seconds since 1970-01-01T00:00:00Z.
- created
This property is required. number - Creation time in seconds since 1970-01-01T00:00:00Z.
- updated
This property is required. number - Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled boolean
- Determines whether the object is enabled.
- expires number
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before number - Not before date in seconds since 1970-01-01T00:00:00Z.
- created
This property is required. int - Creation time in seconds since 1970-01-01T00:00:00Z.
- updated
This property is required. int - Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled bool
- Determines whether the object is enabled.
- expires int
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not_
before int - Not before date in seconds since 1970-01-01T00:00:00Z.
- created
This property is required. Number - Creation time in seconds since 1970-01-01T00:00:00Z.
- updated
This property is required. Number - Last updated time in seconds since 1970-01-01T00:00:00Z.
- enabled Boolean
- Determines whether the object is enabled.
- expires Number
- Expiry date in seconds since 1970-01-01T00:00:00Z.
- not
Before Number - Not before date in seconds since 1970-01-01T00:00:00Z.
SecretProperties, SecretPropertiesArgs
- Attributes
Pulumi.
Azure Native. Key Vault. Inputs. Secret Attributes - The attributes of the secret.
- Content
Type string - The content type of the secret.
- Value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- Attributes
Secret
Attributes - The attributes of the secret.
- Content
Type string - The content type of the secret.
- Value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- attributes
Secret
Attributes - The attributes of the secret.
- content
Type String - The content type of the secret.
- value String
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- attributes
Secret
Attributes - The attributes of the secret.
- content
Type string - The content type of the secret.
- value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- attributes
Secret
Attributes - The attributes of the secret.
- content_
type str - The content type of the secret.
- value str
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- attributes Property Map
- The attributes of the secret.
- content
Type String - The content type of the secret.
- value String
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
SecretPropertiesResponse, SecretPropertiesResponseArgs
- Secret
Uri This property is required. string - The URI to retrieve the current version of the secret.
- Secret
Uri With Version This property is required. string - The URI to retrieve the specific version of the secret.
- Attributes
Pulumi.
Azure Native. Key Vault. Inputs. Secret Attributes Response - The attributes of the secret.
- Content
Type string - The content type of the secret.
- Value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- Secret
Uri This property is required. string - The URI to retrieve the current version of the secret.
- Secret
Uri With Version This property is required. string - The URI to retrieve the specific version of the secret.
- Attributes
Secret
Attributes Response - The attributes of the secret.
- Content
Type string - The content type of the secret.
- Value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- secret
Uri This property is required. String - The URI to retrieve the current version of the secret.
- secret
Uri With Version This property is required. String - The URI to retrieve the specific version of the secret.
- attributes
Secret
Attributes Response - The attributes of the secret.
- content
Type String - The content type of the secret.
- value String
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- secret
Uri This property is required. string - The URI to retrieve the current version of the secret.
- secret
Uri With Version This property is required. string - The URI to retrieve the specific version of the secret.
- attributes
Secret
Attributes Response - The attributes of the secret.
- content
Type string - The content type of the secret.
- value string
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- secret_
uri This property is required. str - The URI to retrieve the current version of the secret.
- secret_
uri_ with_ version This property is required. str - The URI to retrieve the specific version of the secret.
- attributes
Secret
Attributes Response - The attributes of the secret.
- content_
type str - The content type of the secret.
- value str
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
- secret
Uri This property is required. String - The URI to retrieve the current version of the secret.
- secret
Uri With Version This property is required. String - The URI to retrieve the specific version of the secret.
- attributes Property Map
- The attributes of the secret.
- content
Type String - The content type of the secret.
- value String
- The value of the secret. NOTE: 'value' will never be returned from the service, as APIs using this model are is intended for internal use in ARM deployments. Users should use the data-plane REST service for interaction with vault secrets.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:keyvault:Secret secret-name /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{vaultName}/secrets/{secretName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0