1. Packages
  2. Azure Classic
  3. API Docs
  4. keyvault
  5. Secret

We recommend using Azure Native.

Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi

azure.keyvault.Secret

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi

    Manages a Key Vault Secret.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const current = azure.core.getClientConfig({});
    const example = new azure.core.ResourceGroup("example", {
        name: "example-resources",
        location: "West Europe",
    });
    const exampleKeyVault = new azure.keyvault.KeyVault("example", {
        name: "examplekeyvault",
        location: example.location,
        resourceGroupName: example.name,
        tenantId: current.then(current => current.tenantId),
        skuName: "premium",
        softDeleteRetentionDays: 7,
        accessPolicies: [{
            tenantId: current.then(current => current.tenantId),
            objectId: current.then(current => current.objectId),
            keyPermissions: [
                "Create",
                "Get",
            ],
            secretPermissions: [
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        }],
    });
    const exampleSecret = new azure.keyvault.Secret("example", {
        name: "secret-sauce",
        value: "szechuan",
        keyVaultId: exampleKeyVault.id,
    });
    
    import pulumi
    import pulumi_azure as azure
    
    current = azure.core.get_client_config()
    example = azure.core.ResourceGroup("example",
        name="example-resources",
        location="West Europe")
    example_key_vault = azure.keyvault.KeyVault("example",
        name="examplekeyvault",
        location=example.location,
        resource_group_name=example.name,
        tenant_id=current.tenant_id,
        sku_name="premium",
        soft_delete_retention_days=7,
        access_policies=[azure.keyvault.KeyVaultAccessPolicyArgs(
            tenant_id=current.tenant_id,
            object_id=current.object_id,
            key_permissions=[
                "Create",
                "Get",
            ],
            secret_permissions=[
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        )])
    example_secret = azure.keyvault.Secret("example",
        name="secret-sauce",
        value="szechuan",
        key_vault_id=example_key_vault.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		current, err := core.GetClientConfig(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-resources"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
    			Name:                    pulumi.String("examplekeyvault"),
    			Location:                example.Location,
    			ResourceGroupName:       example.Name,
    			TenantId:                pulumi.String(current.TenantId),
    			SkuName:                 pulumi.String("premium"),
    			SoftDeleteRetentionDays: pulumi.Int(7),
    			AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
    				&keyvault.KeyVaultAccessPolicyArgs{
    					TenantId: pulumi.String(current.TenantId),
    					ObjectId: pulumi.String(current.ObjectId),
    					KeyPermissions: pulumi.StringArray{
    						pulumi.String("Create"),
    						pulumi.String("Get"),
    					},
    					SecretPermissions: pulumi.StringArray{
    						pulumi.String("Set"),
    						pulumi.String("Get"),
    						pulumi.String("Delete"),
    						pulumi.String("Purge"),
    						pulumi.String("Recover"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = keyvault.NewSecret(ctx, "example", &keyvault.SecretArgs{
    			Name:       pulumi.String("secret-sauce"),
    			Value:      pulumi.String("szechuan"),
    			KeyVaultId: exampleKeyVault.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var current = Azure.Core.GetClientConfig.Invoke();
    
        var example = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example-resources",
            Location = "West Europe",
        });
    
        var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
        {
            Name = "examplekeyvault",
            Location = example.Location,
            ResourceGroupName = example.Name,
            TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
            SkuName = "premium",
            SoftDeleteRetentionDays = 7,
            AccessPolicies = new[]
            {
                new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
                {
                    TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
                    ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
                    KeyPermissions = new[]
                    {
                        "Create",
                        "Get",
                    },
                    SecretPermissions = new[]
                    {
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover",
                    },
                },
            },
        });
    
        var exampleSecret = new Azure.KeyVault.Secret("example", new()
        {
            Name = "secret-sauce",
            Value = "szechuan",
            KeyVaultId = exampleKeyVault.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.CoreFunctions;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.keyvault.KeyVault;
    import com.pulumi.azure.keyvault.KeyVaultArgs;
    import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
    import com.pulumi.azure.keyvault.Secret;
    import com.pulumi.azure.keyvault.SecretArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var current = CoreFunctions.getClientConfig();
    
            var example = new ResourceGroup("example", ResourceGroupArgs.builder()
                .name("example-resources")
                .location("West Europe")
                .build());
    
            var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
                .name("examplekeyvault")
                .location(example.location())
                .resourceGroupName(example.name())
                .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                .skuName("premium")
                .softDeleteRetentionDays(7)
                .accessPolicies(KeyVaultAccessPolicyArgs.builder()
                    .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                    .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
                    .keyPermissions(                
                        "Create",
                        "Get")
                    .secretPermissions(                
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover")
                    .build())
                .build());
    
            var exampleSecret = new Secret("exampleSecret", SecretArgs.builder()
                .name("secret-sauce")
                .value("szechuan")
                .keyVaultId(exampleKeyVault.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:core:ResourceGroup
        properties:
          name: example-resources
          location: West Europe
      exampleKeyVault:
        type: azure:keyvault:KeyVault
        name: example
        properties:
          name: examplekeyvault
          location: ${example.location}
          resourceGroupName: ${example.name}
          tenantId: ${current.tenantId}
          skuName: premium
          softDeleteRetentionDays: 7
          accessPolicies:
            - tenantId: ${current.tenantId}
              objectId: ${current.objectId}
              keyPermissions:
                - Create
                - Get
              secretPermissions:
                - Set
                - Get
                - Delete
                - Purge
                - Recover
      exampleSecret:
        type: azure:keyvault:Secret
        name: example
        properties:
          name: secret-sauce
          value: szechuan
          keyVaultId: ${exampleKeyVault.id}
    variables:
      current:
        fn::invoke:
          Function: azure:core:getClientConfig
          Arguments: {}
    

    Create Secret Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Secret(name: string, args: SecretArgs, opts?: CustomResourceOptions);
    @overload
    def Secret(resource_name: str,
               args: SecretArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Secret(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               key_vault_id: Optional[str] = None,
               value: Optional[str] = None,
               content_type: Optional[str] = None,
               expiration_date: Optional[str] = None,
               name: Optional[str] = None,
               not_before_date: Optional[str] = None,
               tags: Optional[Mapping[str, str]] = None)
    func NewSecret(ctx *Context, name string, args SecretArgs, opts ...ResourceOption) (*Secret, error)
    public Secret(string name, SecretArgs args, CustomResourceOptions? opts = null)
    public Secret(String name, SecretArgs args)
    public Secret(String name, SecretArgs args, CustomResourceOptions options)
    
    type: azure:keyvault:Secret
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecretArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecretArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecretArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecretArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecretArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var secretResource = new Azure.KeyVault.Secret("secretResource", new()
    {
        KeyVaultId = "string",
        Value = "string",
        ContentType = "string",
        ExpirationDate = "string",
        Name = "string",
        NotBeforeDate = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := keyvault.NewSecret(ctx, "secretResource", &keyvault.SecretArgs{
    	KeyVaultId:     pulumi.String("string"),
    	Value:          pulumi.String("string"),
    	ContentType:    pulumi.String("string"),
    	ExpirationDate: pulumi.String("string"),
    	Name:           pulumi.String("string"),
    	NotBeforeDate:  pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var secretResource = new Secret("secretResource", SecretArgs.builder()
        .keyVaultId("string")
        .value("string")
        .contentType("string")
        .expirationDate("string")
        .name("string")
        .notBeforeDate("string")
        .tags(Map.of("string", "string"))
        .build());
    
    secret_resource = azure.keyvault.Secret("secretResource",
        key_vault_id="string",
        value="string",
        content_type="string",
        expiration_date="string",
        name="string",
        not_before_date="string",
        tags={
            "string": "string",
        })
    
    const secretResource = new azure.keyvault.Secret("secretResource", {
        keyVaultId: "string",
        value: "string",
        contentType: "string",
        expirationDate: "string",
        name: "string",
        notBeforeDate: "string",
        tags: {
            string: "string",
        },
    });
    
    type: azure:keyvault:Secret
    properties:
        contentType: string
        expirationDate: string
        keyVaultId: string
        name: string
        notBeforeDate: string
        tags:
            string: string
        value: string
    

    Secret Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Secret resource accepts the following input properties:

    KeyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    Value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    ContentType string
    Specifies the content type for the Key Vault Secret.
    ExpirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    Name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    NotBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    KeyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    Value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    ContentType string
    Specifies the content type for the Key Vault Secret.
    ExpirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    Name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    NotBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    Tags map[string]string
    A mapping of tags to assign to the resource.
    keyVaultId String
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    value String

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    contentType String
    Specifies the content type for the Key Vault Secret.
    expirationDate String
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    name String
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate String
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    keyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    contentType string
    Specifies the content type for the Key Vault Secret.
    expirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    key_vault_id str
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    value str

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    content_type str
    Specifies the content type for the Key Vault Secret.
    expiration_date str
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    name str
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    not_before_date str
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    keyVaultId String
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    value String

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    contentType String
    Specifies the content type for the Key Vault Secret.
    expirationDate String
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    name String
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate String
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    tags Map<String>
    A mapping of tags to assign to the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Secret resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    ResourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    Version string
    The current version of the Key Vault Secret.
    VersionlessId string
    The Base ID of the Key Vault Secret.
    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    ResourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    Version string
    The current version of the Key Vault Secret.
    VersionlessId string
    The Base ID of the Key Vault Secret.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceId String
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId String
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    version String
    The current version of the Key Vault Secret.
    versionlessId String
    The Base ID of the Key Vault Secret.
    id string
    The provider-assigned unique ID for this managed resource.
    resourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    version string
    The current version of the Key Vault Secret.
    versionlessId string
    The Base ID of the Key Vault Secret.
    id str
    The provider-assigned unique ID for this managed resource.
    resource_id str
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resource_versionless_id str
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    version str
    The current version of the Key Vault Secret.
    versionless_id str
    The Base ID of the Key Vault Secret.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceId String
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId String
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    version String
    The current version of the Key Vault Secret.
    versionlessId String
    The Base ID of the Key Vault Secret.

    Look up Existing Secret Resource

    Get an existing Secret resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecretState, opts?: CustomResourceOptions): Secret
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            content_type: Optional[str] = None,
            expiration_date: Optional[str] = None,
            key_vault_id: Optional[str] = None,
            name: Optional[str] = None,
            not_before_date: Optional[str] = None,
            resource_id: Optional[str] = None,
            resource_versionless_id: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            value: Optional[str] = None,
            version: Optional[str] = None,
            versionless_id: Optional[str] = None) -> Secret
    func GetSecret(ctx *Context, name string, id IDInput, state *SecretState, opts ...ResourceOption) (*Secret, error)
    public static Secret Get(string name, Input<string> id, SecretState? state, CustomResourceOptions? opts = null)
    public static Secret get(String name, Output<String> id, SecretState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ContentType string
    Specifies the content type for the Key Vault Secret.
    ExpirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    KeyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    Name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    NotBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    ResourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    ResourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    Value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    Version string
    The current version of the Key Vault Secret.
    VersionlessId string
    The Base ID of the Key Vault Secret.
    ContentType string
    Specifies the content type for the Key Vault Secret.
    ExpirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    KeyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    Name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    NotBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    ResourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    ResourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    Value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    Version string
    The current version of the Key Vault Secret.
    VersionlessId string
    The Base ID of the Key Vault Secret.
    contentType String
    Specifies the content type for the Key Vault Secret.
    expirationDate String
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    keyVaultId String
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    name String
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate String
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    resourceId String
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId String
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    value String

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    version String
    The current version of the Key Vault Secret.
    versionlessId String
    The Base ID of the Key Vault Secret.
    contentType string
    Specifies the content type for the Key Vault Secret.
    expirationDate string
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    keyVaultId string
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    name string
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate string
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    resourceId string
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId string
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    value string

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    version string
    The current version of the Key Vault Secret.
    versionlessId string
    The Base ID of the Key Vault Secret.
    content_type str
    Specifies the content type for the Key Vault Secret.
    expiration_date str
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    key_vault_id str
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    name str
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    not_before_date str
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    resource_id str
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resource_versionless_id str
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    value str

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    version str
    The current version of the Key Vault Secret.
    versionless_id str
    The Base ID of the Key Vault Secret.
    contentType String
    Specifies the content type for the Key Vault Secret.
    expirationDate String
    Expiration UTC datetime (Y-m-d'T'H:M:S'Z').
    keyVaultId String
    The ID of the Key Vault where the Secret should be created. Changing this forces a new resource to be created.
    name String
    Specifies the name of the Key Vault Secret. Changing this forces a new resource to be created.
    notBeforeDate String
    Key not usable before the provided UTC datetime (Y-m-d'T'H:M:S'Z').
    resourceId String
    The (Versioned) ID for this Key Vault Secret. This property points to a specific version of a Key Vault Secret, as such using this won't auto-rotate values if used in other Azure Services.
    resourceVersionlessId String
    The Versionless ID of the Key Vault Secret. This property allows other Azure Services (that support it) to auto-rotate their value when the Key Vault Secret is updated.
    tags Map<String>
    A mapping of tags to assign to the resource.
    value String

    Specifies the value of the Key Vault Secret. Changing this will create a new version of the Key Vault Secret.

    Note: Key Vault strips newlines. To preserve newlines in multi-line secrets try replacing them with \n or by base 64 encoding them with replace(file("my_secret_file"), "/\n/", "\n") or base64encode(file("my_secret_file")), respectively.

    version String
    The current version of the Key Vault Secret.
    versionlessId String
    The Base ID of the Key Vault Secret.

    Import

    Key Vault Secrets which are Enabled can be imported using the resource id, e.g.

    $ pulumi import azure:keyvault/secret:Secret example "https://example-keyvault.vault.azure.net/secrets/example/fdf067c93bbb4b22bff4d8b7a9a56217"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi