1. Packages
  2. Openstack Provider
  3. API Docs
  4. keymanager
  5. getSecret
OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

openstack.keymanager.getSecret

Explore with Pulumi AI

OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const example = openstack.keymanager.getSecret({
    mode: "cbc",
    secretType: "passphrase",
});
Copy
import pulumi
import pulumi_openstack as openstack

example = openstack.keymanager.get_secret(mode="cbc",
    secret_type="passphrase")
Copy
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keymanager.GetSecret(ctx, &keymanager.GetSecretArgs{
			Mode:       pulumi.StringRef("cbc"),
			SecretType: pulumi.StringRef("passphrase"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;

return await Deployment.RunAsync(() => 
{
    var example = OpenStack.KeyManager.GetSecret.Invoke(new()
    {
        Mode = "cbc",
        SecretType = "passphrase",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.keymanager.KeymanagerFunctions;
import com.pulumi.openstack.keymanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = KeymanagerFunctions.getSecret(GetSecretArgs.builder()
            .mode("cbc")
            .secretType("passphrase")
            .build());

    }
}
Copy
variables:
  example:
    fn::invoke:
      function: openstack:keymanager:getSecret
      arguments:
        mode: cbc
        secretType: passphrase
Copy

Date Filters

The values for the expiration_filter, created_at_filter, and updated_at_filter parameters are comma-separated lists of time stamps in RFC3339 format. The time stamps can be prefixed with any of these comparison operators: gt: (greater-than), gte: (greater-than-or-equal), lt: (less-than), lte: (less-than-or-equal).

For example, to get a passphrase a Secret with CBC moda, that will expire in January of 2020:

import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const dateFilterExample = openstack.keymanager.getSecret({
    mode: "cbc",
    secretType: "passphrase",
    expirationFilter: "gt:2020-01-01T00:00:00Z",
});
Copy
import pulumi
import pulumi_openstack as openstack

date_filter_example = openstack.keymanager.get_secret(mode="cbc",
    secret_type="passphrase",
    expiration_filter="gt:2020-01-01T00:00:00Z")
Copy
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keymanager.GetSecret(ctx, &keymanager.GetSecretArgs{
			Mode:             pulumi.StringRef("cbc"),
			SecretType:       pulumi.StringRef("passphrase"),
			ExpirationFilter: pulumi.StringRef("gt:2020-01-01T00:00:00Z"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;

return await Deployment.RunAsync(() => 
{
    var dateFilterExample = OpenStack.KeyManager.GetSecret.Invoke(new()
    {
        Mode = "cbc",
        SecretType = "passphrase",
        ExpirationFilter = "gt:2020-01-01T00:00:00Z",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.keymanager.KeymanagerFunctions;
import com.pulumi.openstack.keymanager.inputs.GetSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var dateFilterExample = KeymanagerFunctions.getSecret(GetSecretArgs.builder()
            .mode("cbc")
            .secretType("passphrase")
            .expirationFilter("gt:2020-01-01T00:00:00Z")
            .build());

    }
}
Copy
variables:
  dateFilterExample:
    fn::invoke:
      function: openstack:keymanager:getSecret
      arguments:
        mode: cbc
        secretType: passphrase
        expirationFilter: gt:2020-01-01T00:00:00Z
Copy

Using getSecret

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecret(args: GetSecretArgs, opts?: InvokeOptions): Promise<GetSecretResult>
function getSecretOutput(args: GetSecretOutputArgs, opts?: InvokeOptions): Output<GetSecretResult>
Copy
def get_secret(acl_only: Optional[bool] = None,
               algorithm: Optional[str] = None,
               bit_length: Optional[int] = None,
               created_at_filter: Optional[str] = None,
               expiration_filter: Optional[str] = None,
               mode: Optional[str] = None,
               name: Optional[str] = None,
               region: Optional[str] = None,
               secret_type: Optional[str] = None,
               updated_at_filter: Optional[str] = None,
               opts: Optional[InvokeOptions] = None) -> GetSecretResult
def get_secret_output(acl_only: Optional[pulumi.Input[bool]] = None,
               algorithm: Optional[pulumi.Input[str]] = None,
               bit_length: Optional[pulumi.Input[int]] = None,
               created_at_filter: Optional[pulumi.Input[str]] = None,
               expiration_filter: Optional[pulumi.Input[str]] = None,
               mode: Optional[pulumi.Input[str]] = None,
               name: Optional[pulumi.Input[str]] = None,
               region: Optional[pulumi.Input[str]] = None,
               secret_type: Optional[pulumi.Input[str]] = None,
               updated_at_filter: Optional[pulumi.Input[str]] = None,
               opts: Optional[InvokeOptions] = None) -> Output[GetSecretResult]
Copy
func GetSecret(ctx *Context, args *GetSecretArgs, opts ...InvokeOption) (*GetSecretResult, error)
func GetSecretOutput(ctx *Context, args *GetSecretOutputArgs, opts ...InvokeOption) GetSecretResultOutput
Copy

> Note: This function is named GetSecret in the Go SDK.

public static class GetSecret 
{
    public static Task<GetSecretResult> InvokeAsync(GetSecretArgs args, InvokeOptions? opts = null)
    public static Output<GetSecretResult> Invoke(GetSecretInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
public static Output<GetSecretResult> getSecret(GetSecretArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: openstack:keymanager/getSecret:getSecret
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

AclOnly bool
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
Algorithm string
The Secret algorithm.
BitLength int
The Secret bit length.
CreatedAtFilter string
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
ExpirationFilter string
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
Mode string
The Secret mode.
Name string
The Secret name.
Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
SecretType string
The Secret type. For more information see Secret types.
UpdatedAtFilter string
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
AclOnly bool
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
Algorithm string
The Secret algorithm.
BitLength int
The Secret bit length.
CreatedAtFilter string
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
ExpirationFilter string
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
Mode string
The Secret mode.
Name string
The Secret name.
Region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
SecretType string
The Secret type. For more information see Secret types.
UpdatedAtFilter string
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
aclOnly Boolean
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
algorithm String
The Secret algorithm.
bitLength Integer
The Secret bit length.
createdAtFilter String
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
expirationFilter String
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
mode String
The Secret mode.
name String
The Secret name.
region String
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
secretType String
The Secret type. For more information see Secret types.
updatedAtFilter String
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
aclOnly boolean
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
algorithm string
The Secret algorithm.
bitLength number
The Secret bit length.
createdAtFilter string
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
expirationFilter string
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
mode string
The Secret mode.
name string
The Secret name.
region string
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
secretType string
The Secret type. For more information see Secret types.
updatedAtFilter string
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
acl_only bool
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
algorithm str
The Secret algorithm.
bit_length int
The Secret bit length.
created_at_filter str
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
expiration_filter str
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
mode str
The Secret mode.
name str
The Secret name.
region str
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
secret_type str
The Secret type. For more information see Secret types.
updated_at_filter str
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.
aclOnly Boolean
Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.
algorithm String
The Secret algorithm.
bitLength Number
The Secret bit length.
createdAtFilter String
Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.
expirationFilter String
Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.
mode String
The Secret mode.
name String
The Secret name.
region String
The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.
secretType String
The Secret type. For more information see Secret types.
updatedAtFilter String
Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.

getSecret Result

The following output properties are available:

Acls List<Pulumi.OpenStack.KeyManager.Outputs.GetSecretAcl>
The list of ACLs assigned to a secret. The read structure is described below.
ContentTypes Dictionary<string, string>
The map of the content types, assigned on the secret.
CreatedAt string
The date the secret ACL was created.
CreatorId string
The creator of the secret.
Expiration string
The date the secret will expire.
Id string
The provider-assigned unique ID for this managed resource.
Metadata Dictionary<string, string>
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
Payload string
The secret payload.
PayloadContentEncoding string
The Secret encoding.
PayloadContentType string
The Secret content type.
SecretRef string
The secret reference / where to find the secret.
Status string
The status of the secret.
UpdatedAt string
The date the secret ACL was last updated.
AclOnly bool
See Argument Reference above.
Algorithm string
See Argument Reference above.
BitLength int
See Argument Reference above.
CreatedAtFilter string
See Argument Reference above.
ExpirationFilter string
See Argument Reference above.
Mode string
See Argument Reference above.
Name string
See Argument Reference above.
Region string
See Argument Reference above.
SecretType string
See Argument Reference above.
UpdatedAtFilter string
See Argument Reference above.
Acls []GetSecretAcl
The list of ACLs assigned to a secret. The read structure is described below.
ContentTypes map[string]string
The map of the content types, assigned on the secret.
CreatedAt string
The date the secret ACL was created.
CreatorId string
The creator of the secret.
Expiration string
The date the secret will expire.
Id string
The provider-assigned unique ID for this managed resource.
Metadata map[string]string
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
Payload string
The secret payload.
PayloadContentEncoding string
The Secret encoding.
PayloadContentType string
The Secret content type.
SecretRef string
The secret reference / where to find the secret.
Status string
The status of the secret.
UpdatedAt string
The date the secret ACL was last updated.
AclOnly bool
See Argument Reference above.
Algorithm string
See Argument Reference above.
BitLength int
See Argument Reference above.
CreatedAtFilter string
See Argument Reference above.
ExpirationFilter string
See Argument Reference above.
Mode string
See Argument Reference above.
Name string
See Argument Reference above.
Region string
See Argument Reference above.
SecretType string
See Argument Reference above.
UpdatedAtFilter string
See Argument Reference above.
acls List<GetSecretAcl>
The list of ACLs assigned to a secret. The read structure is described below.
contentTypes Map<String,String>
The map of the content types, assigned on the secret.
createdAt String
The date the secret ACL was created.
creatorId String
The creator of the secret.
expiration String
The date the secret will expire.
id String
The provider-assigned unique ID for this managed resource.
metadata Map<String,String>
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
payload String
The secret payload.
payloadContentEncoding String
The Secret encoding.
payloadContentType String
The Secret content type.
secretRef String
The secret reference / where to find the secret.
status String
The status of the secret.
updatedAt String
The date the secret ACL was last updated.
aclOnly Boolean
See Argument Reference above.
algorithm String
See Argument Reference above.
bitLength Integer
See Argument Reference above.
createdAtFilter String
See Argument Reference above.
expirationFilter String
See Argument Reference above.
mode String
See Argument Reference above.
name String
See Argument Reference above.
region String
See Argument Reference above.
secretType String
See Argument Reference above.
updatedAtFilter String
See Argument Reference above.
acls GetSecretAcl[]
The list of ACLs assigned to a secret. The read structure is described below.
contentTypes {[key: string]: string}
The map of the content types, assigned on the secret.
createdAt string
The date the secret ACL was created.
creatorId string
The creator of the secret.
expiration string
The date the secret will expire.
id string
The provider-assigned unique ID for this managed resource.
metadata {[key: string]: string}
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
payload string
The secret payload.
payloadContentEncoding string
The Secret encoding.
payloadContentType string
The Secret content type.
secretRef string
The secret reference / where to find the secret.
status string
The status of the secret.
updatedAt string
The date the secret ACL was last updated.
aclOnly boolean
See Argument Reference above.
algorithm string
See Argument Reference above.
bitLength number
See Argument Reference above.
createdAtFilter string
See Argument Reference above.
expirationFilter string
See Argument Reference above.
mode string
See Argument Reference above.
name string
See Argument Reference above.
region string
See Argument Reference above.
secretType string
See Argument Reference above.
updatedAtFilter string
See Argument Reference above.
acls Sequence[GetSecretAcl]
The list of ACLs assigned to a secret. The read structure is described below.
content_types Mapping[str, str]
The map of the content types, assigned on the secret.
created_at str
The date the secret ACL was created.
creator_id str
The creator of the secret.
expiration str
The date the secret will expire.
id str
The provider-assigned unique ID for this managed resource.
metadata Mapping[str, str]
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
payload str
The secret payload.
payload_content_encoding str
The Secret encoding.
payload_content_type str
The Secret content type.
secret_ref str
The secret reference / where to find the secret.
status str
The status of the secret.
updated_at str
The date the secret ACL was last updated.
acl_only bool
See Argument Reference above.
algorithm str
See Argument Reference above.
bit_length int
See Argument Reference above.
created_at_filter str
See Argument Reference above.
expiration_filter str
See Argument Reference above.
mode str
See Argument Reference above.
name str
See Argument Reference above.
region str
See Argument Reference above.
secret_type str
See Argument Reference above.
updated_at_filter str
See Argument Reference above.
acls List<Property Map>
The list of ACLs assigned to a secret. The read structure is described below.
contentTypes Map<String>
The map of the content types, assigned on the secret.
createdAt String
The date the secret ACL was created.
creatorId String
The creator of the secret.
expiration String
The date the secret will expire.
id String
The provider-assigned unique ID for this managed resource.
metadata Map<String>
The map of metadata, assigned on the secret, which has been explicitly and implicitly added.
payload String
The secret payload.
payloadContentEncoding String
The Secret encoding.
payloadContentType String
The Secret content type.
secretRef String
The secret reference / where to find the secret.
status String
The status of the secret.
updatedAt String
The date the secret ACL was last updated.
aclOnly Boolean
See Argument Reference above.
algorithm String
See Argument Reference above.
bitLength Number
See Argument Reference above.
createdAtFilter String
See Argument Reference above.
expirationFilter String
See Argument Reference above.
mode String
See Argument Reference above.
name String
See Argument Reference above.
region String
See Argument Reference above.
secretType String
See Argument Reference above.
updatedAtFilter String
See Argument Reference above.

Supporting Types

GetSecretAcl

Read This property is required. GetSecretAclRead
read This property is required. GetSecretAclRead
read This property is required. GetSecretAclRead
read This property is required. GetSecretAclRead
read This property is required. Property Map

GetSecretAclRead

CreatedAt This property is required. string
The date the secret ACL was created.
UpdatedAt This property is required. string
The date the secret ACL was last updated.
ProjectAccess bool
Whether the secret is accessible project wide.
Users List<string>
The list of user IDs, which are allowed to access the secret, when project_access is set to false.
CreatedAt This property is required. string
The date the secret ACL was created.
UpdatedAt This property is required. string
The date the secret ACL was last updated.
ProjectAccess bool
Whether the secret is accessible project wide.
Users []string
The list of user IDs, which are allowed to access the secret, when project_access is set to false.
createdAt This property is required. String
The date the secret ACL was created.
updatedAt This property is required. String
The date the secret ACL was last updated.
projectAccess Boolean
Whether the secret is accessible project wide.
users List<String>
The list of user IDs, which are allowed to access the secret, when project_access is set to false.
createdAt This property is required. string
The date the secret ACL was created.
updatedAt This property is required. string
The date the secret ACL was last updated.
projectAccess boolean
Whether the secret is accessible project wide.
users string[]
The list of user IDs, which are allowed to access the secret, when project_access is set to false.
created_at This property is required. str
The date the secret ACL was created.
updated_at This property is required. str
The date the secret ACL was last updated.
project_access bool
Whether the secret is accessible project wide.
users Sequence[str]
The list of user IDs, which are allowed to access the secret, when project_access is set to false.
createdAt This property is required. String
The date the secret ACL was created.
updatedAt This property is required. String
The date the secret ACL was last updated.
projectAccess Boolean
Whether the secret is accessible project wide.
users List<String>
The list of user IDs, which are allowed to access the secret, when project_access is set to false.

Package Details

Repository
OpenStack pulumi/pulumi-openstack
License
Apache-2.0
Notes
This Pulumi package is based on the openstack Terraform Provider.
OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi