kms

package
v3.54.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Alias 

type Alias struct {
	pulumi.CustomResourceState

	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringOutput `pulumi:"aliasName"`
	// The id of the key.
	//
	// > **NOTE:** Each alias represents only one master key(CMK).
	//
	// > **NOTE:** Within an area of the same user, alias is not reproducible.
	//
	// > **NOTE:** UpdateAlias can be used to update the mapping relationship between alias and master key(CMK).
	KeyId pulumi.StringOutput `pulumi:"keyId"`
}

Create an alias for the master key (CMK).

> **NOTE:** Available since v1.77.0+.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		this, err := kms.NewKey(ctx, "this", &kms.KeyArgs{
			PendingWindowInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		_, err = kms.NewAlias(ctx, "this", &kms.AliasArgs{
			AliasName: pulumi.String("alias/example_kms_alias"),
			KeyId:     this.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS alias can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/alias:Alias example alias/test_kms_alias ```

func GetAlias 

func GetAlias(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AliasState, opts ...pulumi.ResourceOption) (*Alias, error)

GetAlias gets an existing Alias resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAlias 

func NewAlias(ctx *pulumi.Context,
	name string, args *AliasArgs, opts ...pulumi.ResourceOption) (*Alias, error)

NewAlias registers a new resource with the given unique name, arguments, and options.

func (*Alias) ElementType 

func (*Alias) ElementType() reflect.Type

func (*Alias) ToAliasOutput 

func (i *Alias) ToAliasOutput() AliasOutput

func (*Alias) ToAliasOutputWithContext 

func (i *Alias) ToAliasOutputWithContext(ctx context.Context) AliasOutput

type AliasArgs 

type AliasArgs struct {
	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringInput
	// The id of the key.
	//
	// > **NOTE:** Each alias represents only one master key(CMK).
	//
	// > **NOTE:** Within an area of the same user, alias is not reproducible.
	//
	// > **NOTE:** UpdateAlias can be used to update the mapping relationship between alias and master key(CMK).
	KeyId pulumi.StringInput
}

The set of arguments for constructing a Alias resource.

func (AliasArgs) ElementType 

func (AliasArgs) ElementType() reflect.Type

type AliasArray 

type AliasArray []AliasInput

func (AliasArray) ElementType 

func (AliasArray) ElementType() reflect.Type

func (AliasArray) ToAliasArrayOutput 

func (i AliasArray) ToAliasArrayOutput() AliasArrayOutput

func (AliasArray) ToAliasArrayOutputWithContext 

func (i AliasArray) ToAliasArrayOutputWithContext(ctx context.Context) AliasArrayOutput

type AliasArrayInput 

type AliasArrayInput interface {
	pulumi.Input

	ToAliasArrayOutput() AliasArrayOutput
	ToAliasArrayOutputWithContext(context.Context) AliasArrayOutput
}

AliasArrayInput is an input type that accepts AliasArray and AliasArrayOutput values. You can construct a concrete instance of `AliasArrayInput` via: 

AliasArray{ AliasArgs{...} }

type AliasArrayOutput 

type AliasArrayOutput struct{ *pulumi.OutputState }

func (AliasArrayOutput) ElementType 

func (AliasArrayOutput) ElementType() reflect.Type

func (AliasArrayOutput) Index 

func (o AliasArrayOutput) Index(i pulumi.IntInput) AliasOutput

func (AliasArrayOutput) ToAliasArrayOutput 

func (o AliasArrayOutput) ToAliasArrayOutput() AliasArrayOutput

func (AliasArrayOutput) ToAliasArrayOutputWithContext 

func (o AliasArrayOutput) ToAliasArrayOutputWithContext(ctx context.Context) AliasArrayOutput

type AliasInput 

type AliasInput interface {
	pulumi.Input

	ToAliasOutput() AliasOutput
	ToAliasOutputWithContext(ctx context.Context) AliasOutput
}

type AliasMap 

type AliasMap map[string]AliasInput

func (AliasMap) ElementType 

func (AliasMap) ElementType() reflect.Type

func (AliasMap) ToAliasMapOutput 

func (i AliasMap) ToAliasMapOutput() AliasMapOutput

func (AliasMap) ToAliasMapOutputWithContext 

func (i AliasMap) ToAliasMapOutputWithContext(ctx context.Context) AliasMapOutput

type AliasMapInput 

type AliasMapInput interface {
	pulumi.Input

	ToAliasMapOutput() AliasMapOutput
	ToAliasMapOutputWithContext(context.Context) AliasMapOutput
}

AliasMapInput is an input type that accepts AliasMap and AliasMapOutput values. You can construct a concrete instance of `AliasMapInput` via: 

AliasMap{ "key": AliasArgs{...} }

type AliasMapOutput 

type AliasMapOutput struct{ *pulumi.OutputState }

func (AliasMapOutput) ElementType 

func (AliasMapOutput) ElementType() reflect.Type

func (AliasMapOutput) MapIndex 

func (o AliasMapOutput) MapIndex(k pulumi.StringInput) AliasOutput

func (AliasMapOutput) ToAliasMapOutput 

func (o AliasMapOutput) ToAliasMapOutput() AliasMapOutput

func (AliasMapOutput) ToAliasMapOutputWithContext 

func (o AliasMapOutput) ToAliasMapOutputWithContext(ctx context.Context) AliasMapOutput

type AliasOutput 

type AliasOutput struct{ *pulumi.OutputState }

func (AliasOutput) AliasName added in v3.27.0 

func (o AliasOutput) AliasName() pulumi.StringOutput

The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.

func (AliasOutput) ElementType 

func (AliasOutput) ElementType() reflect.Type

func (AliasOutput) KeyId added in v3.27.0 

func (o AliasOutput) KeyId() pulumi.StringOutput

The id of the key.

> **NOTE:** Each alias represents only one master key(CMK).

> **NOTE:** Within an area of the same user, alias is not reproducible.

> **NOTE:** UpdateAlias can be used to update the mapping relationship between alias and master key(CMK).

func (AliasOutput) ToAliasOutput 

func (o AliasOutput) ToAliasOutput() AliasOutput

func (AliasOutput) ToAliasOutputWithContext 

func (o AliasOutput) ToAliasOutputWithContext(ctx context.Context) AliasOutput

type AliasState 

type AliasState struct {
	// The alias of CMK. `Encrypt`、`GenerateDataKey`、`DescribeKey` can be called using aliases. Length of characters other than prefixes: minimum length of 1 character and maximum length of 255 characters. Must contain prefix `alias/`.
	AliasName pulumi.StringPtrInput
	// The id of the key.
	//
	// > **NOTE:** Each alias represents only one master key(CMK).
	//
	// > **NOTE:** Within an area of the same user, alias is not reproducible.
	//
	// > **NOTE:** UpdateAlias can be used to update the mapping relationship between alias and master key(CMK).
	KeyId pulumi.StringPtrInput
}

func (AliasState) ElementType 

func (AliasState) ElementType() reflect.Type

type ApplicationAccessPoint added in v3.44.0 

type ApplicationAccessPoint struct {
	pulumi.CustomResourceState

	// Application Access Point Name.
	ApplicationAccessPointName pulumi.StringOutput `pulumi:"applicationAccessPointName"`
	// Description .
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The policies that have bound to the Application Access Point (AAP).
	Policies pulumi.StringArrayOutput `pulumi:"policies"`
}

Provides a KMS Application Access Point resource. An application access point (AAP) is used to implement fine-grained access control for Key Management Service (KMS) resources. An application can access a KMS instance only after an AAP is created for the application. .

For information about KMS Application Access Point and how to use it, see [What is Application Access Point](https://www.alibabacloud.com/help/zh/key-management-service/latest/api-createapplicationaccesspoint).

> **NOTE:** Available since v1.210.0.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_, err := kms.NewApplicationAccessPoint(ctx, "default", &kms.ApplicationAccessPointArgs{
			Description:                pulumi.String("example aap"),
			ApplicationAccessPointName: pulumi.String(name),
			Policies: pulumi.StringArray{
				pulumi.String("abc"),
				pulumi.String("efg"),
				pulumi.String("hfc"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS Application Access Point can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/applicationAccessPoint:ApplicationAccessPoint example <id> ```

func GetApplicationAccessPoint added in v3.44.0 

func GetApplicationAccessPoint(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ApplicationAccessPointState, opts ...pulumi.ResourceOption) (*ApplicationAccessPoint, error)

GetApplicationAccessPoint gets an existing ApplicationAccessPoint resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewApplicationAccessPoint added in v3.44.0 

func NewApplicationAccessPoint(ctx *pulumi.Context,
	name string, args *ApplicationAccessPointArgs, opts ...pulumi.ResourceOption) (*ApplicationAccessPoint, error)

NewApplicationAccessPoint registers a new resource with the given unique name, arguments, and options.

func (*ApplicationAccessPoint) ElementType added in v3.44.0 

func (*ApplicationAccessPoint) ElementType() reflect.Type

func (*ApplicationAccessPoint) ToApplicationAccessPointOutput added in v3.44.0 

func (i *ApplicationAccessPoint) ToApplicationAccessPointOutput() ApplicationAccessPointOutput

func (*ApplicationAccessPoint) ToApplicationAccessPointOutputWithContext added in v3.44.0 

func (i *ApplicationAccessPoint) ToApplicationAccessPointOutputWithContext(ctx context.Context) ApplicationAccessPointOutput

type ApplicationAccessPointArgs added in v3.44.0 

type ApplicationAccessPointArgs struct {
	// Application Access Point Name.
	ApplicationAccessPointName pulumi.StringInput
	// Description .
	Description pulumi.StringPtrInput
	// The policies that have bound to the Application Access Point (AAP).
	Policies pulumi.StringArrayInput
}

The set of arguments for constructing a ApplicationAccessPoint resource.

func (ApplicationAccessPointArgs) ElementType added in v3.44.0 

func (ApplicationAccessPointArgs) ElementType() reflect.Type

type ApplicationAccessPointArray added in v3.44.0 

type ApplicationAccessPointArray []ApplicationAccessPointInput

func (ApplicationAccessPointArray) ElementType added in v3.44.0 

func (ApplicationAccessPointArray) ElementType() reflect.Type

func (ApplicationAccessPointArray) ToApplicationAccessPointArrayOutput added in v3.44.0 

func (i ApplicationAccessPointArray) ToApplicationAccessPointArrayOutput() ApplicationAccessPointArrayOutput

func (ApplicationAccessPointArray) ToApplicationAccessPointArrayOutputWithContext added in v3.44.0 

func (i ApplicationAccessPointArray) ToApplicationAccessPointArrayOutputWithContext(ctx context.Context) ApplicationAccessPointArrayOutput

type ApplicationAccessPointArrayInput added in v3.44.0 

type ApplicationAccessPointArrayInput interface {
	pulumi.Input

	ToApplicationAccessPointArrayOutput() ApplicationAccessPointArrayOutput
	ToApplicationAccessPointArrayOutputWithContext(context.Context) ApplicationAccessPointArrayOutput
}

ApplicationAccessPointArrayInput is an input type that accepts ApplicationAccessPointArray and ApplicationAccessPointArrayOutput values. You can construct a concrete instance of `ApplicationAccessPointArrayInput` via: 

ApplicationAccessPointArray{ ApplicationAccessPointArgs{...} }

type ApplicationAccessPointArrayOutput added in v3.44.0 

type ApplicationAccessPointArrayOutput struct{ *pulumi.OutputState }

func (ApplicationAccessPointArrayOutput) ElementType added in v3.44.0 

func (ApplicationAccessPointArrayOutput) ElementType() reflect.Type

func (ApplicationAccessPointArrayOutput) Index added in v3.44.0 

func (o ApplicationAccessPointArrayOutput) Index(i pulumi.IntInput) ApplicationAccessPointOutput

func (ApplicationAccessPointArrayOutput) ToApplicationAccessPointArrayOutput added in v3.44.0 

func (o ApplicationAccessPointArrayOutput) ToApplicationAccessPointArrayOutput() ApplicationAccessPointArrayOutput

func (ApplicationAccessPointArrayOutput) ToApplicationAccessPointArrayOutputWithContext added in v3.44.0 

func (o ApplicationAccessPointArrayOutput) ToApplicationAccessPointArrayOutputWithContext(ctx context.Context) ApplicationAccessPointArrayOutput

type ApplicationAccessPointInput added in v3.44.0 

type ApplicationAccessPointInput interface {
	pulumi.Input

	ToApplicationAccessPointOutput() ApplicationAccessPointOutput
	ToApplicationAccessPointOutputWithContext(ctx context.Context) ApplicationAccessPointOutput
}

type ApplicationAccessPointMap added in v3.44.0 

type ApplicationAccessPointMap map[string]ApplicationAccessPointInput

func (ApplicationAccessPointMap) ElementType added in v3.44.0 

func (ApplicationAccessPointMap) ElementType() reflect.Type

func (ApplicationAccessPointMap) ToApplicationAccessPointMapOutput added in v3.44.0 

func (i ApplicationAccessPointMap) ToApplicationAccessPointMapOutput() ApplicationAccessPointMapOutput

func (ApplicationAccessPointMap) ToApplicationAccessPointMapOutputWithContext added in v3.44.0 

func (i ApplicationAccessPointMap) ToApplicationAccessPointMapOutputWithContext(ctx context.Context) ApplicationAccessPointMapOutput

type ApplicationAccessPointMapInput added in v3.44.0 

type ApplicationAccessPointMapInput interface {
	pulumi.Input

	ToApplicationAccessPointMapOutput() ApplicationAccessPointMapOutput
	ToApplicationAccessPointMapOutputWithContext(context.Context) ApplicationAccessPointMapOutput
}

ApplicationAccessPointMapInput is an input type that accepts ApplicationAccessPointMap and ApplicationAccessPointMapOutput values. You can construct a concrete instance of `ApplicationAccessPointMapInput` via: 

ApplicationAccessPointMap{ "key": ApplicationAccessPointArgs{...} }

type ApplicationAccessPointMapOutput added in v3.44.0 

type ApplicationAccessPointMapOutput struct{ *pulumi.OutputState }

func (ApplicationAccessPointMapOutput) ElementType added in v3.44.0 

func (ApplicationAccessPointMapOutput) ElementType() reflect.Type

func (ApplicationAccessPointMapOutput) MapIndex added in v3.44.0 

func (o ApplicationAccessPointMapOutput) MapIndex(k pulumi.StringInput) ApplicationAccessPointOutput

func (ApplicationAccessPointMapOutput) ToApplicationAccessPointMapOutput added in v3.44.0 

func (o ApplicationAccessPointMapOutput) ToApplicationAccessPointMapOutput() ApplicationAccessPointMapOutput

func (ApplicationAccessPointMapOutput) ToApplicationAccessPointMapOutputWithContext added in v3.44.0 

func (o ApplicationAccessPointMapOutput) ToApplicationAccessPointMapOutputWithContext(ctx context.Context) ApplicationAccessPointMapOutput

type ApplicationAccessPointOutput added in v3.44.0 

type ApplicationAccessPointOutput struct{ *pulumi.OutputState }

func (ApplicationAccessPointOutput) ApplicationAccessPointName added in v3.44.0 

func (o ApplicationAccessPointOutput) ApplicationAccessPointName() pulumi.StringOutput

Application Access Point Name.

func (ApplicationAccessPointOutput) Description added in v3.44.0 

func (o ApplicationAccessPointOutput) Description() pulumi.StringPtrOutput

Description .

func (ApplicationAccessPointOutput) ElementType added in v3.44.0 

func (ApplicationAccessPointOutput) ElementType() reflect.Type

func (ApplicationAccessPointOutput) Policies added in v3.44.0 

func (o ApplicationAccessPointOutput) Policies() pulumi.StringArrayOutput

The policies that have bound to the Application Access Point (AAP).

func (ApplicationAccessPointOutput) ToApplicationAccessPointOutput added in v3.44.0 

func (o ApplicationAccessPointOutput) ToApplicationAccessPointOutput() ApplicationAccessPointOutput

func (ApplicationAccessPointOutput) ToApplicationAccessPointOutputWithContext added in v3.44.0 

func (o ApplicationAccessPointOutput) ToApplicationAccessPointOutputWithContext(ctx context.Context) ApplicationAccessPointOutput

type ApplicationAccessPointState added in v3.44.0 

type ApplicationAccessPointState struct {
	// Application Access Point Name.
	ApplicationAccessPointName pulumi.StringPtrInput
	// Description .
	Description pulumi.StringPtrInput
	// The policies that have bound to the Application Access Point (AAP).
	Policies pulumi.StringArrayInput
}

func (ApplicationAccessPointState) ElementType added in v3.44.0 

func (ApplicationAccessPointState) ElementType() reflect.Type

type Ciphertext 

type Ciphertext struct {
	pulumi.CustomResourceState

	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob pulumi.StringOutput `pulumi:"ciphertextBlob"`
	// The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapOutput `pulumi:"encryptionContext"`
	// The globally unique ID of the CMK.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringOutput `pulumi:"plaintext"`
}

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
			Description:         pulumi.String("example key"),
			Status:              pulumi.String("Enabled"),
			PendingWindowInDays: pulumi.Int(7),
		})
		if err != nil {
			return err
		}
		_, err = kms.NewCiphertext(ctx, "encrypted", &kms.CiphertextArgs{
			KeyId:     key.ID(),
			Plaintext: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

func GetCiphertext 

func GetCiphertext(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CiphertextState, opts ...pulumi.ResourceOption) (*Ciphertext, error)

GetCiphertext gets an existing Ciphertext resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCiphertext 

func NewCiphertext(ctx *pulumi.Context,
	name string, args *CiphertextArgs, opts ...pulumi.ResourceOption) (*Ciphertext, error)

NewCiphertext registers a new resource with the given unique name, arguments, and options.

func (*Ciphertext) ElementType 

func (*Ciphertext) ElementType() reflect.Type

func (*Ciphertext) ToCiphertextOutput 

func (i *Ciphertext) ToCiphertextOutput() CiphertextOutput

func (*Ciphertext) ToCiphertextOutputWithContext 

func (i *Ciphertext) ToCiphertextOutputWithContext(ctx context.Context) CiphertextOutput

type CiphertextArgs 

type CiphertextArgs struct {
	// The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput
	// The globally unique ID of the CMK.
	KeyId pulumi.StringInput
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringInput
}

The set of arguments for constructing a Ciphertext resource.

func (CiphertextArgs) ElementType 

func (CiphertextArgs) ElementType() reflect.Type

type CiphertextArray 

type CiphertextArray []CiphertextInput

func (CiphertextArray) ElementType 

func (CiphertextArray) ElementType() reflect.Type

func (CiphertextArray) ToCiphertextArrayOutput 

func (i CiphertextArray) ToCiphertextArrayOutput() CiphertextArrayOutput

func (CiphertextArray) ToCiphertextArrayOutputWithContext 

func (i CiphertextArray) ToCiphertextArrayOutputWithContext(ctx context.Context) CiphertextArrayOutput

type CiphertextArrayInput 

type CiphertextArrayInput interface {
	pulumi.Input

	ToCiphertextArrayOutput() CiphertextArrayOutput
	ToCiphertextArrayOutputWithContext(context.Context) CiphertextArrayOutput
}

CiphertextArrayInput is an input type that accepts CiphertextArray and CiphertextArrayOutput values. You can construct a concrete instance of `CiphertextArrayInput` via: 

CiphertextArray{ CiphertextArgs{...} }

type CiphertextArrayOutput 

type CiphertextArrayOutput struct{ *pulumi.OutputState }

func (CiphertextArrayOutput) ElementType 

func (CiphertextArrayOutput) ElementType() reflect.Type

func (CiphertextArrayOutput) Index 

func (o CiphertextArrayOutput) Index(i pulumi.IntInput) CiphertextOutput

func (CiphertextArrayOutput) ToCiphertextArrayOutput 

func (o CiphertextArrayOutput) ToCiphertextArrayOutput() CiphertextArrayOutput

func (CiphertextArrayOutput) ToCiphertextArrayOutputWithContext 

func (o CiphertextArrayOutput) ToCiphertextArrayOutputWithContext(ctx context.Context) CiphertextArrayOutput

type CiphertextInput 

type CiphertextInput interface {
	pulumi.Input

	ToCiphertextOutput() CiphertextOutput
	ToCiphertextOutputWithContext(ctx context.Context) CiphertextOutput
}

type CiphertextMap 

type CiphertextMap map[string]CiphertextInput

func (CiphertextMap) ElementType 

func (CiphertextMap) ElementType() reflect.Type

func (CiphertextMap) ToCiphertextMapOutput 

func (i CiphertextMap) ToCiphertextMapOutput() CiphertextMapOutput

func (CiphertextMap) ToCiphertextMapOutputWithContext 

func (i CiphertextMap) ToCiphertextMapOutputWithContext(ctx context.Context) CiphertextMapOutput

type CiphertextMapInput 

type CiphertextMapInput interface {
	pulumi.Input

	ToCiphertextMapOutput() CiphertextMapOutput
	ToCiphertextMapOutputWithContext(context.Context) CiphertextMapOutput
}

CiphertextMapInput is an input type that accepts CiphertextMap and CiphertextMapOutput values. You can construct a concrete instance of `CiphertextMapInput` via: 

CiphertextMap{ "key": CiphertextArgs{...} }

type CiphertextMapOutput 

type CiphertextMapOutput struct{ *pulumi.OutputState }

func (CiphertextMapOutput) ElementType 

func (CiphertextMapOutput) ElementType() reflect.Type

func (CiphertextMapOutput) MapIndex 

func (o CiphertextMapOutput) MapIndex(k pulumi.StringInput) CiphertextOutput

func (CiphertextMapOutput) ToCiphertextMapOutput 

func (o CiphertextMapOutput) ToCiphertextMapOutput() CiphertextMapOutput

func (CiphertextMapOutput) ToCiphertextMapOutputWithContext 

func (o CiphertextMapOutput) ToCiphertextMapOutputWithContext(ctx context.Context) CiphertextMapOutput

type CiphertextOutput 

type CiphertextOutput struct{ *pulumi.OutputState }

func (CiphertextOutput) CiphertextBlob added in v3.27.0 

func (o CiphertextOutput) CiphertextBlob() pulumi.StringOutput

The ciphertext of the data key encrypted with the primary CMK version.

func (CiphertextOutput) ElementType 

func (CiphertextOutput) ElementType() reflect.Type

func (CiphertextOutput) EncryptionContext added in v3.27.0 

func (o CiphertextOutput) EncryptionContext() pulumi.StringMapOutput

The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).

func (CiphertextOutput) KeyId added in v3.27.0 

func (o CiphertextOutput) KeyId() pulumi.StringOutput

The globally unique ID of the CMK.

func (CiphertextOutput) Plaintext added in v3.27.0 

func (o CiphertextOutput) Plaintext() pulumi.StringOutput

The plaintext to be encrypted which must be encoded in Base64.

func (CiphertextOutput) ToCiphertextOutput 

func (o CiphertextOutput) ToCiphertextOutput() CiphertextOutput

func (CiphertextOutput) ToCiphertextOutputWithContext 

func (o CiphertextOutput) ToCiphertextOutputWithContext(ctx context.Context) CiphertextOutput

type CiphertextState 

type CiphertextState struct {
	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob pulumi.StringPtrInput
	// The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput
	// The globally unique ID of the CMK.
	KeyId pulumi.StringPtrInput
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringPtrInput
}

func (CiphertextState) ElementType 

func (CiphertextState) ElementType() reflect.Type

type ClientKey added in v3.44.0 

type ClientKey struct {
	pulumi.CustomResourceState

	// ClientKey's parent Application Access Point name.
	AapName pulumi.StringOutput `pulumi:"aapName"`
	// Create timestamp, e.g. "2022-08-10T08:03:30Z".
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The ClientKey expiration time. Example: "2027-08-10 T08:03:30Z".
	NotAfter pulumi.StringPtrOutput `pulumi:"notAfter"`
	// The valid start time of the ClientKey. Example: "2022-08-10 T08:03:30Z".
	NotBefore pulumi.StringPtrOutput `pulumi:"notBefore"`
	// To enhance security, set a password for the downloaded Client Key,When an application accesses KMS, you must use the ClientKey content and this password to initialize the SDK client.
	Password pulumi.StringOutput `pulumi:"password"`
	// The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn't get its secret ever.
	PrivateKeyDataFile pulumi.StringPtrOutput `pulumi:"privateKeyDataFile"`
}

Provides a KMS Client Key resource. Client key (of Application Access Point).

For information about KMS Client Key and how to use it, see [What is Client Key](https://www.alibabacloud.com/help/zh/key-management-service/latest/api-createclientkey).

> **NOTE:** Available since v1.210.0.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		AAP0, err := kms.NewApplicationAccessPoint(ctx, "AAP0", &kms.ApplicationAccessPointArgs{
			Policies: pulumi.StringArray{
				pulumi.String("aa"),
			},
			Description:                pulumi.String("aa"),
			ApplicationAccessPointName: pulumi.String(name),
		})
		if err != nil {
			return err
		}
		_, err = kms.NewClientKey(ctx, "default", &kms.ClientKeyArgs{
			AapName:            AAP0.ApplicationAccessPointName,
			Password:           pulumi.String("YouPassword123!"),
			NotBefore:          pulumi.String("2023-09-01T14:11:22Z"),
			NotAfter:           pulumi.String("2028-09-01T14:11:22Z"),
			PrivateKeyDataFile: pulumi.String("./private_key_data_file.txt"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS Client Key can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/clientKey:ClientKey example <id> ```

Resource attributes such as `password`, `private_key_data_file` are not available for imported resources as this information cannot be read from the KMS API.

func GetClientKey added in v3.44.0 

func GetClientKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientKeyState, opts ...pulumi.ResourceOption) (*ClientKey, error)

GetClientKey gets an existing ClientKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientKey added in v3.44.0 

func NewClientKey(ctx *pulumi.Context,
	name string, args *ClientKeyArgs, opts ...pulumi.ResourceOption) (*ClientKey, error)

NewClientKey registers a new resource with the given unique name, arguments, and options.

func (*ClientKey) ElementType added in v3.44.0 

func (*ClientKey) ElementType() reflect.Type

func (*ClientKey) ToClientKeyOutput added in v3.44.0 

func (i *ClientKey) ToClientKeyOutput() ClientKeyOutput

func (*ClientKey) ToClientKeyOutputWithContext added in v3.44.0 

func (i *ClientKey) ToClientKeyOutputWithContext(ctx context.Context) ClientKeyOutput

type ClientKeyArgs added in v3.44.0 

type ClientKeyArgs struct {
	// ClientKey's parent Application Access Point name.
	AapName pulumi.StringInput
	// The ClientKey expiration time. Example: "2027-08-10 T08:03:30Z".
	NotAfter pulumi.StringPtrInput
	// The valid start time of the ClientKey. Example: "2022-08-10 T08:03:30Z".
	NotBefore pulumi.StringPtrInput
	// To enhance security, set a password for the downloaded Client Key,When an application accesses KMS, you must use the ClientKey content and this password to initialize the SDK client.
	Password pulumi.StringInput
	// The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn't get its secret ever.
	PrivateKeyDataFile pulumi.StringPtrInput
}

The set of arguments for constructing a ClientKey resource.

func (ClientKeyArgs) ElementType added in v3.44.0 

func (ClientKeyArgs) ElementType() reflect.Type

type ClientKeyArray added in v3.44.0 

type ClientKeyArray []ClientKeyInput

func (ClientKeyArray) ElementType added in v3.44.0 

func (ClientKeyArray) ElementType() reflect.Type

func (ClientKeyArray) ToClientKeyArrayOutput added in v3.44.0 

func (i ClientKeyArray) ToClientKeyArrayOutput() ClientKeyArrayOutput

func (ClientKeyArray) ToClientKeyArrayOutputWithContext added in v3.44.0 

func (i ClientKeyArray) ToClientKeyArrayOutputWithContext(ctx context.Context) ClientKeyArrayOutput

type ClientKeyArrayInput added in v3.44.0 

type ClientKeyArrayInput interface {
	pulumi.Input

	ToClientKeyArrayOutput() ClientKeyArrayOutput
	ToClientKeyArrayOutputWithContext(context.Context) ClientKeyArrayOutput
}

ClientKeyArrayInput is an input type that accepts ClientKeyArray and ClientKeyArrayOutput values. You can construct a concrete instance of `ClientKeyArrayInput` via: 

ClientKeyArray{ ClientKeyArgs{...} }

type ClientKeyArrayOutput added in v3.44.0 

type ClientKeyArrayOutput struct{ *pulumi.OutputState }

func (ClientKeyArrayOutput) ElementType added in v3.44.0 

func (ClientKeyArrayOutput) ElementType() reflect.Type

func (ClientKeyArrayOutput) Index added in v3.44.0 

func (o ClientKeyArrayOutput) Index(i pulumi.IntInput) ClientKeyOutput

func (ClientKeyArrayOutput) ToClientKeyArrayOutput added in v3.44.0 

func (o ClientKeyArrayOutput) ToClientKeyArrayOutput() ClientKeyArrayOutput

func (ClientKeyArrayOutput) ToClientKeyArrayOutputWithContext added in v3.44.0 

func (o ClientKeyArrayOutput) ToClientKeyArrayOutputWithContext(ctx context.Context) ClientKeyArrayOutput

type ClientKeyInput added in v3.44.0 

type ClientKeyInput interface {
	pulumi.Input

	ToClientKeyOutput() ClientKeyOutput
	ToClientKeyOutputWithContext(ctx context.Context) ClientKeyOutput
}

type ClientKeyMap added in v3.44.0 

type ClientKeyMap map[string]ClientKeyInput

func (ClientKeyMap) ElementType added in v3.44.0 

func (ClientKeyMap) ElementType() reflect.Type

func (ClientKeyMap) ToClientKeyMapOutput added in v3.44.0 

func (i ClientKeyMap) ToClientKeyMapOutput() ClientKeyMapOutput

func (ClientKeyMap) ToClientKeyMapOutputWithContext added in v3.44.0 

func (i ClientKeyMap) ToClientKeyMapOutputWithContext(ctx context.Context) ClientKeyMapOutput

type ClientKeyMapInput added in v3.44.0 

type ClientKeyMapInput interface {
	pulumi.Input

	ToClientKeyMapOutput() ClientKeyMapOutput
	ToClientKeyMapOutputWithContext(context.Context) ClientKeyMapOutput
}

ClientKeyMapInput is an input type that accepts ClientKeyMap and ClientKeyMapOutput values. You can construct a concrete instance of `ClientKeyMapInput` via: 

ClientKeyMap{ "key": ClientKeyArgs{...} }

type ClientKeyMapOutput added in v3.44.0 

type ClientKeyMapOutput struct{ *pulumi.OutputState }

func (ClientKeyMapOutput) ElementType added in v3.44.0 

func (ClientKeyMapOutput) ElementType() reflect.Type

func (ClientKeyMapOutput) MapIndex added in v3.44.0 

func (o ClientKeyMapOutput) MapIndex(k pulumi.StringInput) ClientKeyOutput

func (ClientKeyMapOutput) ToClientKeyMapOutput added in v3.44.0 

func (o ClientKeyMapOutput) ToClientKeyMapOutput() ClientKeyMapOutput

func (ClientKeyMapOutput) ToClientKeyMapOutputWithContext added in v3.44.0 

func (o ClientKeyMapOutput) ToClientKeyMapOutputWithContext(ctx context.Context) ClientKeyMapOutput

type ClientKeyOutput added in v3.44.0 

type ClientKeyOutput struct{ *pulumi.OutputState }

func (ClientKeyOutput) AapName added in v3.44.0 

func (o ClientKeyOutput) AapName() pulumi.StringOutput

ClientKey's parent Application Access Point name.

func (ClientKeyOutput) CreateTime added in v3.44.0 

func (o ClientKeyOutput) CreateTime() pulumi.StringOutput

Create timestamp, e.g. "2022-08-10T08:03:30Z".

func (ClientKeyOutput) ElementType added in v3.44.0 

func (ClientKeyOutput) ElementType() reflect.Type

func (ClientKeyOutput) NotAfter added in v3.44.0 

func (o ClientKeyOutput) NotAfter() pulumi.StringPtrOutput

The ClientKey expiration time. Example: "2027-08-10 T08:03:30Z".

func (ClientKeyOutput) NotBefore added in v3.44.0 

func (o ClientKeyOutput) NotBefore() pulumi.StringPtrOutput

The valid start time of the ClientKey. Example: "2022-08-10 T08:03:30Z".

func (ClientKeyOutput) Password added in v3.44.0 

func (o ClientKeyOutput) Password() pulumi.StringOutput

To enhance security, set a password for the downloaded Client Key,When an application accesses KMS, you must use the ClientKey content and this password to initialize the SDK client.

func (ClientKeyOutput) PrivateKeyDataFile added in v3.44.0 

func (o ClientKeyOutput) PrivateKeyDataFile() pulumi.StringPtrOutput

The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn't get its secret ever.

func (ClientKeyOutput) ToClientKeyOutput added in v3.44.0 

func (o ClientKeyOutput) ToClientKeyOutput() ClientKeyOutput

func (ClientKeyOutput) ToClientKeyOutputWithContext added in v3.44.0 

func (o ClientKeyOutput) ToClientKeyOutputWithContext(ctx context.Context) ClientKeyOutput

type ClientKeyState added in v3.44.0 

type ClientKeyState struct {
	// ClientKey's parent Application Access Point name.
	AapName pulumi.StringPtrInput
	// Create timestamp, e.g. "2022-08-10T08:03:30Z".
	CreateTime pulumi.StringPtrInput
	// The ClientKey expiration time. Example: "2027-08-10 T08:03:30Z".
	NotAfter pulumi.StringPtrInput
	// The valid start time of the ClientKey. Example: "2022-08-10 T08:03:30Z".
	NotBefore pulumi.StringPtrInput
	// To enhance security, set a password for the downloaded Client Key,When an application accesses KMS, you must use the ClientKey content and this password to initialize the SDK client.
	Password pulumi.StringPtrInput
	// The name of file that can save access key id and access key secret. Strongly suggest you to specified it when you creating access key, otherwise, you wouldn't get its secret ever.
	PrivateKeyDataFile pulumi.StringPtrInput
}

func (ClientKeyState) ElementType added in v3.44.0 

func (ClientKeyState) ElementType() reflect.Type

type GetAliasesAlias 

type GetAliasesAlias struct {
	// The unique identifier of the alias.
	AliasName string `pulumi:"aliasName"`
	// ID of the alias. The value is same as KMS alias_name.
	Id string `pulumi:"id"`
	// ID of the key.
	KeyId string `pulumi:"keyId"`
}

type GetAliasesAliasArgs 

type GetAliasesAliasArgs struct {
	// The unique identifier of the alias.
	AliasName pulumi.StringInput `pulumi:"aliasName"`
	// ID of the alias. The value is same as KMS alias_name.
	Id pulumi.StringInput `pulumi:"id"`
	// ID of the key.
	KeyId pulumi.StringInput `pulumi:"keyId"`
}

func (GetAliasesAliasArgs) ElementType 

func (GetAliasesAliasArgs) ElementType() reflect.Type

func (GetAliasesAliasArgs) ToGetAliasesAliasOutput 

func (i GetAliasesAliasArgs) ToGetAliasesAliasOutput() GetAliasesAliasOutput

func (GetAliasesAliasArgs) ToGetAliasesAliasOutputWithContext 

func (i GetAliasesAliasArgs) ToGetAliasesAliasOutputWithContext(ctx context.Context) GetAliasesAliasOutput

type GetAliasesAliasArray 

type GetAliasesAliasArray []GetAliasesAliasInput

func (GetAliasesAliasArray) ElementType 

func (GetAliasesAliasArray) ElementType() reflect.Type

func (GetAliasesAliasArray) ToGetAliasesAliasArrayOutput 

func (i GetAliasesAliasArray) ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput

func (GetAliasesAliasArray) ToGetAliasesAliasArrayOutputWithContext 

func (i GetAliasesAliasArray) ToGetAliasesAliasArrayOutputWithContext(ctx context.Context) GetAliasesAliasArrayOutput

type GetAliasesAliasArrayInput 

type GetAliasesAliasArrayInput interface {
	pulumi.Input

	ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput
	ToGetAliasesAliasArrayOutputWithContext(context.Context) GetAliasesAliasArrayOutput
}

GetAliasesAliasArrayInput is an input type that accepts GetAliasesAliasArray and GetAliasesAliasArrayOutput values. You can construct a concrete instance of `GetAliasesAliasArrayInput` via: 

GetAliasesAliasArray{ GetAliasesAliasArgs{...} }

type GetAliasesAliasArrayOutput 

type GetAliasesAliasArrayOutput struct{ *pulumi.OutputState }

func (GetAliasesAliasArrayOutput) ElementType 

func (GetAliasesAliasArrayOutput) ElementType() reflect.Type

func (GetAliasesAliasArrayOutput) Index 

func (o GetAliasesAliasArrayOutput) Index(i pulumi.IntInput) GetAliasesAliasOutput

func (GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutput 

func (o GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutput() GetAliasesAliasArrayOutput

func (GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutputWithContext 

func (o GetAliasesAliasArrayOutput) ToGetAliasesAliasArrayOutputWithContext(ctx context.Context) GetAliasesAliasArrayOutput

type GetAliasesAliasInput 

type GetAliasesAliasInput interface {
	pulumi.Input

	ToGetAliasesAliasOutput() GetAliasesAliasOutput
	ToGetAliasesAliasOutputWithContext(context.Context) GetAliasesAliasOutput
}

GetAliasesAliasInput is an input type that accepts GetAliasesAliasArgs and GetAliasesAliasOutput values. You can construct a concrete instance of `GetAliasesAliasInput` via: 

GetAliasesAliasArgs{...}

type GetAliasesAliasOutput 

type GetAliasesAliasOutput struct{ *pulumi.OutputState }

func (GetAliasesAliasOutput) AliasName 

func (o GetAliasesAliasOutput) AliasName() pulumi.StringOutput

The unique identifier of the alias.

func (GetAliasesAliasOutput) ElementType 

func (GetAliasesAliasOutput) ElementType() reflect.Type

func (GetAliasesAliasOutput) Id 

func (o GetAliasesAliasOutput) Id() pulumi.StringOutput

ID of the alias. The value is same as KMS alias_name.

func (GetAliasesAliasOutput) KeyId 

func (o GetAliasesAliasOutput) KeyId() pulumi.StringOutput

ID of the key.

func (GetAliasesAliasOutput) ToGetAliasesAliasOutput 

func (o GetAliasesAliasOutput) ToGetAliasesAliasOutput() GetAliasesAliasOutput

func (GetAliasesAliasOutput) ToGetAliasesAliasOutputWithContext 

func (o GetAliasesAliasOutput) ToGetAliasesAliasOutputWithContext(ctx context.Context) GetAliasesAliasOutput

type GetAliasesArgs 

type GetAliasesArgs struct {
	// A list of KMS aliases IDs. The value is same as KMS alias_name.
	Ids []string `pulumi:"ids"`
	// A regex string to filter the results by the KMS alias name.
	NameRegex *string `pulumi:"nameRegex"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile *string `pulumi:"outputFile"`
}

A collection of arguments for invoking getAliases.

type GetAliasesOutputArgs added in v3.9.0 

type GetAliasesOutputArgs struct {
	// A list of KMS aliases IDs. The value is same as KMS alias_name.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
	// A regex string to filter the results by the KMS alias name.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile pulumi.StringPtrInput `pulumi:"outputFile"`
}

A collection of arguments for invoking getAliases.

func (GetAliasesOutputArgs) ElementType added in v3.9.0 

func (GetAliasesOutputArgs) ElementType() reflect.Type

type GetAliasesResult 

type GetAliasesResult struct {
	// A list of KMS User alias. Each element contains the following attributes:
	Aliases []GetAliasesAlias `pulumi:"aliases"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of kms aliases IDs. The value is same as KMS alias_name.
	Ids       []string `pulumi:"ids"`
	NameRegex *string  `pulumi:"nameRegex"`
	// A list of KMS alias name.
	Names      []string `pulumi:"names"`
	OutputFile *string  `pulumi:"outputFile"`
}

A collection of values returned by getAliases.

func GetAliases 

func GetAliases(ctx *pulumi.Context, args *GetAliasesArgs, opts ...pulumi.InvokeOption) (*GetAliasesResult, error)

This data source provides a list of KMS aliases in an Alibaba Cloud account according to the specified filters.

> **NOTE:** Available in v1.79.0+.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Declare the data source
		_, err := kms.GetAliases(ctx, &kms.GetAliasesArgs{
			Ids: []string{
				"d89e8a53-b708-41aa-8c67-6873axxx",
			},
			NameRegex: pulumi.StringRef("alias/tf-testKmsAlias_123"),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("firstKeyId", kmsKeysDs.Keys[0].Id)
		return nil
	})
}

```

type GetAliasesResultOutput added in v3.9.0 

type GetAliasesResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getAliases.

func GetAliasesOutput added in v3.9.0 

func GetAliasesOutput(ctx *pulumi.Context, args GetAliasesOutputArgs, opts ...pulumi.InvokeOption) GetAliasesResultOutput

func (GetAliasesResultOutput) Aliases added in v3.9.0 

func (o GetAliasesResultOutput) Aliases() GetAliasesAliasArrayOutput

A list of KMS User alias. Each element contains the following attributes:

func (GetAliasesResultOutput) ElementType added in v3.9.0 

func (GetAliasesResultOutput) ElementType() reflect.Type

func (GetAliasesResultOutput) Id added in v3.9.0 

func (o GetAliasesResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetAliasesResultOutput) Ids added in v3.9.0 

func (o GetAliasesResultOutput) Ids() pulumi.StringArrayOutput

A list of kms aliases IDs. The value is same as KMS alias_name.

func (GetAliasesResultOutput) NameRegex added in v3.9.0 

func (o GetAliasesResultOutput) NameRegex() pulumi.StringPtrOutput

func (GetAliasesResultOutput) Names added in v3.9.0 

func (o GetAliasesResultOutput) Names() pulumi.StringArrayOutput

A list of KMS alias name.

func (GetAliasesResultOutput) OutputFile added in v3.9.0 

func (o GetAliasesResultOutput) OutputFile() pulumi.StringPtrOutput

func (GetAliasesResultOutput) ToGetAliasesResultOutput added in v3.9.0 

func (o GetAliasesResultOutput) ToGetAliasesResultOutput() GetAliasesResultOutput

func (GetAliasesResultOutput) ToGetAliasesResultOutputWithContext added in v3.9.0 

func (o GetAliasesResultOutput) ToGetAliasesResultOutputWithContext(ctx context.Context) GetAliasesResultOutput

type GetKeyVersionsArgs 

type GetKeyVersionsArgs struct {
	// A list of KMS KeyVersion IDs.
	Ids []string `pulumi:"ids"`
	// The id of kms key.
	KeyId string `pulumi:"keyId"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile *string `pulumi:"outputFile"`
}

A collection of arguments for invoking getKeyVersions.

type GetKeyVersionsOutputArgs added in v3.9.0 

type GetKeyVersionsOutputArgs struct {
	// A list of KMS KeyVersion IDs.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
	// The id of kms key.
	KeyId pulumi.StringInput `pulumi:"keyId"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile pulumi.StringPtrInput `pulumi:"outputFile"`
}

A collection of arguments for invoking getKeyVersions.

func (GetKeyVersionsOutputArgs) ElementType added in v3.9.0 

func (GetKeyVersionsOutputArgs) ElementType() reflect.Type

type GetKeyVersionsResult 

type GetKeyVersionsResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of KMS KeyVersion IDs.
	Ids []string `pulumi:"ids"`
	// ID of the key.
	KeyId      string  `pulumi:"keyId"`
	OutputFile *string `pulumi:"outputFile"`
	// A list of KMS KeyVersions. Each element contains the following attributes:
	Versions []GetKeyVersionsVersion `pulumi:"versions"`
}

A collection of values returned by getKeyVersions.

func GetKeyVersions 

func GetKeyVersions(ctx *pulumi.Context, args *GetKeyVersionsArgs, opts ...pulumi.InvokeOption) (*GetKeyVersionsResult, error)

This data source provides a list of KMS KeyVersions in an Alibaba Cloud account according to the specified filters.

> NOTE: Available in v1.85.0+

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Declare the data source
		alicloudKmsKeyVersionsDs, err := kms.GetKeyVersions(ctx, &kms.GetKeyVersionsArgs{
			KeyId: "08438c-b4d5-4d05-928c-07b7xxxx",
			Ids: []string{
				"d89e8a53-b708-41aa-8c67-6873axxx",
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("allVersions", alicloudKmsKeyVersionsDs.Versions)
		return nil
	})
}

```

type GetKeyVersionsResultOutput added in v3.9.0 

type GetKeyVersionsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getKeyVersions.

func GetKeyVersionsOutput added in v3.9.0 

func GetKeyVersionsOutput(ctx *pulumi.Context, args GetKeyVersionsOutputArgs, opts ...pulumi.InvokeOption) GetKeyVersionsResultOutput

func (GetKeyVersionsResultOutput) ElementType added in v3.9.0 

func (GetKeyVersionsResultOutput) ElementType() reflect.Type

func (GetKeyVersionsResultOutput) Id added in v3.9.0 

func (o GetKeyVersionsResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetKeyVersionsResultOutput) Ids added in v3.9.0 

func (o GetKeyVersionsResultOutput) Ids() pulumi.StringArrayOutput

A list of KMS KeyVersion IDs.

func (GetKeyVersionsResultOutput) KeyId added in v3.9.0 

func (o GetKeyVersionsResultOutput) KeyId() pulumi.StringOutput

ID of the key.

func (GetKeyVersionsResultOutput) OutputFile added in v3.9.0 

func (o GetKeyVersionsResultOutput) OutputFile() pulumi.StringPtrOutput

func (GetKeyVersionsResultOutput) ToGetKeyVersionsResultOutput added in v3.9.0 

func (o GetKeyVersionsResultOutput) ToGetKeyVersionsResultOutput() GetKeyVersionsResultOutput

func (GetKeyVersionsResultOutput) ToGetKeyVersionsResultOutputWithContext added in v3.9.0 

func (o GetKeyVersionsResultOutput) ToGetKeyVersionsResultOutputWithContext(ctx context.Context) GetKeyVersionsResultOutput

func (GetKeyVersionsResultOutput) Versions added in v3.9.0 

func (o GetKeyVersionsResultOutput) Versions() GetKeyVersionsVersionArrayOutput

A list of KMS KeyVersions. Each element contains the following attributes:

type GetKeyVersionsVersion 

type GetKeyVersionsVersion struct {
	// Date and time when the key version was created (UTC time).
	CreateTime string `pulumi:"createTime"`
	// (Removed from v1.124.4) It has been removed and using `createTime` instead.
	CreationDate string `pulumi:"creationDate"`
	// ID of the KMS KeyVersion resource.
	Id string `pulumi:"id"`
	// The id of kms key.
	KeyId string `pulumi:"keyId"`
	// ID of the key version.
	KeyVersionId string `pulumi:"keyVersionId"`
}

type GetKeyVersionsVersionArgs 

type GetKeyVersionsVersionArgs struct {
	// Date and time when the key version was created (UTC time).
	CreateTime pulumi.StringInput `pulumi:"createTime"`
	// (Removed from v1.124.4) It has been removed and using `createTime` instead.
	CreationDate pulumi.StringInput `pulumi:"creationDate"`
	// ID of the KMS KeyVersion resource.
	Id pulumi.StringInput `pulumi:"id"`
	// The id of kms key.
	KeyId pulumi.StringInput `pulumi:"keyId"`
	// ID of the key version.
	KeyVersionId pulumi.StringInput `pulumi:"keyVersionId"`
}

func (GetKeyVersionsVersionArgs) ElementType 

func (GetKeyVersionsVersionArgs) ElementType() reflect.Type

func (GetKeyVersionsVersionArgs) ToGetKeyVersionsVersionOutput 

func (i GetKeyVersionsVersionArgs) ToGetKeyVersionsVersionOutput() GetKeyVersionsVersionOutput

func (GetKeyVersionsVersionArgs) ToGetKeyVersionsVersionOutputWithContext 

func (i GetKeyVersionsVersionArgs) ToGetKeyVersionsVersionOutputWithContext(ctx context.Context) GetKeyVersionsVersionOutput

type GetKeyVersionsVersionArray 

type GetKeyVersionsVersionArray []GetKeyVersionsVersionInput

func (GetKeyVersionsVersionArray) ElementType 

func (GetKeyVersionsVersionArray) ElementType() reflect.Type

func (GetKeyVersionsVersionArray) ToGetKeyVersionsVersionArrayOutput 

func (i GetKeyVersionsVersionArray) ToGetKeyVersionsVersionArrayOutput() GetKeyVersionsVersionArrayOutput

func (GetKeyVersionsVersionArray) ToGetKeyVersionsVersionArrayOutputWithContext 

func (i GetKeyVersionsVersionArray) ToGetKeyVersionsVersionArrayOutputWithContext(ctx context.Context) GetKeyVersionsVersionArrayOutput

type GetKeyVersionsVersionArrayInput 

type GetKeyVersionsVersionArrayInput interface {
	pulumi.Input

	ToGetKeyVersionsVersionArrayOutput() GetKeyVersionsVersionArrayOutput
	ToGetKeyVersionsVersionArrayOutputWithContext(context.Context) GetKeyVersionsVersionArrayOutput
}

GetKeyVersionsVersionArrayInput is an input type that accepts GetKeyVersionsVersionArray and GetKeyVersionsVersionArrayOutput values. You can construct a concrete instance of `GetKeyVersionsVersionArrayInput` via: 

GetKeyVersionsVersionArray{ GetKeyVersionsVersionArgs{...} }

type GetKeyVersionsVersionArrayOutput 

type GetKeyVersionsVersionArrayOutput struct{ *pulumi.OutputState }

func (GetKeyVersionsVersionArrayOutput) ElementType 

func (GetKeyVersionsVersionArrayOutput) ElementType() reflect.Type

func (GetKeyVersionsVersionArrayOutput) Index 

func (o GetKeyVersionsVersionArrayOutput) Index(i pulumi.IntInput) GetKeyVersionsVersionOutput

func (GetKeyVersionsVersionArrayOutput) ToGetKeyVersionsVersionArrayOutput 

func (o GetKeyVersionsVersionArrayOutput) ToGetKeyVersionsVersionArrayOutput() GetKeyVersionsVersionArrayOutput

func (GetKeyVersionsVersionArrayOutput) ToGetKeyVersionsVersionArrayOutputWithContext 

func (o GetKeyVersionsVersionArrayOutput) ToGetKeyVersionsVersionArrayOutputWithContext(ctx context.Context) GetKeyVersionsVersionArrayOutput

type GetKeyVersionsVersionInput 

type GetKeyVersionsVersionInput interface {
	pulumi.Input

	ToGetKeyVersionsVersionOutput() GetKeyVersionsVersionOutput
	ToGetKeyVersionsVersionOutputWithContext(context.Context) GetKeyVersionsVersionOutput
}

GetKeyVersionsVersionInput is an input type that accepts GetKeyVersionsVersionArgs and GetKeyVersionsVersionOutput values. You can construct a concrete instance of `GetKeyVersionsVersionInput` via: 

GetKeyVersionsVersionArgs{...}

type GetKeyVersionsVersionOutput 

type GetKeyVersionsVersionOutput struct{ *pulumi.OutputState }

func (GetKeyVersionsVersionOutput) CreateTime added in v3.3.0 

func (o GetKeyVersionsVersionOutput) CreateTime() pulumi.StringOutput

Date and time when the key version was created (UTC time).

func (GetKeyVersionsVersionOutput) CreationDate 

func (o GetKeyVersionsVersionOutput) CreationDate() pulumi.StringOutput

(Removed from v1.124.4) It has been removed and using `createTime` instead.

func (GetKeyVersionsVersionOutput) ElementType 

func (GetKeyVersionsVersionOutput) ElementType() reflect.Type

func (GetKeyVersionsVersionOutput) Id 

func (o GetKeyVersionsVersionOutput) Id() pulumi.StringOutput

ID of the KMS KeyVersion resource.

func (GetKeyVersionsVersionOutput) KeyId 

func (o GetKeyVersionsVersionOutput) KeyId() pulumi.StringOutput

The id of kms key.

func (GetKeyVersionsVersionOutput) KeyVersionId 

func (o GetKeyVersionsVersionOutput) KeyVersionId() pulumi.StringOutput

ID of the key version.

func (GetKeyVersionsVersionOutput) ToGetKeyVersionsVersionOutput 

func (o GetKeyVersionsVersionOutput) ToGetKeyVersionsVersionOutput() GetKeyVersionsVersionOutput

func (GetKeyVersionsVersionOutput) ToGetKeyVersionsVersionOutputWithContext 

func (o GetKeyVersionsVersionOutput) ToGetKeyVersionsVersionOutputWithContext(ctx context.Context) GetKeyVersionsVersionOutput

type GetKeysArgs 

type GetKeysArgs struct {
	// A regex string to filter the results by the KMS key description.
	DescriptionRegex *string `pulumi:"descriptionRegex"`
	EnableDetails    *bool   `pulumi:"enableDetails"`
	// The CMK filter. The filter consists of one or more key-value pairs.
	// You can specify a maximum of 10 key-value pairs. More details see API [ListKeys](https://www.alibabacloud.com/help/en/key-management-service/latest/listkeys).
	Filters *string `pulumi:"filters"`
	// A list of KMS key IDs.
	Ids []string `pulumi:"ids"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile *string `pulumi:"outputFile"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status *string `pulumi:"status"`
}

A collection of arguments for invoking getKeys.

type GetKeysKey 

type GetKeysKey struct {
	// The Alibaba Cloud Resource Name (ARN) of the key.
	Arn string `pulumi:"arn"`
	// (Available in 1.123.1+) Specifies whether to enable automatic key rotation.
	AutomaticRotation string `pulumi:"automaticRotation"`
	// Creation date of key.
	CreationDate string `pulumi:"creationDate"`
	// The owner of the key.
	Creator string `pulumi:"creator"`
	// Deletion date of key.
	DeleteDate string `pulumi:"deleteDate"`
	// Description of the key.
	Description string `pulumi:"description"`
	// ID of the key.
	Id string `pulumi:"id"`
	// (Available in 1.123.1+)  ID of the key.
	KeyId string `pulumi:"keyId"`
	// (Available in 1.123.1+)  The type of the CMK.
	KeySpec string `pulumi:"keySpec"`
	// (Available in 1.123.1+)  The usage of CMK.
	KeyUsage string `pulumi:"keyUsage"`
	// (Available in 1.123.1+)  The date and time the last rotation was performed.
	LastRotationDate string `pulumi:"lastRotationDate"`
	// (Available in 1.123.1+)  The time and date the key material for the CMK expires.
	MaterialExpireTime string `pulumi:"materialExpireTime"`
	// (Available in 1.123.1+)  The time the next rotation is scheduled for execution.
	NextRotationDate string `pulumi:"nextRotationDate"`
	// (Available in 1.123.1+)  The source of the key material for the CMK.
	Origin string `pulumi:"origin"`
	// (Available in 1.123.1+)  The ID of the current primary key version of the symmetric CMK.
	PrimaryKeyVersion string `pulumi:"primaryKeyVersion"`
	// (Available in 1.123.1+)  The protection level of the CMK.
	ProtectionLevel string `pulumi:"protectionLevel"`
	// (Available in 1.123.1+)  The period of automatic key rotation.
	RotationInterval string `pulumi:"rotationInterval"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status string `pulumi:"status"`
}

type GetKeysKeyArgs 

type GetKeysKeyArgs struct {
	// The Alibaba Cloud Resource Name (ARN) of the key.
	Arn pulumi.StringInput `pulumi:"arn"`
	// (Available in 1.123.1+) Specifies whether to enable automatic key rotation.
	AutomaticRotation pulumi.StringInput `pulumi:"automaticRotation"`
	// Creation date of key.
	CreationDate pulumi.StringInput `pulumi:"creationDate"`
	// The owner of the key.
	Creator pulumi.StringInput `pulumi:"creator"`
	// Deletion date of key.
	DeleteDate pulumi.StringInput `pulumi:"deleteDate"`
	// Description of the key.
	Description pulumi.StringInput `pulumi:"description"`
	// ID of the key.
	Id pulumi.StringInput `pulumi:"id"`
	// (Available in 1.123.1+)  ID of the key.
	KeyId pulumi.StringInput `pulumi:"keyId"`
	// (Available in 1.123.1+)  The type of the CMK.
	KeySpec pulumi.StringInput `pulumi:"keySpec"`
	// (Available in 1.123.1+)  The usage of CMK.
	KeyUsage pulumi.StringInput `pulumi:"keyUsage"`
	// (Available in 1.123.1+)  The date and time the last rotation was performed.
	LastRotationDate pulumi.StringInput `pulumi:"lastRotationDate"`
	// (Available in 1.123.1+)  The time and date the key material for the CMK expires.
	MaterialExpireTime pulumi.StringInput `pulumi:"materialExpireTime"`
	// (Available in 1.123.1+)  The time the next rotation is scheduled for execution.
	NextRotationDate pulumi.StringInput `pulumi:"nextRotationDate"`
	// (Available in 1.123.1+)  The source of the key material for the CMK.
	Origin pulumi.StringInput `pulumi:"origin"`
	// (Available in 1.123.1+)  The ID of the current primary key version of the symmetric CMK.
	PrimaryKeyVersion pulumi.StringInput `pulumi:"primaryKeyVersion"`
	// (Available in 1.123.1+)  The protection level of the CMK.
	ProtectionLevel pulumi.StringInput `pulumi:"protectionLevel"`
	// (Available in 1.123.1+)  The period of automatic key rotation.
	RotationInterval pulumi.StringInput `pulumi:"rotationInterval"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status pulumi.StringInput `pulumi:"status"`
}

func (GetKeysKeyArgs) ElementType 

func (GetKeysKeyArgs) ElementType() reflect.Type

func (GetKeysKeyArgs) ToGetKeysKeyOutput 

func (i GetKeysKeyArgs) ToGetKeysKeyOutput() GetKeysKeyOutput

func (GetKeysKeyArgs) ToGetKeysKeyOutputWithContext 

func (i GetKeysKeyArgs) ToGetKeysKeyOutputWithContext(ctx context.Context) GetKeysKeyOutput

type GetKeysKeyArray 

type GetKeysKeyArray []GetKeysKeyInput

func (GetKeysKeyArray) ElementType 

func (GetKeysKeyArray) ElementType() reflect.Type

func (GetKeysKeyArray) ToGetKeysKeyArrayOutput 

func (i GetKeysKeyArray) ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput

func (GetKeysKeyArray) ToGetKeysKeyArrayOutputWithContext 

func (i GetKeysKeyArray) ToGetKeysKeyArrayOutputWithContext(ctx context.Context) GetKeysKeyArrayOutput

type GetKeysKeyArrayInput 

type GetKeysKeyArrayInput interface {
	pulumi.Input

	ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput
	ToGetKeysKeyArrayOutputWithContext(context.Context) GetKeysKeyArrayOutput
}

GetKeysKeyArrayInput is an input type that accepts GetKeysKeyArray and GetKeysKeyArrayOutput values. You can construct a concrete instance of `GetKeysKeyArrayInput` via: 

GetKeysKeyArray{ GetKeysKeyArgs{...} }

type GetKeysKeyArrayOutput 

type GetKeysKeyArrayOutput struct{ *pulumi.OutputState }

func (GetKeysKeyArrayOutput) ElementType 

func (GetKeysKeyArrayOutput) ElementType() reflect.Type

func (GetKeysKeyArrayOutput) Index 

func (o GetKeysKeyArrayOutput) Index(i pulumi.IntInput) GetKeysKeyOutput

func (GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutput 

func (o GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutput() GetKeysKeyArrayOutput

func (GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutputWithContext 

func (o GetKeysKeyArrayOutput) ToGetKeysKeyArrayOutputWithContext(ctx context.Context) GetKeysKeyArrayOutput

type GetKeysKeyInput 

type GetKeysKeyInput interface {
	pulumi.Input

	ToGetKeysKeyOutput() GetKeysKeyOutput
	ToGetKeysKeyOutputWithContext(context.Context) GetKeysKeyOutput
}

GetKeysKeyInput is an input type that accepts GetKeysKeyArgs and GetKeysKeyOutput values. You can construct a concrete instance of `GetKeysKeyInput` via: 

GetKeysKeyArgs{...}

type GetKeysKeyOutput 

type GetKeysKeyOutput struct{ *pulumi.OutputState }

func (GetKeysKeyOutput) Arn 

func (o GetKeysKeyOutput) Arn() pulumi.StringOutput

The Alibaba Cloud Resource Name (ARN) of the key.

func (GetKeysKeyOutput) AutomaticRotation added in v3.3.0 

func (o GetKeysKeyOutput) AutomaticRotation() pulumi.StringOutput

(Available in 1.123.1+) Specifies whether to enable automatic key rotation.

func (GetKeysKeyOutput) CreationDate 

func (o GetKeysKeyOutput) CreationDate() pulumi.StringOutput

Creation date of key.

func (GetKeysKeyOutput) Creator 

func (o GetKeysKeyOutput) Creator() pulumi.StringOutput

The owner of the key.

func (GetKeysKeyOutput) DeleteDate 

func (o GetKeysKeyOutput) DeleteDate() pulumi.StringOutput

Deletion date of key.

func (GetKeysKeyOutput) Description 

func (o GetKeysKeyOutput) Description() pulumi.StringOutput

Description of the key.

func (GetKeysKeyOutput) ElementType 

func (GetKeysKeyOutput) ElementType() reflect.Type

func (GetKeysKeyOutput) Id 

func (o GetKeysKeyOutput) Id() pulumi.StringOutput

ID of the key.

func (GetKeysKeyOutput) KeyId added in v3.3.0 

func (o GetKeysKeyOutput) KeyId() pulumi.StringOutput

(Available in 1.123.1+) ID of the key.

func (GetKeysKeyOutput) KeySpec added in v3.3.0 

func (o GetKeysKeyOutput) KeySpec() pulumi.StringOutput

(Available in 1.123.1+) The type of the CMK.

func (GetKeysKeyOutput) KeyUsage added in v3.3.0 

func (o GetKeysKeyOutput) KeyUsage() pulumi.StringOutput

(Available in 1.123.1+) The usage of CMK.

func (GetKeysKeyOutput) LastRotationDate added in v3.3.0 

func (o GetKeysKeyOutput) LastRotationDate() pulumi.StringOutput

(Available in 1.123.1+) The date and time the last rotation was performed.

func (GetKeysKeyOutput) MaterialExpireTime added in v3.3.0 

func (o GetKeysKeyOutput) MaterialExpireTime() pulumi.StringOutput

(Available in 1.123.1+) The time and date the key material for the CMK expires.

func (GetKeysKeyOutput) NextRotationDate added in v3.3.0 

func (o GetKeysKeyOutput) NextRotationDate() pulumi.StringOutput

(Available in 1.123.1+) The time the next rotation is scheduled for execution.

func (GetKeysKeyOutput) Origin added in v3.3.0 

func (o GetKeysKeyOutput) Origin() pulumi.StringOutput

(Available in 1.123.1+) The source of the key material for the CMK.

func (GetKeysKeyOutput) PrimaryKeyVersion added in v3.3.0 

func (o GetKeysKeyOutput) PrimaryKeyVersion() pulumi.StringOutput

(Available in 1.123.1+) The ID of the current primary key version of the symmetric CMK.

func (GetKeysKeyOutput) ProtectionLevel added in v3.3.0 

func (o GetKeysKeyOutput) ProtectionLevel() pulumi.StringOutput

(Available in 1.123.1+) The protection level of the CMK.

func (GetKeysKeyOutput) RotationInterval added in v3.3.0 

func (o GetKeysKeyOutput) RotationInterval() pulumi.StringOutput

(Available in 1.123.1+) The period of automatic key rotation.

func (GetKeysKeyOutput) Status 

func (o GetKeysKeyOutput) Status() pulumi.StringOutput

Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.

func (GetKeysKeyOutput) ToGetKeysKeyOutput 

func (o GetKeysKeyOutput) ToGetKeysKeyOutput() GetKeysKeyOutput

func (GetKeysKeyOutput) ToGetKeysKeyOutputWithContext 

func (o GetKeysKeyOutput) ToGetKeysKeyOutputWithContext(ctx context.Context) GetKeysKeyOutput

type GetKeysOutputArgs added in v3.9.0 

type GetKeysOutputArgs struct {
	// A regex string to filter the results by the KMS key description.
	DescriptionRegex pulumi.StringPtrInput `pulumi:"descriptionRegex"`
	EnableDetails    pulumi.BoolPtrInput   `pulumi:"enableDetails"`
	// The CMK filter. The filter consists of one or more key-value pairs.
	// You can specify a maximum of 10 key-value pairs. More details see API [ListKeys](https://www.alibabacloud.com/help/en/key-management-service/latest/listkeys).
	Filters pulumi.StringPtrInput `pulumi:"filters"`
	// A list of KMS key IDs.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile pulumi.StringPtrInput `pulumi:"outputFile"`
	// Filter the results by status of the KMS keys. Valid values: `Enabled`, `Disabled`, `PendingDeletion`.
	Status pulumi.StringPtrInput `pulumi:"status"`
}

A collection of arguments for invoking getKeys.

func (GetKeysOutputArgs) ElementType added in v3.9.0 

func (GetKeysOutputArgs) ElementType() reflect.Type

type GetKeysResult 

type GetKeysResult struct {
	DescriptionRegex *string `pulumi:"descriptionRegex"`
	EnableDetails    *bool   `pulumi:"enableDetails"`
	Filters          *string `pulumi:"filters"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of KMS key IDs.
	Ids []string `pulumi:"ids"`
	// A list of KMS keys. Each element contains the following attributes:
	Keys       []GetKeysKey `pulumi:"keys"`
	OutputFile *string      `pulumi:"outputFile"`
	// Status of the key. Possible values: `Enabled`, `Disabled` and `PendingDeletion`.
	Status *string `pulumi:"status"`
}

A collection of values returned by getKeys.

func GetKeys 

func GetKeys(ctx *pulumi.Context, args *GetKeysArgs, opts ...pulumi.InvokeOption) (*GetKeysResult, error)

This data source provides a list of KMS keys in an Alibaba Cloud account according to the specified filters.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Declare the data source
		kmsKeysDs, err := kms.GetKeys(ctx, &kms.GetKeysArgs{
			DescriptionRegex: pulumi.StringRef("Hello KMS"),
			OutputFile:       pulumi.StringRef("kms_keys.json"),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("firstKeyId", kmsKeysDs.Keys[0].Id)
		return nil
	})
}

```

type GetKeysResultOutput added in v3.9.0 

type GetKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getKeys.

func GetKeysOutput added in v3.9.0 

func GetKeysOutput(ctx *pulumi.Context, args GetKeysOutputArgs, opts ...pulumi.InvokeOption) GetKeysResultOutput

func (GetKeysResultOutput) DescriptionRegex added in v3.9.0 

func (o GetKeysResultOutput) DescriptionRegex() pulumi.StringPtrOutput

func (GetKeysResultOutput) ElementType added in v3.9.0 

func (GetKeysResultOutput) ElementType() reflect.Type

func (GetKeysResultOutput) EnableDetails added in v3.9.0 

func (o GetKeysResultOutput) EnableDetails() pulumi.BoolPtrOutput

func (GetKeysResultOutput) Filters added in v3.9.0 

func (o GetKeysResultOutput) Filters() pulumi.StringPtrOutput

func (GetKeysResultOutput) Id added in v3.9.0 

func (o GetKeysResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetKeysResultOutput) Ids added in v3.9.0 

func (o GetKeysResultOutput) Ids() pulumi.StringArrayOutput

A list of KMS key IDs.

func (GetKeysResultOutput) Keys added in v3.9.0 

func (o GetKeysResultOutput) Keys() GetKeysKeyArrayOutput

A list of KMS keys. Each element contains the following attributes:

func (GetKeysResultOutput) OutputFile added in v3.9.0 

func (o GetKeysResultOutput) OutputFile() pulumi.StringPtrOutput

func (GetKeysResultOutput) Status added in v3.9.0 

func (o GetKeysResultOutput) Status() pulumi.StringPtrOutput

Status of the key. Possible values: `Enabled`, `Disabled` and `PendingDeletion`.

func (GetKeysResultOutput) ToGetKeysResultOutput added in v3.9.0 

func (o GetKeysResultOutput) ToGetKeysResultOutput() GetKeysResultOutput

func (GetKeysResultOutput) ToGetKeysResultOutputWithContext added in v3.9.0 

func (o GetKeysResultOutput) ToGetKeysResultOutputWithContext(ctx context.Context) GetKeysResultOutput

type GetPlaintextArgs 

type GetPlaintextArgs struct {
	// The ciphertext to be decrypted.
	CiphertextBlob string `pulumi:"ciphertextBlob"`
	// (Optional) The Encryption context. If you specify this parameter in the Encrypt or GenerateDataKey API operation, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
}

A collection of arguments for invoking getPlaintext.

type GetPlaintextOutputArgs added in v3.9.0 

type GetPlaintextOutputArgs struct {
	// The ciphertext to be decrypted.
	CiphertextBlob pulumi.StringInput `pulumi:"ciphertextBlob"`
	// (Optional) The Encryption context. If you specify this parameter in the Encrypt or GenerateDataKey API operation, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput `pulumi:"encryptionContext"`
}

A collection of arguments for invoking getPlaintext.

func (GetPlaintextOutputArgs) ElementType added in v3.9.0 

func (GetPlaintextOutputArgs) ElementType() reflect.Type

type GetPlaintextResult 

type GetPlaintextResult struct {
	CiphertextBlob    string            `pulumi:"ciphertextBlob"`
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The globally unique ID of the CMK. It is the ID of the CMK used to decrypt ciphertext.
	KeyId string `pulumi:"keyId"`
	// The decrypted plaintext.
	Plaintext string `pulumi:"plaintext"`
}

A collection of values returned by getPlaintext.

func GetPlaintext 

func GetPlaintext(ctx *pulumi.Context, args *GetPlaintextArgs, opts ...pulumi.InvokeOption) (*GetPlaintextResult, error)

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
			Description: pulumi.String("example key"),
			IsEnabled:   pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		// Encrypt plaintext 'example'
		encrypted, err := kms.NewCiphertext(ctx, "encrypted", &kms.CiphertextArgs{
			KeyId:     key.ID(),
			Plaintext: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		// Decrypt encrypted ciphertext
		plaintext := kms.GetPlaintextOutput(ctx, kms.GetPlaintextOutputArgs{
			CiphertextBlob: encrypted.CiphertextBlob,
		}, nil)
		ctx.Export("decrypted", plaintext.ApplyT(func(plaintext kms.GetPlaintextResult) (*string, error) {
			return &plaintext.Plaintext, nil
		}).(pulumi.StringPtrOutput))
		return nil
	})
}

```

type GetPlaintextResultOutput added in v3.9.0 

type GetPlaintextResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getPlaintext.

func GetPlaintextOutput added in v3.9.0 

func GetPlaintextOutput(ctx *pulumi.Context, args GetPlaintextOutputArgs, opts ...pulumi.InvokeOption) GetPlaintextResultOutput

func (GetPlaintextResultOutput) CiphertextBlob added in v3.9.0 

func (o GetPlaintextResultOutput) CiphertextBlob() pulumi.StringOutput

func (GetPlaintextResultOutput) ElementType added in v3.9.0 

func (GetPlaintextResultOutput) ElementType() reflect.Type

func (GetPlaintextResultOutput) EncryptionContext added in v3.9.0 

func (o GetPlaintextResultOutput) EncryptionContext() pulumi.StringMapOutput

func (GetPlaintextResultOutput) Id added in v3.9.0 

func (o GetPlaintextResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetPlaintextResultOutput) KeyId added in v3.9.0 

func (o GetPlaintextResultOutput) KeyId() pulumi.StringOutput

The globally unique ID of the CMK. It is the ID of the CMK used to decrypt ciphertext.

func (GetPlaintextResultOutput) Plaintext added in v3.9.0 

func (o GetPlaintextResultOutput) Plaintext() pulumi.StringOutput

The decrypted plaintext.

func (GetPlaintextResultOutput) ToGetPlaintextResultOutput added in v3.9.0 

func (o GetPlaintextResultOutput) ToGetPlaintextResultOutput() GetPlaintextResultOutput

func (GetPlaintextResultOutput) ToGetPlaintextResultOutputWithContext added in v3.9.0 

func (o GetPlaintextResultOutput) ToGetPlaintextResultOutputWithContext(ctx context.Context) GetPlaintextResultOutput

type GetSecretVersionsArgs 

type GetSecretVersionsArgs struct {
	// Default to false and only output `secretName`, `versionId`, `versionStages`. Set it to true can output more details.
	EnableDetails *bool `pulumi:"enableDetails"`
	// A list of KMS Secret Version ids.
	Ids []string `pulumi:"ids"`
	// Specifies whether to return deprecated secret versions. Default to `false`.
	IncludeDeprecated *string `pulumi:"includeDeprecated"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile *string `pulumi:"outputFile"`
	// The name of the secret.
	SecretName string `pulumi:"secretName"`
	// The stage of the secret version.
	VersionStage *string `pulumi:"versionStage"`
}

A collection of arguments for invoking getSecretVersions.

type GetSecretVersionsOutputArgs added in v3.9.0 

type GetSecretVersionsOutputArgs struct {
	// Default to false and only output `secretName`, `versionId`, `versionStages`. Set it to true can output more details.
	EnableDetails pulumi.BoolPtrInput `pulumi:"enableDetails"`
	// A list of KMS Secret Version ids.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
	// Specifies whether to return deprecated secret versions. Default to `false`.
	IncludeDeprecated pulumi.StringPtrInput `pulumi:"includeDeprecated"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile pulumi.StringPtrInput `pulumi:"outputFile"`
	// The name of the secret.
	SecretName pulumi.StringInput `pulumi:"secretName"`
	// The stage of the secret version.
	VersionStage pulumi.StringPtrInput `pulumi:"versionStage"`
}

A collection of arguments for invoking getSecretVersions.

func (GetSecretVersionsOutputArgs) ElementType added in v3.9.0 

func (GetSecretVersionsOutputArgs) ElementType() reflect.Type

type GetSecretVersionsResult 

type GetSecretVersionsResult struct {
	EnableDetails *bool `pulumi:"enableDetails"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of Kms Secret Version ids.
	Ids               []string `pulumi:"ids"`
	IncludeDeprecated *string  `pulumi:"includeDeprecated"`
	OutputFile        *string  `pulumi:"outputFile"`
	// The name of the secret.
	SecretName   string  `pulumi:"secretName"`
	VersionStage *string `pulumi:"versionStage"`
	// A list of KMS Secret Versions. Each element contains the following attributes:
	Versions []GetSecretVersionsVersion `pulumi:"versions"`
}

A collection of values returned by getSecretVersions.

func GetSecretVersions 

func GetSecretVersions(ctx *pulumi.Context, args *GetSecretVersionsArgs, opts ...pulumi.InvokeOption) (*GetSecretVersionsResult, error)

This data source provides a list of KMS Secret Versions in an Alibaba Cloud account according to the specified filters.

> **NOTE:** Available in v1.88.0+.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Declare the data source
		kmsSecretVersionsDs, err := kms.GetSecretVersions(ctx, &kms.GetSecretVersionsArgs{
			SecretName:    "secret_name",
			EnableDetails: pulumi.BoolRef(true),
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("firstSecretData", kmsSecretVersionsDs.Versions[0].SecretData)
		return nil
	})
}

```

type GetSecretVersionsResultOutput added in v3.9.0 

type GetSecretVersionsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecretVersions.

func GetSecretVersionsOutput added in v3.9.0 

func GetSecretVersionsOutput(ctx *pulumi.Context, args GetSecretVersionsOutputArgs, opts ...pulumi.InvokeOption) GetSecretVersionsResultOutput

func (GetSecretVersionsResultOutput) ElementType added in v3.9.0 

func (GetSecretVersionsResultOutput) ElementType() reflect.Type

func (GetSecretVersionsResultOutput) EnableDetails added in v3.9.0 

func (o GetSecretVersionsResultOutput) EnableDetails() pulumi.BoolPtrOutput

func (GetSecretVersionsResultOutput) Id added in v3.9.0 

func (o GetSecretVersionsResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetSecretVersionsResultOutput) Ids added in v3.9.0 

func (o GetSecretVersionsResultOutput) Ids() pulumi.StringArrayOutput

A list of Kms Secret Version ids.

func (GetSecretVersionsResultOutput) IncludeDeprecated added in v3.9.0 

func (o GetSecretVersionsResultOutput) IncludeDeprecated() pulumi.StringPtrOutput

func (GetSecretVersionsResultOutput) OutputFile added in v3.9.0 

func (o GetSecretVersionsResultOutput) OutputFile() pulumi.StringPtrOutput

func (GetSecretVersionsResultOutput) SecretName added in v3.9.0 

func (o GetSecretVersionsResultOutput) SecretName() pulumi.StringOutput

The name of the secret.

func (GetSecretVersionsResultOutput) ToGetSecretVersionsResultOutput added in v3.9.0 

func (o GetSecretVersionsResultOutput) ToGetSecretVersionsResultOutput() GetSecretVersionsResultOutput

func (GetSecretVersionsResultOutput) ToGetSecretVersionsResultOutputWithContext added in v3.9.0 

func (o GetSecretVersionsResultOutput) ToGetSecretVersionsResultOutputWithContext(ctx context.Context) GetSecretVersionsResultOutput

func (GetSecretVersionsResultOutput) VersionStage added in v3.9.0 

func (o GetSecretVersionsResultOutput) VersionStage() pulumi.StringPtrOutput

func (GetSecretVersionsResultOutput) Versions added in v3.9.0 

func (o GetSecretVersionsResultOutput) Versions() GetSecretVersionsVersionArrayOutput

A list of KMS Secret Versions. Each element contains the following attributes:

type GetSecretVersionsVersion 

type GetSecretVersionsVersion struct {
	// The secret value. Secrets Manager decrypts the stored secret value in ciphertext and returns it. (Returned when `enableDetails` is true).
	SecretData string `pulumi:"secretData"`
	// The type of the secret value. (Returned when `enableDetails` is true).
	SecretDataType string `pulumi:"secretDataType"`
	// The name of the secret.
	SecretName string `pulumi:"secretName"`
	// The version number of the secret value.
	VersionId string `pulumi:"versionId"`
	// Stage labels that mark the secret version.
	VersionStages []string `pulumi:"versionStages"`
}

type GetSecretVersionsVersionArgs 

type GetSecretVersionsVersionArgs struct {
	// The secret value. Secrets Manager decrypts the stored secret value in ciphertext and returns it. (Returned when `enableDetails` is true).
	SecretData pulumi.StringInput `pulumi:"secretData"`
	// The type of the secret value. (Returned when `enableDetails` is true).
	SecretDataType pulumi.StringInput `pulumi:"secretDataType"`
	// The name of the secret.
	SecretName pulumi.StringInput `pulumi:"secretName"`
	// The version number of the secret value.
	VersionId pulumi.StringInput `pulumi:"versionId"`
	// Stage labels that mark the secret version.
	VersionStages pulumi.StringArrayInput `pulumi:"versionStages"`
}

func (GetSecretVersionsVersionArgs) ElementType 

func (GetSecretVersionsVersionArgs) ElementType() reflect.Type

func (GetSecretVersionsVersionArgs) ToGetSecretVersionsVersionOutput 

func (i GetSecretVersionsVersionArgs) ToGetSecretVersionsVersionOutput() GetSecretVersionsVersionOutput

func (GetSecretVersionsVersionArgs) ToGetSecretVersionsVersionOutputWithContext 

func (i GetSecretVersionsVersionArgs) ToGetSecretVersionsVersionOutputWithContext(ctx context.Context) GetSecretVersionsVersionOutput

type GetSecretVersionsVersionArray 

type GetSecretVersionsVersionArray []GetSecretVersionsVersionInput

func (GetSecretVersionsVersionArray) ElementType 

func (GetSecretVersionsVersionArray) ElementType() reflect.Type

func (GetSecretVersionsVersionArray) ToGetSecretVersionsVersionArrayOutput 

func (i GetSecretVersionsVersionArray) ToGetSecretVersionsVersionArrayOutput() GetSecretVersionsVersionArrayOutput

func (GetSecretVersionsVersionArray) ToGetSecretVersionsVersionArrayOutputWithContext 

func (i GetSecretVersionsVersionArray) ToGetSecretVersionsVersionArrayOutputWithContext(ctx context.Context) GetSecretVersionsVersionArrayOutput

type GetSecretVersionsVersionArrayInput 

type GetSecretVersionsVersionArrayInput interface {
	pulumi.Input

	ToGetSecretVersionsVersionArrayOutput() GetSecretVersionsVersionArrayOutput
	ToGetSecretVersionsVersionArrayOutputWithContext(context.Context) GetSecretVersionsVersionArrayOutput
}

GetSecretVersionsVersionArrayInput is an input type that accepts GetSecretVersionsVersionArray and GetSecretVersionsVersionArrayOutput values. You can construct a concrete instance of `GetSecretVersionsVersionArrayInput` via: 

GetSecretVersionsVersionArray{ GetSecretVersionsVersionArgs{...} }

type GetSecretVersionsVersionArrayOutput 

type GetSecretVersionsVersionArrayOutput struct{ *pulumi.OutputState }

func (GetSecretVersionsVersionArrayOutput) ElementType 

func (GetSecretVersionsVersionArrayOutput) ElementType() reflect.Type

func (GetSecretVersionsVersionArrayOutput) Index 

func (o GetSecretVersionsVersionArrayOutput) Index(i pulumi.IntInput) GetSecretVersionsVersionOutput

func (GetSecretVersionsVersionArrayOutput) ToGetSecretVersionsVersionArrayOutput 

func (o GetSecretVersionsVersionArrayOutput) ToGetSecretVersionsVersionArrayOutput() GetSecretVersionsVersionArrayOutput

func (GetSecretVersionsVersionArrayOutput) ToGetSecretVersionsVersionArrayOutputWithContext 

func (o GetSecretVersionsVersionArrayOutput) ToGetSecretVersionsVersionArrayOutputWithContext(ctx context.Context) GetSecretVersionsVersionArrayOutput

type GetSecretVersionsVersionInput 

type GetSecretVersionsVersionInput interface {
	pulumi.Input

	ToGetSecretVersionsVersionOutput() GetSecretVersionsVersionOutput
	ToGetSecretVersionsVersionOutputWithContext(context.Context) GetSecretVersionsVersionOutput
}

GetSecretVersionsVersionInput is an input type that accepts GetSecretVersionsVersionArgs and GetSecretVersionsVersionOutput values. You can construct a concrete instance of `GetSecretVersionsVersionInput` via: 

GetSecretVersionsVersionArgs{...}

type GetSecretVersionsVersionOutput 

type GetSecretVersionsVersionOutput struct{ *pulumi.OutputState }

func (GetSecretVersionsVersionOutput) ElementType 

func (GetSecretVersionsVersionOutput) ElementType() reflect.Type

func (GetSecretVersionsVersionOutput) SecretData 

func (o GetSecretVersionsVersionOutput) SecretData() pulumi.StringOutput

The secret value. Secrets Manager decrypts the stored secret value in ciphertext and returns it. (Returned when `enableDetails` is true).

func (GetSecretVersionsVersionOutput) SecretDataType 

func (o GetSecretVersionsVersionOutput) SecretDataType() pulumi.StringOutput

The type of the secret value. (Returned when `enableDetails` is true).

func (GetSecretVersionsVersionOutput) SecretName 

func (o GetSecretVersionsVersionOutput) SecretName() pulumi.StringOutput

The name of the secret.

func (GetSecretVersionsVersionOutput) ToGetSecretVersionsVersionOutput 

func (o GetSecretVersionsVersionOutput) ToGetSecretVersionsVersionOutput() GetSecretVersionsVersionOutput

func (GetSecretVersionsVersionOutput) ToGetSecretVersionsVersionOutputWithContext 

func (o GetSecretVersionsVersionOutput) ToGetSecretVersionsVersionOutputWithContext(ctx context.Context) GetSecretVersionsVersionOutput

func (GetSecretVersionsVersionOutput) VersionId 

func (o GetSecretVersionsVersionOutput) VersionId() pulumi.StringOutput

The version number of the secret value.

func (GetSecretVersionsVersionOutput) VersionStages 

func (o GetSecretVersionsVersionOutput) VersionStages() pulumi.StringArrayOutput

Stage labels that mark the secret version.

type GetSecretsArgs 

type GetSecretsArgs struct {
	// Default to `false`. Set it to true can output more details.
	EnableDetails *bool `pulumi:"enableDetails"`
	// Whether to include the predetermined resource tag in the return value. Default to `false`.
	FetchTags *bool `pulumi:"fetchTags"`
	// The secret filter. The filter consists of one or more key-value pairs.
	// More details see API [ListSecrets](https://www.alibabacloud.com/help/en/key-management-service/latest/listsecrets).
	Filters *string `pulumi:"filters"`
	// A list of KMS Secret ids. The value is same as KMS secret_name.
	Ids []string `pulumi:"ids"`
	// A regex string to filter the results by the KMS secret_name.
	NameRegex *string `pulumi:"nameRegex"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile *string `pulumi:"outputFile"`
	// A mapping of tags to assign to the resource.
	Tags map[string]interface{} `pulumi:"tags"`
}

A collection of arguments for invoking getSecrets.

type GetSecretsOutputArgs added in v3.9.0 

type GetSecretsOutputArgs struct {
	// Default to `false`. Set it to true can output more details.
	EnableDetails pulumi.BoolPtrInput `pulumi:"enableDetails"`
	// Whether to include the predetermined resource tag in the return value. Default to `false`.
	FetchTags pulumi.BoolPtrInput `pulumi:"fetchTags"`
	// The secret filter. The filter consists of one or more key-value pairs.
	// More details see API [ListSecrets](https://www.alibabacloud.com/help/en/key-management-service/latest/listsecrets).
	Filters pulumi.StringPtrInput `pulumi:"filters"`
	// A list of KMS Secret ids. The value is same as KMS secret_name.
	Ids pulumi.StringArrayInput `pulumi:"ids"`
	// A regex string to filter the results by the KMS secret_name.
	NameRegex pulumi.StringPtrInput `pulumi:"nameRegex"`
	// File name where to save data source results (after running `pulumi preview`).
	OutputFile pulumi.StringPtrInput `pulumi:"outputFile"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput `pulumi:"tags"`
}

A collection of arguments for invoking getSecrets.

func (GetSecretsOutputArgs) ElementType added in v3.9.0 

func (GetSecretsOutputArgs) ElementType() reflect.Type

type GetSecretsResult 

type GetSecretsResult struct {
	EnableDetails *bool   `pulumi:"enableDetails"`
	FetchTags     *bool   `pulumi:"fetchTags"`
	Filters       *string `pulumi:"filters"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of Kms Secret ids. The value is same as KMS secret_name.
	Ids       []string `pulumi:"ids"`
	NameRegex *string  `pulumi:"nameRegex"`
	// A list of KMS Secret names.
	Names      []string `pulumi:"names"`
	OutputFile *string  `pulumi:"outputFile"`
	// A list of KMS Secrets. Each element contains the following attributes:
	Secrets []GetSecretsSecret `pulumi:"secrets"`
	// (Optional) A mapping of tags to assign to the resource.
	Tags map[string]interface{} `pulumi:"tags"`
}

A collection of values returned by getSecrets.

func GetSecrets 

func GetSecrets(ctx *pulumi.Context, args *GetSecretsArgs, opts ...pulumi.InvokeOption) (*GetSecretsResult, error)

This data source provides a list of KMS Secrets in an Alibaba Cloud account according to the specified filters.

> **NOTE:** Available in v1.86.0+.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Declare the data source
		kmsSecretsDs, err := kms.GetSecrets(ctx, &kms.GetSecretsArgs{
			FetchTags: pulumi.BoolRef(true),
			NameRegex: pulumi.StringRef("name_regex"),
			Tags: map[string]interface{}{
				"k-aa": "v-aa",
				"k-bb": "v-bb",
			},
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("firstSecretId", kmsSecretsDs.Secrets[0].Id)
		return nil
	})
}

```

type GetSecretsResultOutput added in v3.9.0 

type GetSecretsResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getSecrets.

func GetSecretsOutput added in v3.9.0 

func GetSecretsOutput(ctx *pulumi.Context, args GetSecretsOutputArgs, opts ...pulumi.InvokeOption) GetSecretsResultOutput

func (GetSecretsResultOutput) ElementType added in v3.9.0 

func (GetSecretsResultOutput) ElementType() reflect.Type

func (GetSecretsResultOutput) EnableDetails added in v3.9.0 

func (o GetSecretsResultOutput) EnableDetails() pulumi.BoolPtrOutput

func (GetSecretsResultOutput) FetchTags added in v3.9.0 

func (o GetSecretsResultOutput) FetchTags() pulumi.BoolPtrOutput

func (GetSecretsResultOutput) Filters added in v3.9.0 

func (o GetSecretsResultOutput) Filters() pulumi.StringPtrOutput

func (GetSecretsResultOutput) Id added in v3.9.0 

func (o GetSecretsResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetSecretsResultOutput) Ids added in v3.9.0 

func (o GetSecretsResultOutput) Ids() pulumi.StringArrayOutput

A list of Kms Secret ids. The value is same as KMS secret_name.

func (GetSecretsResultOutput) NameRegex added in v3.9.0 

func (o GetSecretsResultOutput) NameRegex() pulumi.StringPtrOutput

func (GetSecretsResultOutput) Names added in v3.9.0 

func (o GetSecretsResultOutput) Names() pulumi.StringArrayOutput

A list of KMS Secret names.

func (GetSecretsResultOutput) OutputFile added in v3.9.0 

func (o GetSecretsResultOutput) OutputFile() pulumi.StringPtrOutput

func (GetSecretsResultOutput) Secrets added in v3.9.0 

func (o GetSecretsResultOutput) Secrets() GetSecretsSecretArrayOutput

A list of KMS Secrets. Each element contains the following attributes:

func (GetSecretsResultOutput) Tags added in v3.9.0 

func (o GetSecretsResultOutput) Tags() pulumi.MapOutput

(Optional) A mapping of tags to assign to the resource.

func (GetSecretsResultOutput) ToGetSecretsResultOutput added in v3.9.0 

func (o GetSecretsResultOutput) ToGetSecretsResultOutput() GetSecretsResultOutput

func (GetSecretsResultOutput) ToGetSecretsResultOutputWithContext added in v3.9.0 

func (o GetSecretsResultOutput) ToGetSecretsResultOutputWithContext(ctx context.Context) GetSecretsResultOutput

type GetSecretsSecret 

type GetSecretsSecret struct {
	// (Available in 1.124.0+) A mapping of tags to assign to the resource.
	Arn string `pulumi:"arn"`
	// (Available in 1.124.0+)  The description of the secret.
	Description string `pulumi:"description"`
	// (Available in 1.124.0+)  The ID of the KMS CMK that is used to encrypt the secret value.
	EncryptionKeyId string `pulumi:"encryptionKeyId"`
	// ID of the Kms Secret. The value is same as KMS secret_name.
	Id string `pulumi:"id"`
	// Schedule deletion time.
	PlannedDeleteTime string `pulumi:"plannedDeleteTime"`
	// (Available in 1.124.0+)  The value of the secret that you want to create.
	SecretData string `pulumi:"secretData"`
	// (Available in 1.124.0+)  The type of the secret data value.
	SecretDataType string `pulumi:"secretDataType"`
	// Name of the KMS Secret.
	SecretName string `pulumi:"secretName"`
	// (Available in 1.124.0+)  The type of the secret.
	SecretType string `pulumi:"secretType"`
	// A mapping of tags to assign to the resource.
	Tags map[string]interface{} `pulumi:"tags"`
	// (Available in 1.124.0+)  The version number of the initial version.
	VersionId string `pulumi:"versionId"`
	// (Available in 1.124.0+)  The stage labels that mark the new secret version.
	VersionStages []string `pulumi:"versionStages"`
}

type GetSecretsSecretArgs 

type GetSecretsSecretArgs struct {
	// (Available in 1.124.0+) A mapping of tags to assign to the resource.
	Arn pulumi.StringInput `pulumi:"arn"`
	// (Available in 1.124.0+)  The description of the secret.
	Description pulumi.StringInput `pulumi:"description"`
	// (Available in 1.124.0+)  The ID of the KMS CMK that is used to encrypt the secret value.
	EncryptionKeyId pulumi.StringInput `pulumi:"encryptionKeyId"`
	// ID of the Kms Secret. The value is same as KMS secret_name.
	Id pulumi.StringInput `pulumi:"id"`
	// Schedule deletion time.
	PlannedDeleteTime pulumi.StringInput `pulumi:"plannedDeleteTime"`
	// (Available in 1.124.0+)  The value of the secret that you want to create.
	SecretData pulumi.StringInput `pulumi:"secretData"`
	// (Available in 1.124.0+)  The type of the secret data value.
	SecretDataType pulumi.StringInput `pulumi:"secretDataType"`
	// Name of the KMS Secret.
	SecretName pulumi.StringInput `pulumi:"secretName"`
	// (Available in 1.124.0+)  The type of the secret.
	SecretType pulumi.StringInput `pulumi:"secretType"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput `pulumi:"tags"`
	// (Available in 1.124.0+)  The version number of the initial version.
	VersionId pulumi.StringInput `pulumi:"versionId"`
	// (Available in 1.124.0+)  The stage labels that mark the new secret version.
	VersionStages pulumi.StringArrayInput `pulumi:"versionStages"`
}

func (GetSecretsSecretArgs) ElementType 

func (GetSecretsSecretArgs) ElementType() reflect.Type

func (GetSecretsSecretArgs) ToGetSecretsSecretOutput 

func (i GetSecretsSecretArgs) ToGetSecretsSecretOutput() GetSecretsSecretOutput

func (GetSecretsSecretArgs) ToGetSecretsSecretOutputWithContext 

func (i GetSecretsSecretArgs) ToGetSecretsSecretOutputWithContext(ctx context.Context) GetSecretsSecretOutput

type GetSecretsSecretArray 

type GetSecretsSecretArray []GetSecretsSecretInput

func (GetSecretsSecretArray) ElementType 

func (GetSecretsSecretArray) ElementType() reflect.Type

func (GetSecretsSecretArray) ToGetSecretsSecretArrayOutput 

func (i GetSecretsSecretArray) ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput

func (GetSecretsSecretArray) ToGetSecretsSecretArrayOutputWithContext 

func (i GetSecretsSecretArray) ToGetSecretsSecretArrayOutputWithContext(ctx context.Context) GetSecretsSecretArrayOutput

type GetSecretsSecretArrayInput 

type GetSecretsSecretArrayInput interface {
	pulumi.Input

	ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput
	ToGetSecretsSecretArrayOutputWithContext(context.Context) GetSecretsSecretArrayOutput
}

GetSecretsSecretArrayInput is an input type that accepts GetSecretsSecretArray and GetSecretsSecretArrayOutput values. You can construct a concrete instance of `GetSecretsSecretArrayInput` via: 

GetSecretsSecretArray{ GetSecretsSecretArgs{...} }

type GetSecretsSecretArrayOutput 

type GetSecretsSecretArrayOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretArrayOutput) ElementType 

func (GetSecretsSecretArrayOutput) ElementType() reflect.Type

func (GetSecretsSecretArrayOutput) Index 

func (o GetSecretsSecretArrayOutput) Index(i pulumi.IntInput) GetSecretsSecretOutput

func (GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutput 

func (o GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutput() GetSecretsSecretArrayOutput

func (GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutputWithContext 

func (o GetSecretsSecretArrayOutput) ToGetSecretsSecretArrayOutputWithContext(ctx context.Context) GetSecretsSecretArrayOutput

type GetSecretsSecretInput 

type GetSecretsSecretInput interface {
	pulumi.Input

	ToGetSecretsSecretOutput() GetSecretsSecretOutput
	ToGetSecretsSecretOutputWithContext(context.Context) GetSecretsSecretOutput
}

GetSecretsSecretInput is an input type that accepts GetSecretsSecretArgs and GetSecretsSecretOutput values. You can construct a concrete instance of `GetSecretsSecretInput` via: 

GetSecretsSecretArgs{...}

type GetSecretsSecretOutput 

type GetSecretsSecretOutput struct{ *pulumi.OutputState }

func (GetSecretsSecretOutput) Arn added in v3.3.0 

func (o GetSecretsSecretOutput) Arn() pulumi.StringOutput

(Available in 1.124.0+) A mapping of tags to assign to the resource.

func (GetSecretsSecretOutput) Description added in v3.3.0 

func (o GetSecretsSecretOutput) Description() pulumi.StringOutput

(Available in 1.124.0+) The description of the secret.

func (GetSecretsSecretOutput) ElementType 

func (GetSecretsSecretOutput) ElementType() reflect.Type

func (GetSecretsSecretOutput) EncryptionKeyId added in v3.3.0 

func (o GetSecretsSecretOutput) EncryptionKeyId() pulumi.StringOutput

(Available in 1.124.0+) The ID of the KMS CMK that is used to encrypt the secret value.

func (GetSecretsSecretOutput) Id 

func (o GetSecretsSecretOutput) Id() pulumi.StringOutput

ID of the Kms Secret. The value is same as KMS secret_name.

func (GetSecretsSecretOutput) PlannedDeleteTime 

func (o GetSecretsSecretOutput) PlannedDeleteTime() pulumi.StringOutput

Schedule deletion time.

func (GetSecretsSecretOutput) SecretData added in v3.3.0 

func (o GetSecretsSecretOutput) SecretData() pulumi.StringOutput

(Available in 1.124.0+) The value of the secret that you want to create.

func (GetSecretsSecretOutput) SecretDataType added in v3.3.0 

func (o GetSecretsSecretOutput) SecretDataType() pulumi.StringOutput

(Available in 1.124.0+) The type of the secret data value.

func (GetSecretsSecretOutput) SecretName 

func (o GetSecretsSecretOutput) SecretName() pulumi.StringOutput

Name of the KMS Secret.

func (GetSecretsSecretOutput) SecretType added in v3.3.0 

func (o GetSecretsSecretOutput) SecretType() pulumi.StringOutput

(Available in 1.124.0+) The type of the secret.

func (GetSecretsSecretOutput) Tags 

func (o GetSecretsSecretOutput) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (GetSecretsSecretOutput) ToGetSecretsSecretOutput 

func (o GetSecretsSecretOutput) ToGetSecretsSecretOutput() GetSecretsSecretOutput

func (GetSecretsSecretOutput) ToGetSecretsSecretOutputWithContext 

func (o GetSecretsSecretOutput) ToGetSecretsSecretOutputWithContext(ctx context.Context) GetSecretsSecretOutput

func (GetSecretsSecretOutput) VersionId added in v3.3.0 

func (o GetSecretsSecretOutput) VersionId() pulumi.StringOutput

(Available in 1.124.0+) The version number of the initial version.

func (GetSecretsSecretOutput) VersionStages added in v3.3.0 

func (o GetSecretsSecretOutput) VersionStages() pulumi.StringArrayOutput

(Available in 1.124.0+) The stage labels that mark the new secret version.

type GetServiceArgs 

type GetServiceArgs struct {
	// Setting the value to `On` to enable the service. If has been enabled, return the result. Valid values: "On" or "Off". Default to "Off".
	//
	// > **NOTE:** Setting `enable = "On"` to open the KMS service that means you have read and agreed the [KMS Terms of Service](https://help.aliyun.com/document_detail/125937.html). The service can not closed once it is opened.
	Enable *string `pulumi:"enable"`
}

A collection of arguments for invoking getService.

type GetServiceOutputArgs added in v3.9.0 

type GetServiceOutputArgs struct {
	// Setting the value to `On` to enable the service. If has been enabled, return the result. Valid values: "On" or "Off". Default to "Off".
	//
	// > **NOTE:** Setting `enable = "On"` to open the KMS service that means you have read and agreed the [KMS Terms of Service](https://help.aliyun.com/document_detail/125937.html). The service can not closed once it is opened.
	Enable pulumi.StringPtrInput `pulumi:"enable"`
}

A collection of arguments for invoking getService.

func (GetServiceOutputArgs) ElementType added in v3.9.0 

func (GetServiceOutputArgs) ElementType() reflect.Type

type GetServiceResult 

type GetServiceResult struct {
	Enable *string `pulumi:"enable"`
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// The current service enable status.
	Status string `pulumi:"status"`
}

A collection of values returned by getService.

func GetService 

func GetService(ctx *pulumi.Context, args *GetServiceArgs, opts ...pulumi.InvokeOption) (*GetServiceResult, error)

Using this data source can open KMS service automatically. If the service has been opened, it will return opened.

For information about KMS and how to use it, see [What is KMS](https://help.aliyun.com/document_detail/186020.html).

> **NOTE:** Available in v1.108.0+

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := kms.GetService(ctx, &kms.GetServiceArgs{
			Enable: pulumi.StringRef("On"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetServiceResultOutput added in v3.9.0 

type GetServiceResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getService.

func GetServiceOutput added in v3.9.0 

func GetServiceOutput(ctx *pulumi.Context, args GetServiceOutputArgs, opts ...pulumi.InvokeOption) GetServiceResultOutput

func (GetServiceResultOutput) ElementType added in v3.9.0 

func (GetServiceResultOutput) ElementType() reflect.Type

func (GetServiceResultOutput) Enable added in v3.9.0 

func (o GetServiceResultOutput) Enable() pulumi.StringPtrOutput

func (GetServiceResultOutput) Id added in v3.9.0 

func (o GetServiceResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetServiceResultOutput) Status added in v3.9.0 

func (o GetServiceResultOutput) Status() pulumi.StringOutput

The current service enable status.

func (GetServiceResultOutput) ToGetServiceResultOutput added in v3.9.0 

func (o GetServiceResultOutput) ToGetServiceResultOutput() GetServiceResultOutput

func (GetServiceResultOutput) ToGetServiceResultOutputWithContext added in v3.9.0 

func (o GetServiceResultOutput) ToGetServiceResultOutputWithContext(ctx context.Context) GetServiceResultOutput

type Instance added in v3.44.0 

type Instance struct {
	pulumi.CustomResourceState

	// Aucillary VPCs used to access this KMS instance. See `bindVpcs` below.
	BindVpcs InstanceBindVpcArrayOutput `pulumi:"bindVpcs"`
	// KMS instance certificate chain in PEM format.
	CaCertificateChainPem pulumi.StringOutput `pulumi:"caCertificateChainPem"`
	// The creation time of the resource.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The name of the resource.
	InstanceName pulumi.StringOutput `pulumi:"instanceName"`
	// Maximum number of stored keys.
	KeyNum pulumi.IntOutput `pulumi:"keyNum"`
	// Instance Audit Log Switch.
	Log pulumi.StringOutput `pulumi:"log"`
	// Instance log capacity.
	LogStorage pulumi.IntOutput `pulumi:"logStorage"`
	// Purchase cycle, in months.
	Period pulumi.IntPtrOutput `pulumi:"period"`
	// KMS Instance commodity type (software/hardware).
	ProductVersion pulumi.StringPtrOutput `pulumi:"productVersion"`
	// Automatic renewal period, in months.
	RenewPeriod pulumi.IntPtrOutput `pulumi:"renewPeriod"`
	// Renewal options (manual renewal, automatic renewal, no renewal).
	RenewStatus pulumi.StringPtrOutput `pulumi:"renewStatus"`
	// Maximum number of Secrets.
	SecretNum pulumi.IntOutput `pulumi:"secretNum"`
	// The computation performance level of the KMS instance.
	Spec pulumi.IntOutput `pulumi:"spec"`
	// Instance status.
	Status pulumi.StringOutput `pulumi:"status"`
	// Instance VPC id.
	VpcId pulumi.StringOutput `pulumi:"vpcId"`
	// The number of managed accesses. The maximum number of VPCs that can access this KMS instance.
	VpcNum pulumi.IntOutput `pulumi:"vpcNum"`
	// Instance bind vswitches.
	VswitchIds pulumi.StringArrayOutput `pulumi:"vswitchIds"`
	// zone id.
	ZoneIds pulumi.StringArrayOutput `pulumi:"zoneIds"`
}

Provides a KMS Instance resource.

For information about KMS Instance and how to use it, see [What is Instance](https://www.alibabacloud.com/help/zh/key-management-service/latest/kms-instance-management).

> **NOTE:** Available since v1.210.0.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_default, err := vpc.GetNetworks(ctx, &vpc.GetNetworksArgs{
			NameRegex: pulumi.StringRef("^default-NODELETING$"),
			CidrBlock: pulumi.StringRef("172.16.0.0/16"),
		}, nil)
		if err != nil {
			return err
		}
		defaultGetSwitches, err := vpc.GetSwitches(ctx, &vpc.GetSwitchesArgs{
			VpcId:  pulumi.StringRef(_default.Ids[0]),
			ZoneId: pulumi.StringRef("cn-hangzhou-k"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = kms.NewInstance(ctx, "default", &kms.InstanceArgs{
			ProductVersion: pulumi.String("3"),
			VpcId:          pulumi.String(_default.Ids[0]),
			ZoneIds: pulumi.StringArray{
				pulumi.String("cn-hangzhou-k"),
				pulumi.String("cn-hangzhou-j"),
			},
			VswitchIds: pulumi.StringArray{
				pulumi.String(defaultGetSwitches.Ids[0]),
			},
			VpcNum:    pulumi.Int(1),
			KeyNum:    pulumi.Int(1000),
			SecretNum: pulumi.Int(0),
			Spec:      pulumi.Int(1000),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS Instance can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/instance:Instance example <id> ```

func GetInstance added in v3.44.0 

func GetInstance(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InstanceState, opts ...pulumi.ResourceOption) (*Instance, error)

GetInstance gets an existing Instance resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInstance added in v3.44.0 

func NewInstance(ctx *pulumi.Context,
	name string, args *InstanceArgs, opts ...pulumi.ResourceOption) (*Instance, error)

NewInstance registers a new resource with the given unique name, arguments, and options.

func (*Instance) ElementType added in v3.44.0 

func (*Instance) ElementType() reflect.Type

func (*Instance) ToInstanceOutput added in v3.44.0 

func (i *Instance) ToInstanceOutput() InstanceOutput

func (*Instance) ToInstanceOutputWithContext added in v3.44.0 

func (i *Instance) ToInstanceOutputWithContext(ctx context.Context) InstanceOutput

type InstanceArgs added in v3.44.0 

type InstanceArgs struct {
	// Aucillary VPCs used to access this KMS instance. See `bindVpcs` below.
	BindVpcs InstanceBindVpcArrayInput
	// Maximum number of stored keys.
	KeyNum pulumi.IntInput
	// Instance Audit Log Switch.
	Log pulumi.StringPtrInput
	// Instance log capacity.
	LogStorage pulumi.IntPtrInput
	// Purchase cycle, in months.
	Period pulumi.IntPtrInput
	// KMS Instance commodity type (software/hardware).
	ProductVersion pulumi.StringPtrInput
	// Automatic renewal period, in months.
	RenewPeriod pulumi.IntPtrInput
	// Renewal options (manual renewal, automatic renewal, no renewal).
	RenewStatus pulumi.StringPtrInput
	// Maximum number of Secrets.
	SecretNum pulumi.IntInput
	// The computation performance level of the KMS instance.
	Spec pulumi.IntInput
	// Instance VPC id.
	VpcId pulumi.StringInput
	// The number of managed accesses. The maximum number of VPCs that can access this KMS instance.
	VpcNum pulumi.IntInput
	// Instance bind vswitches.
	VswitchIds pulumi.StringArrayInput
	// zone id.
	ZoneIds pulumi.StringArrayInput
}

The set of arguments for constructing a Instance resource.

func (InstanceArgs) ElementType added in v3.44.0 

func (InstanceArgs) ElementType() reflect.Type

type InstanceArray added in v3.44.0 

type InstanceArray []InstanceInput

func (InstanceArray) ElementType added in v3.44.0 

func (InstanceArray) ElementType() reflect.Type

func (InstanceArray) ToInstanceArrayOutput added in v3.44.0 

func (i InstanceArray) ToInstanceArrayOutput() InstanceArrayOutput

func (InstanceArray) ToInstanceArrayOutputWithContext added in v3.44.0 

func (i InstanceArray) ToInstanceArrayOutputWithContext(ctx context.Context) InstanceArrayOutput

type InstanceArrayInput added in v3.44.0 

type InstanceArrayInput interface {
	pulumi.Input

	ToInstanceArrayOutput() InstanceArrayOutput
	ToInstanceArrayOutputWithContext(context.Context) InstanceArrayOutput
}

InstanceArrayInput is an input type that accepts InstanceArray and InstanceArrayOutput values. You can construct a concrete instance of `InstanceArrayInput` via: 

InstanceArray{ InstanceArgs{...} }

type InstanceArrayOutput added in v3.44.0 

type InstanceArrayOutput struct{ *pulumi.OutputState }

func (InstanceArrayOutput) ElementType added in v3.44.0 

func (InstanceArrayOutput) ElementType() reflect.Type

func (InstanceArrayOutput) Index added in v3.44.0 

func (o InstanceArrayOutput) Index(i pulumi.IntInput) InstanceOutput

func (InstanceArrayOutput) ToInstanceArrayOutput added in v3.44.0 

func (o InstanceArrayOutput) ToInstanceArrayOutput() InstanceArrayOutput

func (InstanceArrayOutput) ToInstanceArrayOutputWithContext added in v3.44.0 

func (o InstanceArrayOutput) ToInstanceArrayOutputWithContext(ctx context.Context) InstanceArrayOutput

type InstanceBindVpc added in v3.44.0 

type InstanceBindVpc struct {
	// region id.
	RegionId *string `pulumi:"regionId"`
	// VPC ID.
	VpcId *string `pulumi:"vpcId"`
	// VPC owner root user ID.
	VpcOwnerId *int `pulumi:"vpcOwnerId"`
	// vswitch id.
	VswitchId *string `pulumi:"vswitchId"`
}

type InstanceBindVpcArgs added in v3.44.0 

type InstanceBindVpcArgs struct {
	// region id.
	RegionId pulumi.StringPtrInput `pulumi:"regionId"`
	// VPC ID.
	VpcId pulumi.StringPtrInput `pulumi:"vpcId"`
	// VPC owner root user ID.
	VpcOwnerId pulumi.IntPtrInput `pulumi:"vpcOwnerId"`
	// vswitch id.
	VswitchId pulumi.StringPtrInput `pulumi:"vswitchId"`
}

func (InstanceBindVpcArgs) ElementType added in v3.44.0 

func (InstanceBindVpcArgs) ElementType() reflect.Type

func (InstanceBindVpcArgs) ToInstanceBindVpcOutput added in v3.44.0 

func (i InstanceBindVpcArgs) ToInstanceBindVpcOutput() InstanceBindVpcOutput

func (InstanceBindVpcArgs) ToInstanceBindVpcOutputWithContext added in v3.44.0 

func (i InstanceBindVpcArgs) ToInstanceBindVpcOutputWithContext(ctx context.Context) InstanceBindVpcOutput

type InstanceBindVpcArray added in v3.44.0 

type InstanceBindVpcArray []InstanceBindVpcInput

func (InstanceBindVpcArray) ElementType added in v3.44.0 

func (InstanceBindVpcArray) ElementType() reflect.Type

func (InstanceBindVpcArray) ToInstanceBindVpcArrayOutput added in v3.44.0 

func (i InstanceBindVpcArray) ToInstanceBindVpcArrayOutput() InstanceBindVpcArrayOutput

func (InstanceBindVpcArray) ToInstanceBindVpcArrayOutputWithContext added in v3.44.0 

func (i InstanceBindVpcArray) ToInstanceBindVpcArrayOutputWithContext(ctx context.Context) InstanceBindVpcArrayOutput

type InstanceBindVpcArrayInput added in v3.44.0 

type InstanceBindVpcArrayInput interface {
	pulumi.Input

	ToInstanceBindVpcArrayOutput() InstanceBindVpcArrayOutput
	ToInstanceBindVpcArrayOutputWithContext(context.Context) InstanceBindVpcArrayOutput
}

InstanceBindVpcArrayInput is an input type that accepts InstanceBindVpcArray and InstanceBindVpcArrayOutput values. You can construct a concrete instance of `InstanceBindVpcArrayInput` via: 

InstanceBindVpcArray{ InstanceBindVpcArgs{...} }

type InstanceBindVpcArrayOutput added in v3.44.0 

type InstanceBindVpcArrayOutput struct{ *pulumi.OutputState }

func (InstanceBindVpcArrayOutput) ElementType added in v3.44.0 

func (InstanceBindVpcArrayOutput) ElementType() reflect.Type

func (InstanceBindVpcArrayOutput) Index added in v3.44.0 

func (o InstanceBindVpcArrayOutput) Index(i pulumi.IntInput) InstanceBindVpcOutput

func (InstanceBindVpcArrayOutput) ToInstanceBindVpcArrayOutput added in v3.44.0 

func (o InstanceBindVpcArrayOutput) ToInstanceBindVpcArrayOutput() InstanceBindVpcArrayOutput

func (InstanceBindVpcArrayOutput) ToInstanceBindVpcArrayOutputWithContext added in v3.44.0 

func (o InstanceBindVpcArrayOutput) ToInstanceBindVpcArrayOutputWithContext(ctx context.Context) InstanceBindVpcArrayOutput

type InstanceBindVpcInput added in v3.44.0 

type InstanceBindVpcInput interface {
	pulumi.Input

	ToInstanceBindVpcOutput() InstanceBindVpcOutput
	ToInstanceBindVpcOutputWithContext(context.Context) InstanceBindVpcOutput
}

InstanceBindVpcInput is an input type that accepts InstanceBindVpcArgs and InstanceBindVpcOutput values. You can construct a concrete instance of `InstanceBindVpcInput` via: 

InstanceBindVpcArgs{...}

type InstanceBindVpcOutput added in v3.44.0 

type InstanceBindVpcOutput struct{ *pulumi.OutputState }

func (InstanceBindVpcOutput) ElementType added in v3.44.0 

func (InstanceBindVpcOutput) ElementType() reflect.Type

func (InstanceBindVpcOutput) RegionId added in v3.44.0 

func (o InstanceBindVpcOutput) RegionId() pulumi.StringPtrOutput

region id.

func (InstanceBindVpcOutput) ToInstanceBindVpcOutput added in v3.44.0 

func (o InstanceBindVpcOutput) ToInstanceBindVpcOutput() InstanceBindVpcOutput

func (InstanceBindVpcOutput) ToInstanceBindVpcOutputWithContext added in v3.44.0 

func (o InstanceBindVpcOutput) ToInstanceBindVpcOutputWithContext(ctx context.Context) InstanceBindVpcOutput

func (InstanceBindVpcOutput) VpcId added in v3.44.0 

func (o InstanceBindVpcOutput) VpcId() pulumi.StringPtrOutput

VPC ID.

func (InstanceBindVpcOutput) VpcOwnerId added in v3.44.0 

func (o InstanceBindVpcOutput) VpcOwnerId() pulumi.IntPtrOutput

VPC owner root user ID.

func (InstanceBindVpcOutput) VswitchId added in v3.44.0 

func (o InstanceBindVpcOutput) VswitchId() pulumi.StringPtrOutput

vswitch id.

type InstanceInput added in v3.44.0 

type InstanceInput interface {
	pulumi.Input

	ToInstanceOutput() InstanceOutput
	ToInstanceOutputWithContext(ctx context.Context) InstanceOutput
}

type InstanceMap added in v3.44.0 

type InstanceMap map[string]InstanceInput

func (InstanceMap) ElementType added in v3.44.0 

func (InstanceMap) ElementType() reflect.Type

func (InstanceMap) ToInstanceMapOutput added in v3.44.0 

func (i InstanceMap) ToInstanceMapOutput() InstanceMapOutput

func (InstanceMap) ToInstanceMapOutputWithContext added in v3.44.0 

func (i InstanceMap) ToInstanceMapOutputWithContext(ctx context.Context) InstanceMapOutput

type InstanceMapInput added in v3.44.0 

type InstanceMapInput interface {
	pulumi.Input

	ToInstanceMapOutput() InstanceMapOutput
	ToInstanceMapOutputWithContext(context.Context) InstanceMapOutput
}

InstanceMapInput is an input type that accepts InstanceMap and InstanceMapOutput values. You can construct a concrete instance of `InstanceMapInput` via: 

InstanceMap{ "key": InstanceArgs{...} }

type InstanceMapOutput added in v3.44.0 

type InstanceMapOutput struct{ *pulumi.OutputState }

func (InstanceMapOutput) ElementType added in v3.44.0 

func (InstanceMapOutput) ElementType() reflect.Type

func (InstanceMapOutput) MapIndex added in v3.44.0 

func (o InstanceMapOutput) MapIndex(k pulumi.StringInput) InstanceOutput

func (InstanceMapOutput) ToInstanceMapOutput added in v3.44.0 

func (o InstanceMapOutput) ToInstanceMapOutput() InstanceMapOutput

func (InstanceMapOutput) ToInstanceMapOutputWithContext added in v3.44.0 

func (o InstanceMapOutput) ToInstanceMapOutputWithContext(ctx context.Context) InstanceMapOutput

type InstanceOutput added in v3.44.0 

type InstanceOutput struct{ *pulumi.OutputState }

func (InstanceOutput) BindVpcs added in v3.44.0 

func (o InstanceOutput) BindVpcs() InstanceBindVpcArrayOutput

Aucillary VPCs used to access this KMS instance. See `bindVpcs` below.

func (InstanceOutput) CaCertificateChainPem added in v3.44.0 

func (o InstanceOutput) CaCertificateChainPem() pulumi.StringOutput

KMS instance certificate chain in PEM format.

func (InstanceOutput) CreateTime added in v3.44.0 

func (o InstanceOutput) CreateTime() pulumi.StringOutput

The creation time of the resource.

func (InstanceOutput) ElementType added in v3.44.0 

func (InstanceOutput) ElementType() reflect.Type

func (InstanceOutput) InstanceName added in v3.44.0 

func (o InstanceOutput) InstanceName() pulumi.StringOutput

The name of the resource.

func (InstanceOutput) KeyNum added in v3.44.0 

func (o InstanceOutput) KeyNum() pulumi.IntOutput

Maximum number of stored keys.

func (InstanceOutput) Log added in v3.48.0 

func (o InstanceOutput) Log() pulumi.StringOutput

Instance Audit Log Switch.

func (InstanceOutput) LogStorage added in v3.48.0 

func (o InstanceOutput) LogStorage() pulumi.IntOutput

Instance log capacity.

func (InstanceOutput) Period added in v3.48.0 

func (o InstanceOutput) Period() pulumi.IntPtrOutput

Purchase cycle, in months.

func (InstanceOutput) ProductVersion added in v3.44.0 

func (o InstanceOutput) ProductVersion() pulumi.StringPtrOutput

KMS Instance commodity type (software/hardware).

func (InstanceOutput) RenewPeriod added in v3.44.0 

func (o InstanceOutput) RenewPeriod() pulumi.IntPtrOutput

Automatic renewal period, in months.

func (InstanceOutput) RenewStatus added in v3.44.0 

func (o InstanceOutput) RenewStatus() pulumi.StringPtrOutput

Renewal options (manual renewal, automatic renewal, no renewal).

func (InstanceOutput) SecretNum added in v3.44.0 

func (o InstanceOutput) SecretNum() pulumi.IntOutput

Maximum number of Secrets.

func (InstanceOutput) Spec added in v3.44.0 

func (o InstanceOutput) Spec() pulumi.IntOutput

The computation performance level of the KMS instance.

func (InstanceOutput) Status added in v3.44.0 

func (o InstanceOutput) Status() pulumi.StringOutput

Instance status.

func (InstanceOutput) ToInstanceOutput added in v3.44.0 

func (o InstanceOutput) ToInstanceOutput() InstanceOutput

func (InstanceOutput) ToInstanceOutputWithContext added in v3.44.0 

func (o InstanceOutput) ToInstanceOutputWithContext(ctx context.Context) InstanceOutput

func (InstanceOutput) VpcId added in v3.44.0 

func (o InstanceOutput) VpcId() pulumi.StringOutput

Instance VPC id.

func (InstanceOutput) VpcNum added in v3.44.0 

func (o InstanceOutput) VpcNum() pulumi.IntOutput

The number of managed accesses. The maximum number of VPCs that can access this KMS instance.

func (InstanceOutput) VswitchIds added in v3.44.0 

func (o InstanceOutput) VswitchIds() pulumi.StringArrayOutput

Instance bind vswitches.

func (InstanceOutput) ZoneIds added in v3.44.0 

func (o InstanceOutput) ZoneIds() pulumi.StringArrayOutput

zone id.

type InstanceState added in v3.44.0 

type InstanceState struct {
	// Aucillary VPCs used to access this KMS instance. See `bindVpcs` below.
	BindVpcs InstanceBindVpcArrayInput
	// KMS instance certificate chain in PEM format.
	CaCertificateChainPem pulumi.StringPtrInput
	// The creation time of the resource.
	CreateTime pulumi.StringPtrInput
	// The name of the resource.
	InstanceName pulumi.StringPtrInput
	// Maximum number of stored keys.
	KeyNum pulumi.IntPtrInput
	// Instance Audit Log Switch.
	Log pulumi.StringPtrInput
	// Instance log capacity.
	LogStorage pulumi.IntPtrInput
	// Purchase cycle, in months.
	Period pulumi.IntPtrInput
	// KMS Instance commodity type (software/hardware).
	ProductVersion pulumi.StringPtrInput
	// Automatic renewal period, in months.
	RenewPeriod pulumi.IntPtrInput
	// Renewal options (manual renewal, automatic renewal, no renewal).
	RenewStatus pulumi.StringPtrInput
	// Maximum number of Secrets.
	SecretNum pulumi.IntPtrInput
	// The computation performance level of the KMS instance.
	Spec pulumi.IntPtrInput
	// Instance status.
	Status pulumi.StringPtrInput
	// Instance VPC id.
	VpcId pulumi.StringPtrInput
	// The number of managed accesses. The maximum number of VPCs that can access this KMS instance.
	VpcNum pulumi.IntPtrInput
	// Instance bind vswitches.
	VswitchIds pulumi.StringArrayInput
	// zone id.
	ZoneIds pulumi.StringArrayInput
}

func (InstanceState) ElementType added in v3.44.0 

func (InstanceState) ElementType() reflect.Type

type Key 

type Key struct {
	pulumi.CustomResourceState

	// The Alicloud Resource Name (ARN) of the key.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Specifies whether to enable automatic key rotation. Default value: `Disabled`. Valid values:
	AutomaticRotation pulumi.StringOutput `pulumi:"automaticRotation"`
	// The date and time when the CMK was created. The time is displayed in UTC.
	CreationDate pulumi.StringOutput `pulumi:"creationDate"`
	// The creator of the CMK.
	Creator pulumi.StringOutput `pulumi:"creator"`
	// The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
	DeleteDate pulumi.StringOutput `pulumi:"deleteDate"`
	// Field `deletionWindowInDays` has been deprecated from provider version 1.85.0. New field `pendingWindowInDays` instead.
	//
	// Deprecated: Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
	DeletionWindowInDays pulumi.IntOutput `pulumi:"deletionWindowInDays"`
	// The description of the CMK. The description can be 0 to 8,192 characters in length.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrOutput `pulumi:"dkmsInstanceId"`
	// Field `isEnabled` has been deprecated from provider version 1.85.0. New field `status` instead.
	//
	// Deprecated: Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
	IsEnabled pulumi.BoolPtrOutput `pulumi:"isEnabled"`
	// The type of the CMK. Default value: `Aliyun_AES_256`. Valid values:
	// `Aliyun_AES_256`, `Aliyun_AES_128`, `Aliyun_AES_192`, `Aliyun_SM4`, `RSA_2048`, `RSA_3072`, `EC_P256`, `EC_P256K`, `EC_SM2`.
	// Note: The default type of the CMK is `Aliyun_AES_256`. Only Dedicated KMS supports `Aliyun_AES_128` and `Aliyun_AES_192`.
	KeySpec pulumi.StringOutput `pulumi:"keySpec"`
	// Field `keyState` has been deprecated from provider version 1.123.1. New field `status` instead.
	//
	// Deprecated: Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
	KeyState pulumi.StringOutput `pulumi:"keyState"`
	// The usage of the CMK. Default value: `ENCRYPT/DECRYPT`. Valid values:
	// - `ENCRYPT/DECRYPT`: encrypts or decrypts data.
	// - `SIGN/VERIFY`: generates or verifies a digital signature.
	KeyUsage pulumi.StringOutput `pulumi:"keyUsage"`
	// The date and time the last rotation was performed. The time is displayed in UTC.
	LastRotationDate pulumi.StringOutput `pulumi:"lastRotationDate"`
	// The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
	MaterialExpireTime pulumi.StringOutput `pulumi:"materialExpireTime"`
	// The time the next rotation is scheduled for execution.
	NextRotationDate pulumi.StringOutput `pulumi:"nextRotationDate"`
	// The source of key material. Default value: `Aliyun_KMS`. Valid values:
	Origin pulumi.StringOutput `pulumi:"origin"`
	// The number of days before the CMK is deleted.
	// During this period, the CMK is in the PendingDeletion state.
	// After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days.
	// **NOTE:** From version 1.184.0, `pendingWindowInDays` can be set to `366`.
	PendingWindowInDays pulumi.IntOutput `pulumi:"pendingWindowInDays"`
	// The ID of the current primary key version of the symmetric CMK.
	PrimaryKeyVersion pulumi.StringOutput `pulumi:"primaryKeyVersion"`
	// The protection level of the CMK. Default value: `SOFTWARE`. Valid values:
	ProtectionLevel pulumi.StringPtrOutput `pulumi:"protectionLevel"`
	// The interval for automatic key rotation. Specify the value in the integer[unit] format.
	// The following units are supported: d (day), h (hour), m (minute), and s (second).
	// For example, you can use either 7d or 604800s to specify a seven-day interval.
	// The interval can range from 7 days to 730 days.
	// **NOTE**: It is Required when `automaticRotation = "Enabled"`
	//
	// > **NOTE:** When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
	RotationInterval pulumi.StringPtrOutput `pulumi:"rotationInterval"`
	// The status of CMK. Default value: `Enabled`. Valid Values:
	Status pulumi.StringOutput `pulumi:"status"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapOutput `pulumi:"tags"`
}

A kms key can help user to protect data security in the transmission process. For information about Alikms Key and how to use it, see [What is Resource Alikms Key](https://www.alibabacloud.com/help/doc-detail/28947.htm).

> **NOTE:** Available since v1.85.0.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
			Description:         pulumi.String("Hello KMS"),
			PendingWindowInDays: pulumi.Int(7),
			Status:              pulumi.String("Enabled"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Alikms key can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/key:Key example <id> ```

func GetKey 

func GetKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *KeyState, opts ...pulumi.ResourceOption) (*Key, error)

GetKey gets an existing Key resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKey 

func NewKey(ctx *pulumi.Context,
	name string, args *KeyArgs, opts ...pulumi.ResourceOption) (*Key, error)

NewKey registers a new resource with the given unique name, arguments, and options.

func (*Key) ElementType 

func (*Key) ElementType() reflect.Type

func (*Key) ToKeyOutput 

func (i *Key) ToKeyOutput() KeyOutput

func (*Key) ToKeyOutputWithContext 

func (i *Key) ToKeyOutputWithContext(ctx context.Context) KeyOutput

type KeyArgs 

type KeyArgs struct {
	// Specifies whether to enable automatic key rotation. Default value: `Disabled`. Valid values:
	AutomaticRotation pulumi.StringPtrInput
	// Field `deletionWindowInDays` has been deprecated from provider version 1.85.0. New field `pendingWindowInDays` instead.
	//
	// Deprecated: Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
	DeletionWindowInDays pulumi.IntPtrInput
	// The description of the CMK. The description can be 0 to 8,192 characters in length.
	Description pulumi.StringPtrInput
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrInput
	// Field `isEnabled` has been deprecated from provider version 1.85.0. New field `status` instead.
	//
	// Deprecated: Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
	IsEnabled pulumi.BoolPtrInput
	// The type of the CMK. Default value: `Aliyun_AES_256`. Valid values:
	// `Aliyun_AES_256`, `Aliyun_AES_128`, `Aliyun_AES_192`, `Aliyun_SM4`, `RSA_2048`, `RSA_3072`, `EC_P256`, `EC_P256K`, `EC_SM2`.
	// Note: The default type of the CMK is `Aliyun_AES_256`. Only Dedicated KMS supports `Aliyun_AES_128` and `Aliyun_AES_192`.
	KeySpec pulumi.StringPtrInput
	// Field `keyState` has been deprecated from provider version 1.123.1. New field `status` instead.
	//
	// Deprecated: Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
	KeyState pulumi.StringPtrInput
	// The usage of the CMK. Default value: `ENCRYPT/DECRYPT`. Valid values:
	// - `ENCRYPT/DECRYPT`: encrypts or decrypts data.
	// - `SIGN/VERIFY`: generates or verifies a digital signature.
	KeyUsage pulumi.StringPtrInput
	// The source of key material. Default value: `Aliyun_KMS`. Valid values:
	Origin pulumi.StringPtrInput
	// The number of days before the CMK is deleted.
	// During this period, the CMK is in the PendingDeletion state.
	// After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days.
	// **NOTE:** From version 1.184.0, `pendingWindowInDays` can be set to `366`.
	PendingWindowInDays pulumi.IntPtrInput
	// The protection level of the CMK. Default value: `SOFTWARE`. Valid values:
	ProtectionLevel pulumi.StringPtrInput
	// The interval for automatic key rotation. Specify the value in the integer[unit] format.
	// The following units are supported: d (day), h (hour), m (minute), and s (second).
	// For example, you can use either 7d or 604800s to specify a seven-day interval.
	// The interval can range from 7 days to 730 days.
	// **NOTE**: It is Required when `automaticRotation = "Enabled"`
	//
	// > **NOTE:** When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
	RotationInterval pulumi.StringPtrInput
	// The status of CMK. Default value: `Enabled`. Valid Values:
	Status pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
}

The set of arguments for constructing a Key resource.

func (KeyArgs) ElementType 

func (KeyArgs) ElementType() reflect.Type

type KeyArray 

type KeyArray []KeyInput

func (KeyArray) ElementType 

func (KeyArray) ElementType() reflect.Type

func (KeyArray) ToKeyArrayOutput 

func (i KeyArray) ToKeyArrayOutput() KeyArrayOutput

func (KeyArray) ToKeyArrayOutputWithContext 

func (i KeyArray) ToKeyArrayOutputWithContext(ctx context.Context) KeyArrayOutput

type KeyArrayInput 

type KeyArrayInput interface {
	pulumi.Input

	ToKeyArrayOutput() KeyArrayOutput
	ToKeyArrayOutputWithContext(context.Context) KeyArrayOutput
}

KeyArrayInput is an input type that accepts KeyArray and KeyArrayOutput values. You can construct a concrete instance of `KeyArrayInput` via: 

KeyArray{ KeyArgs{...} }

type KeyArrayOutput 

type KeyArrayOutput struct{ *pulumi.OutputState }

func (KeyArrayOutput) ElementType 

func (KeyArrayOutput) ElementType() reflect.Type

func (KeyArrayOutput) Index 

func (o KeyArrayOutput) Index(i pulumi.IntInput) KeyOutput

func (KeyArrayOutput) ToKeyArrayOutput 

func (o KeyArrayOutput) ToKeyArrayOutput() KeyArrayOutput

func (KeyArrayOutput) ToKeyArrayOutputWithContext 

func (o KeyArrayOutput) ToKeyArrayOutputWithContext(ctx context.Context) KeyArrayOutput

type KeyInput 

type KeyInput interface {
	pulumi.Input

	ToKeyOutput() KeyOutput
	ToKeyOutputWithContext(ctx context.Context) KeyOutput
}

type KeyMap 

type KeyMap map[string]KeyInput

func (KeyMap) ElementType 

func (KeyMap) ElementType() reflect.Type

func (KeyMap) ToKeyMapOutput 

func (i KeyMap) ToKeyMapOutput() KeyMapOutput

func (KeyMap) ToKeyMapOutputWithContext 

func (i KeyMap) ToKeyMapOutputWithContext(ctx context.Context) KeyMapOutput

type KeyMapInput 

type KeyMapInput interface {
	pulumi.Input

	ToKeyMapOutput() KeyMapOutput
	ToKeyMapOutputWithContext(context.Context) KeyMapOutput
}

KeyMapInput is an input type that accepts KeyMap and KeyMapOutput values. You can construct a concrete instance of `KeyMapInput` via: 

KeyMap{ "key": KeyArgs{...} }

type KeyMapOutput 

type KeyMapOutput struct{ *pulumi.OutputState }

func (KeyMapOutput) ElementType 

func (KeyMapOutput) ElementType() reflect.Type

func (KeyMapOutput) MapIndex 

func (o KeyMapOutput) MapIndex(k pulumi.StringInput) KeyOutput

func (KeyMapOutput) ToKeyMapOutput 

func (o KeyMapOutput) ToKeyMapOutput() KeyMapOutput

func (KeyMapOutput) ToKeyMapOutputWithContext 

func (o KeyMapOutput) ToKeyMapOutputWithContext(ctx context.Context) KeyMapOutput

type KeyOutput 

type KeyOutput struct{ *pulumi.OutputState }

func (KeyOutput) Arn added in v3.27.0 

func (o KeyOutput) Arn() pulumi.StringOutput

The Alicloud Resource Name (ARN) of the key.

func (KeyOutput) AutomaticRotation added in v3.27.0 

func (o KeyOutput) AutomaticRotation() pulumi.StringOutput

Specifies whether to enable automatic key rotation. Default value: `Disabled`. Valid values:

func (KeyOutput) CreationDate added in v3.27.0 

func (o KeyOutput) CreationDate() pulumi.StringOutput

The date and time when the CMK was created. The time is displayed in UTC.

func (KeyOutput) Creator added in v3.27.0 

func (o KeyOutput) Creator() pulumi.StringOutput

The creator of the CMK.

func (KeyOutput) DeleteDate added in v3.27.0 

func (o KeyOutput) DeleteDate() pulumi.StringOutput

The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.

func (KeyOutput) DeletionWindowInDays deprecated added in v3.27.0 

func (o KeyOutput) DeletionWindowInDays() pulumi.IntOutput

Field `deletionWindowInDays` has been deprecated from provider version 1.85.0. New field `pendingWindowInDays` instead.

Deprecated: Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.

func (KeyOutput) Description added in v3.27.0 

func (o KeyOutput) Description() pulumi.StringPtrOutput

The description of the CMK. The description can be 0 to 8,192 characters in length.

func (KeyOutput) DkmsInstanceId added in v3.29.0 

func (o KeyOutput) DkmsInstanceId() pulumi.StringPtrOutput

The instance ID of the exclusive KMS instance.

func (KeyOutput) ElementType 

func (KeyOutput) ElementType() reflect.Type

func (KeyOutput) IsEnabled deprecated added in v3.27.0 

func (o KeyOutput) IsEnabled() pulumi.BoolPtrOutput

Field `isEnabled` has been deprecated from provider version 1.85.0. New field `status` instead.

Deprecated: Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.

func (KeyOutput) KeySpec added in v3.27.0 

func (o KeyOutput) KeySpec() pulumi.StringOutput

The type of the CMK. Default value: `Aliyun_AES_256`. Valid values: `Aliyun_AES_256`, `Aliyun_AES_128`, `Aliyun_AES_192`, `Aliyun_SM4`, `RSA_2048`, `RSA_3072`, `EC_P256`, `EC_P256K`, `EC_SM2`. Note: The default type of the CMK is `Aliyun_AES_256`. Only Dedicated KMS supports `Aliyun_AES_128` and `Aliyun_AES_192`.

func (KeyOutput) KeyState deprecated added in v3.27.0 

func (o KeyOutput) KeyState() pulumi.StringOutput

Field `keyState` has been deprecated from provider version 1.123.1. New field `status` instead.

Deprecated: Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.

func (KeyOutput) KeyUsage added in v3.27.0 

func (o KeyOutput) KeyUsage() pulumi.StringOutput

The usage of the CMK. Default value: `ENCRYPT/DECRYPT`. Valid values: - `ENCRYPT/DECRYPT`: encrypts or decrypts data. - `SIGN/VERIFY`: generates or verifies a digital signature.

func (KeyOutput) LastRotationDate added in v3.27.0 

func (o KeyOutput) LastRotationDate() pulumi.StringOutput

The date and time the last rotation was performed. The time is displayed in UTC.

func (KeyOutput) MaterialExpireTime added in v3.27.0 

func (o KeyOutput) MaterialExpireTime() pulumi.StringOutput

The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

func (KeyOutput) NextRotationDate added in v3.27.0 

func (o KeyOutput) NextRotationDate() pulumi.StringOutput

The time the next rotation is scheduled for execution.

func (KeyOutput) Origin added in v3.27.0 

func (o KeyOutput) Origin() pulumi.StringOutput

The source of key material. Default value: `Aliyun_KMS`. Valid values:

func (KeyOutput) PendingWindowInDays added in v3.27.0 

func (o KeyOutput) PendingWindowInDays() pulumi.IntOutput

The number of days before the CMK is deleted. During this period, the CMK is in the PendingDeletion state. After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days. **NOTE:** From version 1.184.0, `pendingWindowInDays` can be set to `366`.

func (KeyOutput) PrimaryKeyVersion added in v3.27.0 

func (o KeyOutput) PrimaryKeyVersion() pulumi.StringOutput

The ID of the current primary key version of the symmetric CMK.

func (KeyOutput) ProtectionLevel added in v3.27.0 

func (o KeyOutput) ProtectionLevel() pulumi.StringPtrOutput

The protection level of the CMK. Default value: `SOFTWARE`. Valid values:

func (KeyOutput) RotationInterval added in v3.27.0 

func (o KeyOutput) RotationInterval() pulumi.StringPtrOutput

The interval for automatic key rotation. Specify the value in the integer[unit] format. The following units are supported: d (day), h (hour), m (minute), and s (second). For example, you can use either 7d or 604800s to specify a seven-day interval. The interval can range from 7 days to 730 days. **NOTE**: It is Required when `automaticRotation = "Enabled"`

> **NOTE:** When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.

func (KeyOutput) Status added in v3.27.0 

func (o KeyOutput) Status() pulumi.StringOutput

The status of CMK. Default value: `Enabled`. Valid Values:

func (KeyOutput) Tags added in v3.39.0 

func (o KeyOutput) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (KeyOutput) ToKeyOutput 

func (o KeyOutput) ToKeyOutput() KeyOutput

func (KeyOutput) ToKeyOutputWithContext 

func (o KeyOutput) ToKeyOutputWithContext(ctx context.Context) KeyOutput

type KeyState 

type KeyState struct {
	// The Alicloud Resource Name (ARN) of the key.
	Arn pulumi.StringPtrInput
	// Specifies whether to enable automatic key rotation. Default value: `Disabled`. Valid values:
	AutomaticRotation pulumi.StringPtrInput
	// The date and time when the CMK was created. The time is displayed in UTC.
	CreationDate pulumi.StringPtrInput
	// The creator of the CMK.
	Creator pulumi.StringPtrInput
	// The scheduled date to delete CMK. The time is displayed in UTC. This value is returned only when the KeyState value is PendingDeletion.
	DeleteDate pulumi.StringPtrInput
	// Field `deletionWindowInDays` has been deprecated from provider version 1.85.0. New field `pendingWindowInDays` instead.
	//
	// Deprecated: Field 'deletion_window_in_days' has been deprecated from provider version 1.85.0. New field 'pending_window_in_days' instead.
	DeletionWindowInDays pulumi.IntPtrInput
	// The description of the CMK. The description can be 0 to 8,192 characters in length.
	Description pulumi.StringPtrInput
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrInput
	// Field `isEnabled` has been deprecated from provider version 1.85.0. New field `status` instead.
	//
	// Deprecated: Field 'is_enabled' has been deprecated from provider version 1.85.0. New field 'key_state' instead.
	IsEnabled pulumi.BoolPtrInput
	// The type of the CMK. Default value: `Aliyun_AES_256`. Valid values:
	// `Aliyun_AES_256`, `Aliyun_AES_128`, `Aliyun_AES_192`, `Aliyun_SM4`, `RSA_2048`, `RSA_3072`, `EC_P256`, `EC_P256K`, `EC_SM2`.
	// Note: The default type of the CMK is `Aliyun_AES_256`. Only Dedicated KMS supports `Aliyun_AES_128` and `Aliyun_AES_192`.
	KeySpec pulumi.StringPtrInput
	// Field `keyState` has been deprecated from provider version 1.123.1. New field `status` instead.
	//
	// Deprecated: Field 'key_state' has been deprecated from provider version 1.123.1. New field 'status' instead.
	KeyState pulumi.StringPtrInput
	// The usage of the CMK. Default value: `ENCRYPT/DECRYPT`. Valid values:
	// - `ENCRYPT/DECRYPT`: encrypts or decrypts data.
	// - `SIGN/VERIFY`: generates or verifies a digital signature.
	KeyUsage pulumi.StringPtrInput
	// The date and time the last rotation was performed. The time is displayed in UTC.
	LastRotationDate pulumi.StringPtrInput
	// The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.
	MaterialExpireTime pulumi.StringPtrInput
	// The time the next rotation is scheduled for execution.
	NextRotationDate pulumi.StringPtrInput
	// The source of key material. Default value: `Aliyun_KMS`. Valid values:
	Origin pulumi.StringPtrInput
	// The number of days before the CMK is deleted.
	// During this period, the CMK is in the PendingDeletion state.
	// After this period ends, you cannot cancel the deletion. Valid values: 7 to 366. Unit: days.
	// **NOTE:** From version 1.184.0, `pendingWindowInDays` can be set to `366`.
	PendingWindowInDays pulumi.IntPtrInput
	// The ID of the current primary key version of the symmetric CMK.
	PrimaryKeyVersion pulumi.StringPtrInput
	// The protection level of the CMK. Default value: `SOFTWARE`. Valid values:
	ProtectionLevel pulumi.StringPtrInput
	// The interval for automatic key rotation. Specify the value in the integer[unit] format.
	// The following units are supported: d (day), h (hour), m (minute), and s (second).
	// For example, you can use either 7d or 604800s to specify a seven-day interval.
	// The interval can range from 7 days to 730 days.
	// **NOTE**: It is Required when `automaticRotation = "Enabled"`
	//
	// > **NOTE:** When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
	RotationInterval pulumi.StringPtrInput
	// The status of CMK. Default value: `Enabled`. Valid Values:
	Status pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
}

func (KeyState) ElementType 

func (KeyState) ElementType() reflect.Type

type KeyVersion 

type KeyVersion struct {
	pulumi.CustomResourceState

	// The id of the master key (CMK).
	//
	// > **NOTE:** The minimum interval for creating a Alikms key version is 7 days.
	KeyId pulumi.StringOutput `pulumi:"keyId"`
	// The id of the Alikms key version.
	KeyVersionId pulumi.StringOutput `pulumi:"keyVersionId"`
}

Provides a Alikms Key Version resource. For information about Alikms Key Version and how to use it, see [What is Resource Alikms Key Version](https://www.alibabacloud.com/help/doc-detail/133838.htm).

> **NOTE:** Available in v1.85.0+.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		this, err := kms.NewKey(ctx, "this", nil)
		if err != nil {
			return err
		}
		_, err = kms.NewKeyVersion(ctx, "keyversion", &kms.KeyVersionArgs{
			KeyId: this.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Alikms key version can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/keyVersion:KeyVersion example 72da539a-2fa8-4f2d-b854-***** ```

func GetKeyVersion 

func GetKeyVersion(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *KeyVersionState, opts ...pulumi.ResourceOption) (*KeyVersion, error)

GetKeyVersion gets an existing KeyVersion resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKeyVersion 

func NewKeyVersion(ctx *pulumi.Context,
	name string, args *KeyVersionArgs, opts ...pulumi.ResourceOption) (*KeyVersion, error)

NewKeyVersion registers a new resource with the given unique name, arguments, and options.

func (*KeyVersion) ElementType 

func (*KeyVersion) ElementType() reflect.Type

func (*KeyVersion) ToKeyVersionOutput 

func (i *KeyVersion) ToKeyVersionOutput() KeyVersionOutput

func (*KeyVersion) ToKeyVersionOutputWithContext 

func (i *KeyVersion) ToKeyVersionOutputWithContext(ctx context.Context) KeyVersionOutput

type KeyVersionArgs 

type KeyVersionArgs struct {
	// The id of the master key (CMK).
	//
	// > **NOTE:** The minimum interval for creating a Alikms key version is 7 days.
	KeyId pulumi.StringInput
}

The set of arguments for constructing a KeyVersion resource.

func (KeyVersionArgs) ElementType 

func (KeyVersionArgs) ElementType() reflect.Type

type KeyVersionArray 

type KeyVersionArray []KeyVersionInput

func (KeyVersionArray) ElementType 

func (KeyVersionArray) ElementType() reflect.Type

func (KeyVersionArray) ToKeyVersionArrayOutput 

func (i KeyVersionArray) ToKeyVersionArrayOutput() KeyVersionArrayOutput

func (KeyVersionArray) ToKeyVersionArrayOutputWithContext 

func (i KeyVersionArray) ToKeyVersionArrayOutputWithContext(ctx context.Context) KeyVersionArrayOutput

type KeyVersionArrayInput 

type KeyVersionArrayInput interface {
	pulumi.Input

	ToKeyVersionArrayOutput() KeyVersionArrayOutput
	ToKeyVersionArrayOutputWithContext(context.Context) KeyVersionArrayOutput
}

KeyVersionArrayInput is an input type that accepts KeyVersionArray and KeyVersionArrayOutput values. You can construct a concrete instance of `KeyVersionArrayInput` via: 

KeyVersionArray{ KeyVersionArgs{...} }

type KeyVersionArrayOutput 

type KeyVersionArrayOutput struct{ *pulumi.OutputState }

func (KeyVersionArrayOutput) ElementType 

func (KeyVersionArrayOutput) ElementType() reflect.Type

func (KeyVersionArrayOutput) Index 

func (o KeyVersionArrayOutput) Index(i pulumi.IntInput) KeyVersionOutput

func (KeyVersionArrayOutput) ToKeyVersionArrayOutput 

func (o KeyVersionArrayOutput) ToKeyVersionArrayOutput() KeyVersionArrayOutput

func (KeyVersionArrayOutput) ToKeyVersionArrayOutputWithContext 

func (o KeyVersionArrayOutput) ToKeyVersionArrayOutputWithContext(ctx context.Context) KeyVersionArrayOutput

type KeyVersionInput 

type KeyVersionInput interface {
	pulumi.Input

	ToKeyVersionOutput() KeyVersionOutput
	ToKeyVersionOutputWithContext(ctx context.Context) KeyVersionOutput
}

type KeyVersionMap 

type KeyVersionMap map[string]KeyVersionInput

func (KeyVersionMap) ElementType 

func (KeyVersionMap) ElementType() reflect.Type

func (KeyVersionMap) ToKeyVersionMapOutput 

func (i KeyVersionMap) ToKeyVersionMapOutput() KeyVersionMapOutput

func (KeyVersionMap) ToKeyVersionMapOutputWithContext 

func (i KeyVersionMap) ToKeyVersionMapOutputWithContext(ctx context.Context) KeyVersionMapOutput

type KeyVersionMapInput 

type KeyVersionMapInput interface {
	pulumi.Input

	ToKeyVersionMapOutput() KeyVersionMapOutput
	ToKeyVersionMapOutputWithContext(context.Context) KeyVersionMapOutput
}

KeyVersionMapInput is an input type that accepts KeyVersionMap and KeyVersionMapOutput values. You can construct a concrete instance of `KeyVersionMapInput` via: 

KeyVersionMap{ "key": KeyVersionArgs{...} }

type KeyVersionMapOutput 

type KeyVersionMapOutput struct{ *pulumi.OutputState }

func (KeyVersionMapOutput) ElementType 

func (KeyVersionMapOutput) ElementType() reflect.Type

func (KeyVersionMapOutput) MapIndex 

func (o KeyVersionMapOutput) MapIndex(k pulumi.StringInput) KeyVersionOutput

func (KeyVersionMapOutput) ToKeyVersionMapOutput 

func (o KeyVersionMapOutput) ToKeyVersionMapOutput() KeyVersionMapOutput

func (KeyVersionMapOutput) ToKeyVersionMapOutputWithContext 

func (o KeyVersionMapOutput) ToKeyVersionMapOutputWithContext(ctx context.Context) KeyVersionMapOutput

type KeyVersionOutput 

type KeyVersionOutput struct{ *pulumi.OutputState }

func (KeyVersionOutput) ElementType 

func (KeyVersionOutput) ElementType() reflect.Type

func (KeyVersionOutput) KeyId added in v3.27.0 

func (o KeyVersionOutput) KeyId() pulumi.StringOutput

The id of the master key (CMK).

> **NOTE:** The minimum interval for creating a Alikms key version is 7 days.

func (KeyVersionOutput) KeyVersionId added in v3.27.0 

func (o KeyVersionOutput) KeyVersionId() pulumi.StringOutput

The id of the Alikms key version.

func (KeyVersionOutput) ToKeyVersionOutput 

func (o KeyVersionOutput) ToKeyVersionOutput() KeyVersionOutput

func (KeyVersionOutput) ToKeyVersionOutputWithContext 

func (o KeyVersionOutput) ToKeyVersionOutputWithContext(ctx context.Context) KeyVersionOutput

type KeyVersionState 

type KeyVersionState struct {
	// The id of the master key (CMK).
	//
	// > **NOTE:** The minimum interval for creating a Alikms key version is 7 days.
	KeyId pulumi.StringPtrInput
	// The id of the Alikms key version.
	KeyVersionId pulumi.StringPtrInput
}

func (KeyVersionState) ElementType 

func (KeyVersionState) ElementType() reflect.Type

type LookupCiphertextArgs 

type LookupCiphertextArgs struct {
	// The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The globally unique ID of the CMK.
	KeyId string `pulumi:"keyId"`
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext string `pulumi:"plaintext"`
}

A collection of arguments for invoking getCiphertext.

type LookupCiphertextOutputArgs added in v3.9.0 

type LookupCiphertextOutputArgs struct {
	// The Encryption context. If you specify this parameter here, it is also required when you call the Decrypt API operation. For more information, see [Encryption Context](https://www.alibabacloud.com/help/doc-detail/42975.htm).
	EncryptionContext pulumi.StringMapInput `pulumi:"encryptionContext"`
	// The globally unique ID of the CMK.
	KeyId pulumi.StringInput `pulumi:"keyId"`
	// The plaintext to be encrypted which must be encoded in Base64.
	Plaintext pulumi.StringInput `pulumi:"plaintext"`
}

A collection of arguments for invoking getCiphertext.

func (LookupCiphertextOutputArgs) ElementType added in v3.9.0 

func (LookupCiphertextOutputArgs) ElementType() reflect.Type

type LookupCiphertextResult 

type LookupCiphertextResult struct {
	// The ciphertext of the data key encrypted with the primary CMK version.
	CiphertextBlob    string            `pulumi:"ciphertextBlob"`
	EncryptionContext map[string]string `pulumi:"encryptionContext"`
	// The provider-assigned unique ID for this managed resource.
	Id        string `pulumi:"id"`
	KeyId     string `pulumi:"keyId"`
	Plaintext string `pulumi:"plaintext"`
}

A collection of values returned by getCiphertext.

func LookupCiphertext 

func LookupCiphertext(ctx *pulumi.Context, args *LookupCiphertextArgs, opts ...pulumi.InvokeOption) (*LookupCiphertextResult, error)

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		key, err := kms.NewKey(ctx, "key", &kms.KeyArgs{
			Description: pulumi.String("example key"),
			IsEnabled:   pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_ = kms.LookupCiphertextOutput(ctx, kms.GetCiphertextOutputArgs{
			KeyId:     key.ID(),
			Plaintext: pulumi.String("example"),
		}, nil)
		return nil
	})
}

```

type LookupCiphertextResultOutput added in v3.9.0 

type LookupCiphertextResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getCiphertext.

func LookupCiphertextOutput added in v3.9.0 

func LookupCiphertextOutput(ctx *pulumi.Context, args LookupCiphertextOutputArgs, opts ...pulumi.InvokeOption) LookupCiphertextResultOutput

func (LookupCiphertextResultOutput) CiphertextBlob added in v3.9.0 

func (o LookupCiphertextResultOutput) CiphertextBlob() pulumi.StringOutput

The ciphertext of the data key encrypted with the primary CMK version.

func (LookupCiphertextResultOutput) ElementType added in v3.9.0 

func (LookupCiphertextResultOutput) ElementType() reflect.Type

func (LookupCiphertextResultOutput) EncryptionContext added in v3.9.0 

func (o LookupCiphertextResultOutput) EncryptionContext() pulumi.StringMapOutput

func (LookupCiphertextResultOutput) Id added in v3.9.0 

func (o LookupCiphertextResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupCiphertextResultOutput) KeyId added in v3.9.0 

func (o LookupCiphertextResultOutput) KeyId() pulumi.StringOutput

func (LookupCiphertextResultOutput) Plaintext added in v3.9.0 

func (o LookupCiphertextResultOutput) Plaintext() pulumi.StringOutput

func (LookupCiphertextResultOutput) ToLookupCiphertextResultOutput added in v3.9.0 

func (o LookupCiphertextResultOutput) ToLookupCiphertextResultOutput() LookupCiphertextResultOutput

func (LookupCiphertextResultOutput) ToLookupCiphertextResultOutputWithContext added in v3.9.0 

func (o LookupCiphertextResultOutput) ToLookupCiphertextResultOutputWithContext(ctx context.Context) LookupCiphertextResultOutput

type NetworkRule added in v3.44.0 

type NetworkRule struct {
	pulumi.CustomResourceState

	// Description.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Network Rule Name.
	NetworkRuleName pulumi.StringOutput `pulumi:"networkRuleName"`
	// Allowed private network addresses.
	SourcePrivateIps pulumi.StringArrayOutput `pulumi:"sourcePrivateIps"`
}

Provides a KMS Network Rule resource. Network rules that can be bound by Application Access Point's policies.

For information about KMS Network Rule and how to use it, see [What is Network Rule](https://www.alibabacloud.com/help/zh/key-management-service/latest/api-createnetworkrule).

> **NOTE:** Available since v1.210.0.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_, err := kms.NewNetworkRule(ctx, "default", &kms.NetworkRuleArgs{
			Description: pulumi.String("example-description"),
			SourcePrivateIps: pulumi.StringArray{
				pulumi.String("10.10.10.10/24"),
				pulumi.String("192.168.17.13"),
				pulumi.String("100.177.24.254"),
			},
			NetworkRuleName: pulumi.String(name),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS Network Rule can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/networkRule:NetworkRule example <id> ```

func GetNetworkRule added in v3.44.0 

func GetNetworkRule(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *NetworkRuleState, opts ...pulumi.ResourceOption) (*NetworkRule, error)

GetNetworkRule gets an existing NetworkRule resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewNetworkRule added in v3.44.0 

func NewNetworkRule(ctx *pulumi.Context,
	name string, args *NetworkRuleArgs, opts ...pulumi.ResourceOption) (*NetworkRule, error)

NewNetworkRule registers a new resource with the given unique name, arguments, and options.

func (*NetworkRule) ElementType added in v3.44.0 

func (*NetworkRule) ElementType() reflect.Type

func (*NetworkRule) ToNetworkRuleOutput added in v3.44.0 

func (i *NetworkRule) ToNetworkRuleOutput() NetworkRuleOutput

func (*NetworkRule) ToNetworkRuleOutputWithContext added in v3.44.0 

func (i *NetworkRule) ToNetworkRuleOutputWithContext(ctx context.Context) NetworkRuleOutput

type NetworkRuleArgs added in v3.44.0 

type NetworkRuleArgs struct {
	// Description.
	Description pulumi.StringPtrInput
	// Network Rule Name.
	NetworkRuleName pulumi.StringPtrInput
	// Allowed private network addresses.
	SourcePrivateIps pulumi.StringArrayInput
}

The set of arguments for constructing a NetworkRule resource.

func (NetworkRuleArgs) ElementType added in v3.44.0 

func (NetworkRuleArgs) ElementType() reflect.Type

type NetworkRuleArray added in v3.44.0 

type NetworkRuleArray []NetworkRuleInput

func (NetworkRuleArray) ElementType added in v3.44.0 

func (NetworkRuleArray) ElementType() reflect.Type

func (NetworkRuleArray) ToNetworkRuleArrayOutput added in v3.44.0 

func (i NetworkRuleArray) ToNetworkRuleArrayOutput() NetworkRuleArrayOutput

func (NetworkRuleArray) ToNetworkRuleArrayOutputWithContext added in v3.44.0 

func (i NetworkRuleArray) ToNetworkRuleArrayOutputWithContext(ctx context.Context) NetworkRuleArrayOutput

type NetworkRuleArrayInput added in v3.44.0 

type NetworkRuleArrayInput interface {
	pulumi.Input

	ToNetworkRuleArrayOutput() NetworkRuleArrayOutput
	ToNetworkRuleArrayOutputWithContext(context.Context) NetworkRuleArrayOutput
}

NetworkRuleArrayInput is an input type that accepts NetworkRuleArray and NetworkRuleArrayOutput values. You can construct a concrete instance of `NetworkRuleArrayInput` via: 

NetworkRuleArray{ NetworkRuleArgs{...} }

type NetworkRuleArrayOutput added in v3.44.0 

type NetworkRuleArrayOutput struct{ *pulumi.OutputState }

func (NetworkRuleArrayOutput) ElementType added in v3.44.0 

func (NetworkRuleArrayOutput) ElementType() reflect.Type

func (NetworkRuleArrayOutput) Index added in v3.44.0 

func (o NetworkRuleArrayOutput) Index(i pulumi.IntInput) NetworkRuleOutput

func (NetworkRuleArrayOutput) ToNetworkRuleArrayOutput added in v3.44.0 

func (o NetworkRuleArrayOutput) ToNetworkRuleArrayOutput() NetworkRuleArrayOutput

func (NetworkRuleArrayOutput) ToNetworkRuleArrayOutputWithContext added in v3.44.0 

func (o NetworkRuleArrayOutput) ToNetworkRuleArrayOutputWithContext(ctx context.Context) NetworkRuleArrayOutput

type NetworkRuleInput added in v3.44.0 

type NetworkRuleInput interface {
	pulumi.Input

	ToNetworkRuleOutput() NetworkRuleOutput
	ToNetworkRuleOutputWithContext(ctx context.Context) NetworkRuleOutput
}

type NetworkRuleMap added in v3.44.0 

type NetworkRuleMap map[string]NetworkRuleInput

func (NetworkRuleMap) ElementType added in v3.44.0 

func (NetworkRuleMap) ElementType() reflect.Type

func (NetworkRuleMap) ToNetworkRuleMapOutput added in v3.44.0 

func (i NetworkRuleMap) ToNetworkRuleMapOutput() NetworkRuleMapOutput

func (NetworkRuleMap) ToNetworkRuleMapOutputWithContext added in v3.44.0 

func (i NetworkRuleMap) ToNetworkRuleMapOutputWithContext(ctx context.Context) NetworkRuleMapOutput

type NetworkRuleMapInput added in v3.44.0 

type NetworkRuleMapInput interface {
	pulumi.Input

	ToNetworkRuleMapOutput() NetworkRuleMapOutput
	ToNetworkRuleMapOutputWithContext(context.Context) NetworkRuleMapOutput
}

NetworkRuleMapInput is an input type that accepts NetworkRuleMap and NetworkRuleMapOutput values. You can construct a concrete instance of `NetworkRuleMapInput` via: 

NetworkRuleMap{ "key": NetworkRuleArgs{...} }

type NetworkRuleMapOutput added in v3.44.0 

type NetworkRuleMapOutput struct{ *pulumi.OutputState }

func (NetworkRuleMapOutput) ElementType added in v3.44.0 

func (NetworkRuleMapOutput) ElementType() reflect.Type

func (NetworkRuleMapOutput) MapIndex added in v3.44.0 

func (o NetworkRuleMapOutput) MapIndex(k pulumi.StringInput) NetworkRuleOutput

func (NetworkRuleMapOutput) ToNetworkRuleMapOutput added in v3.44.0 

func (o NetworkRuleMapOutput) ToNetworkRuleMapOutput() NetworkRuleMapOutput

func (NetworkRuleMapOutput) ToNetworkRuleMapOutputWithContext added in v3.44.0 

func (o NetworkRuleMapOutput) ToNetworkRuleMapOutputWithContext(ctx context.Context) NetworkRuleMapOutput

type NetworkRuleOutput added in v3.44.0 

type NetworkRuleOutput struct{ *pulumi.OutputState }

func (NetworkRuleOutput) Description added in v3.44.0 

func (o NetworkRuleOutput) Description() pulumi.StringPtrOutput

Description.

func (NetworkRuleOutput) ElementType added in v3.44.0 

func (NetworkRuleOutput) ElementType() reflect.Type

func (NetworkRuleOutput) NetworkRuleName added in v3.44.0 

func (o NetworkRuleOutput) NetworkRuleName() pulumi.StringOutput

Network Rule Name.

func (NetworkRuleOutput) SourcePrivateIps added in v3.44.0 

func (o NetworkRuleOutput) SourcePrivateIps() pulumi.StringArrayOutput

Allowed private network addresses.

func (NetworkRuleOutput) ToNetworkRuleOutput added in v3.44.0 

func (o NetworkRuleOutput) ToNetworkRuleOutput() NetworkRuleOutput

func (NetworkRuleOutput) ToNetworkRuleOutputWithContext added in v3.44.0 

func (o NetworkRuleOutput) ToNetworkRuleOutputWithContext(ctx context.Context) NetworkRuleOutput

type NetworkRuleState added in v3.44.0 

type NetworkRuleState struct {
	// Description.
	Description pulumi.StringPtrInput
	// Network Rule Name.
	NetworkRuleName pulumi.StringPtrInput
	// Allowed private network addresses.
	SourcePrivateIps pulumi.StringArrayInput
}

func (NetworkRuleState) ElementType added in v3.44.0 

func (NetworkRuleState) ElementType() reflect.Type

type Policy added in v3.44.0 

type Policy struct {
	pulumi.CustomResourceState

	// Network Rules in JSON struct.
	AccessControlRules pulumi.StringOutput `pulumi:"accessControlRules"`
	// Description.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// KMS instance .
	KmsInstanceId pulumi.StringOutput `pulumi:"kmsInstanceId"`
	// Allowed permissions (RBAC)Optional values:"RbacPermission/Template/CryptoServiceKeyUser" and "RbacPermission/Template/CryptoServiceSecretUser".
	Permissions pulumi.StringArrayOutput `pulumi:"permissions"`
	// Policy Name.
	PolicyName pulumi.StringOutput `pulumi:"policyName"`
	// The resources that the permission policy allows to access.Use "key/${KeyId}" or "key/*"  to specify a key or all keys.Use "secret/${SecretName}" or "secret/*" to specify a secret or all secrets.
	Resources pulumi.StringArrayOutput `pulumi:"resources"`
}

Provides a KMS Policy resource. Permission policies which can be bound to the Application Access Points.

For information about KMS Policy and how to use it, see [What is Policy](https://www.alibabacloud.com/help/zh/key-management-service/latest/api-createpolicy).

> **NOTE:** Available since v1.210.0.

## Import

KMS Policy can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/policy:Policy example <id> ```

func GetPolicy added in v3.44.0 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy added in v3.44.0 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType added in v3.44.0 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput added in v3.44.0 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext added in v3.44.0 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs added in v3.44.0 

type PolicyArgs struct {
	// Network Rules in JSON struct.
	AccessControlRules pulumi.StringInput
	// Description.
	Description pulumi.StringPtrInput
	// KMS instance .
	KmsInstanceId pulumi.StringInput
	// Allowed permissions (RBAC)Optional values:"RbacPermission/Template/CryptoServiceKeyUser" and "RbacPermission/Template/CryptoServiceSecretUser".
	Permissions pulumi.StringArrayInput
	// Policy Name.
	PolicyName pulumi.StringInput
	// The resources that the permission policy allows to access.Use "key/${KeyId}" or "key/*"  to specify a key or all keys.Use "secret/${SecretName}" or "secret/*" to specify a secret or all secrets.
	Resources pulumi.StringArrayInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType added in v3.44.0 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray added in v3.44.0 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType added in v3.44.0 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput added in v3.44.0 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext added in v3.44.0 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput added in v3.44.0 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput added in v3.44.0 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType added in v3.44.0 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index added in v3.44.0 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToPolicyArrayOutput added in v3.44.0 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext added in v3.44.0 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyInput added in v3.44.0 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap added in v3.44.0 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType added in v3.44.0 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput added in v3.44.0 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext added in v3.44.0 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput added in v3.44.0 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput added in v3.44.0 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType added in v3.44.0 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex added in v3.44.0 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToPolicyMapOutput added in v3.44.0 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext added in v3.44.0 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput added in v3.44.0 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) AccessControlRules added in v3.44.0 

func (o PolicyOutput) AccessControlRules() pulumi.StringOutput

Network Rules in JSON struct.

func (PolicyOutput) Description added in v3.44.0 

func (o PolicyOutput) Description() pulumi.StringPtrOutput

Description.

func (PolicyOutput) ElementType added in v3.44.0 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) KmsInstanceId added in v3.44.0 

func (o PolicyOutput) KmsInstanceId() pulumi.StringOutput

KMS instance .

func (PolicyOutput) Permissions added in v3.44.0 

func (o PolicyOutput) Permissions() pulumi.StringArrayOutput

Allowed permissions (RBAC)Optional values:"RbacPermission/Template/CryptoServiceKeyUser" and "RbacPermission/Template/CryptoServiceSecretUser".

func (PolicyOutput) PolicyName added in v3.44.0 

func (o PolicyOutput) PolicyName() pulumi.StringOutput

Policy Name.

func (PolicyOutput) Resources added in v3.44.0 

func (o PolicyOutput) Resources() pulumi.StringArrayOutput

The resources that the permission policy allows to access.Use "key/${KeyId}" or "key/*" to specify a key or all keys.Use "secret/${SecretName}" or "secret/*" to specify a secret or all secrets.

func (PolicyOutput) ToPolicyOutput added in v3.44.0 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext added in v3.44.0 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyState added in v3.44.0 

type PolicyState struct {
	// Network Rules in JSON struct.
	AccessControlRules pulumi.StringPtrInput
	// Description.
	Description pulumi.StringPtrInput
	// KMS instance .
	KmsInstanceId pulumi.StringPtrInput
	// Allowed permissions (RBAC)Optional values:"RbacPermission/Template/CryptoServiceKeyUser" and "RbacPermission/Template/CryptoServiceSecretUser".
	Permissions pulumi.StringArrayInput
	// Policy Name.
	PolicyName pulumi.StringPtrInput
	// The resources that the permission policy allows to access.Use "key/${KeyId}" or "key/*"  to specify a key or all keys.Use "secret/${SecretName}" or "secret/*" to specify a secret or all secrets.
	Resources pulumi.StringArrayInput
}

func (PolicyState) ElementType added in v3.44.0 

func (PolicyState) ElementType() reflect.Type

type Secret 

type Secret struct {
	pulumi.CustomResourceState

	// The Alicloud Resource Name (ARN) of the secret.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// The description of the secret.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrOutput `pulumi:"dkmsInstanceId"`
	// Whether to enable automatic key rotation.
	EnableAutomaticRotation pulumi.BoolPtrOutput `pulumi:"enableAutomaticRotation"`
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrOutput `pulumi:"encryptionKeyId"`
	// The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see [How to use it](https://www.alibabacloud.com/help/en/key-management-service/latest/kms-createsecret).
	ExtendedConfig pulumi.StringPtrOutput `pulumi:"extendedConfig"`
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrOutput `pulumi:"forceDeleteWithoutRecovery"`
	// The time when the secret is scheduled to be deleted.
	PlannedDeleteTime pulumi.StringOutput `pulumi:"plannedDeleteTime"`
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrOutput `pulumi:"recoveryWindowInDays"`
	// The time period of automatic rotation. The format is integer[unit], where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.
	RotationInterval pulumi.StringPtrOutput `pulumi:"rotationInterval"`
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. **NOTE:** From version 1.204.1, attribute `secretData` updating diff will be ignored when `secretType` is not Generic.
	SecretData pulumi.StringOutput `pulumi:"secretData"`
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrOutput `pulumi:"secretDataType"`
	// The name of the secret.
	SecretName pulumi.StringOutput `pulumi:"secretName"`
	// The type of the secret. Valid values:
	SecretType pulumi.StringOutput `pulumi:"secretType"`
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapOutput `pulumi:"tags"`
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringOutput `pulumi:"versionId"`
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayOutput `pulumi:"versionStages"`
}

This resouce used to create a secret and store its initial version.

> **NOTE:** Available in 1.76.0+.

## Example Usage

Basic Usage

```go package main

import ( 

"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := kms.NewSecret(ctx, "default", &kms.SecretArgs{
			SecretName:                 pulumi.String("secret-foo"),
			Description:                pulumi.String("from terraform"),
			SecretData:                 pulumi.String("Secret data."),
			VersionId:                  pulumi.String("000000000001"),
			ForceDeleteWithoutRecovery: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS secret can be imported using the id, e.g.

```sh $ pulumi import alicloud:kms/secret:Secret default <id> ```

func GetSecret 

func GetSecret(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SecretState, opts ...pulumi.ResourceOption) (*Secret, error)

GetSecret gets an existing Secret resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSecret 

func NewSecret(ctx *pulumi.Context,
	name string, args *SecretArgs, opts ...pulumi.ResourceOption) (*Secret, error)

NewSecret registers a new resource with the given unique name, arguments, and options.

func (*Secret) ElementType 

func (*Secret) ElementType() reflect.Type

func (*Secret) ToSecretOutput 

func (i *Secret) ToSecretOutput() SecretOutput

func (*Secret) ToSecretOutputWithContext 

func (i *Secret) ToSecretOutputWithContext(ctx context.Context) SecretOutput

type SecretArgs 

type SecretArgs struct {
	// The description of the secret.
	Description pulumi.StringPtrInput
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrInput
	// Whether to enable automatic key rotation.
	EnableAutomaticRotation pulumi.BoolPtrInput
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrInput
	// The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see [How to use it](https://www.alibabacloud.com/help/en/key-management-service/latest/kms-createsecret).
	ExtendedConfig pulumi.StringPtrInput
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrInput
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrInput
	// The time period of automatic rotation. The format is integer[unit], where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.
	RotationInterval pulumi.StringPtrInput
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. **NOTE:** From version 1.204.1, attribute `secretData` updating diff will be ignored when `secretType` is not Generic.
	SecretData pulumi.StringInput
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrInput
	// The name of the secret.
	SecretName pulumi.StringInput
	// The type of the secret. Valid values:
	SecretType pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringInput
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayInput
}

The set of arguments for constructing a Secret resource.

func (SecretArgs) ElementType 

func (SecretArgs) ElementType() reflect.Type

type SecretArray 

type SecretArray []SecretInput

func (SecretArray) ElementType 

func (SecretArray) ElementType() reflect.Type

func (SecretArray) ToSecretArrayOutput 

func (i SecretArray) ToSecretArrayOutput() SecretArrayOutput

func (SecretArray) ToSecretArrayOutputWithContext 

func (i SecretArray) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretArrayInput 

type SecretArrayInput interface {
	pulumi.Input

	ToSecretArrayOutput() SecretArrayOutput
	ToSecretArrayOutputWithContext(context.Context) SecretArrayOutput
}

SecretArrayInput is an input type that accepts SecretArray and SecretArrayOutput values. You can construct a concrete instance of `SecretArrayInput` via: 

SecretArray{ SecretArgs{...} }

type SecretArrayOutput 

type SecretArrayOutput struct{ *pulumi.OutputState }

func (SecretArrayOutput) ElementType 

func (SecretArrayOutput) ElementType() reflect.Type

func (SecretArrayOutput) Index 

func (o SecretArrayOutput) Index(i pulumi.IntInput) SecretOutput

func (SecretArrayOutput) ToSecretArrayOutput 

func (o SecretArrayOutput) ToSecretArrayOutput() SecretArrayOutput

func (SecretArrayOutput) ToSecretArrayOutputWithContext 

func (o SecretArrayOutput) ToSecretArrayOutputWithContext(ctx context.Context) SecretArrayOutput

type SecretInput 

type SecretInput interface {
	pulumi.Input

	ToSecretOutput() SecretOutput
	ToSecretOutputWithContext(ctx context.Context) SecretOutput
}

type SecretMap 

type SecretMap map[string]SecretInput

func (SecretMap) ElementType 

func (SecretMap) ElementType() reflect.Type

func (SecretMap) ToSecretMapOutput 

func (i SecretMap) ToSecretMapOutput() SecretMapOutput

func (SecretMap) ToSecretMapOutputWithContext 

func (i SecretMap) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretMapInput 

type SecretMapInput interface {
	pulumi.Input

	ToSecretMapOutput() SecretMapOutput
	ToSecretMapOutputWithContext(context.Context) SecretMapOutput
}

SecretMapInput is an input type that accepts SecretMap and SecretMapOutput values. You can construct a concrete instance of `SecretMapInput` via: 

SecretMap{ "key": SecretArgs{...} }

type SecretMapOutput 

type SecretMapOutput struct{ *pulumi.OutputState }

func (SecretMapOutput) ElementType 

func (SecretMapOutput) ElementType() reflect.Type

func (SecretMapOutput) MapIndex 

func (o SecretMapOutput) MapIndex(k pulumi.StringInput) SecretOutput

func (SecretMapOutput) ToSecretMapOutput 

func (o SecretMapOutput) ToSecretMapOutput() SecretMapOutput

func (SecretMapOutput) ToSecretMapOutputWithContext 

func (o SecretMapOutput) ToSecretMapOutputWithContext(ctx context.Context) SecretMapOutput

type SecretOutput 

type SecretOutput struct{ *pulumi.OutputState }

func (SecretOutput) Arn added in v3.27.0 

func (o SecretOutput) Arn() pulumi.StringOutput

The Alicloud Resource Name (ARN) of the secret.

func (SecretOutput) Description added in v3.27.0 

func (o SecretOutput) Description() pulumi.StringPtrOutput

The description of the secret.

func (SecretOutput) DkmsInstanceId added in v3.29.0 

func (o SecretOutput) DkmsInstanceId() pulumi.StringPtrOutput

The instance ID of the exclusive KMS instance.

func (SecretOutput) ElementType 

func (SecretOutput) ElementType() reflect.Type

func (SecretOutput) EnableAutomaticRotation added in v3.27.0 

func (o SecretOutput) EnableAutomaticRotation() pulumi.BoolPtrOutput

Whether to enable automatic key rotation.

func (SecretOutput) EncryptionKeyId added in v3.27.0 

func (o SecretOutput) EncryptionKeyId() pulumi.StringPtrOutput

The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.

func (SecretOutput) ExtendedConfig added in v3.37.0 

func (o SecretOutput) ExtendedConfig() pulumi.StringPtrOutput

The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see [How to use it](https://www.alibabacloud.com/help/en/key-management-service/latest/kms-createsecret).

func (SecretOutput) ForceDeleteWithoutRecovery added in v3.27.0 

func (o SecretOutput) ForceDeleteWithoutRecovery() pulumi.BoolPtrOutput

Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.

func (SecretOutput) PlannedDeleteTime added in v3.27.0 

func (o SecretOutput) PlannedDeleteTime() pulumi.StringOutput

The time when the secret is scheduled to be deleted.

func (SecretOutput) RecoveryWindowInDays added in v3.27.0 

func (o SecretOutput) RecoveryWindowInDays() pulumi.IntPtrOutput

Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.

func (SecretOutput) RotationInterval added in v3.27.0 

func (o SecretOutput) RotationInterval() pulumi.StringPtrOutput

The time period of automatic rotation. The format is integer[unit], where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.

func (SecretOutput) SecretData added in v3.27.0 

func (o SecretOutput) SecretData() pulumi.StringOutput

The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. **NOTE:** From version 1.204.1, attribute `secretData` updating diff will be ignored when `secretType` is not Generic.

func (SecretOutput) SecretDataType added in v3.27.0 

func (o SecretOutput) SecretDataType() pulumi.StringPtrOutput

The type of the secret value. Valid values: text, binary. Default to "text".

func (SecretOutput) SecretName added in v3.27.0 

func (o SecretOutput) SecretName() pulumi.StringOutput

The name of the secret.

func (SecretOutput) SecretType added in v3.37.0 

func (o SecretOutput) SecretType() pulumi.StringOutput

The type of the secret. Valid values:

func (SecretOutput) Tags added in v3.27.0 

func (o SecretOutput) Tags() pulumi.MapOutput

A mapping of tags to assign to the resource.

func (SecretOutput) ToSecretOutput 

func (o SecretOutput) ToSecretOutput() SecretOutput

func (SecretOutput) ToSecretOutputWithContext 

func (o SecretOutput) ToSecretOutputWithContext(ctx context.Context) SecretOutput

func (SecretOutput) VersionId added in v3.27.0 

func (o SecretOutput) VersionId() pulumi.StringOutput

The version number of the initial version. Version numbers are unique in each secret object.

func (SecretOutput) VersionStages added in v3.27.0 

func (o SecretOutput) VersionStages() pulumi.StringArrayOutput

) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".

type SecretState 

type SecretState struct {
	// The Alicloud Resource Name (ARN) of the secret.
	Arn pulumi.StringPtrInput
	// The description of the secret.
	Description pulumi.StringPtrInput
	// The instance ID of the exclusive KMS instance.
	DkmsInstanceId pulumi.StringPtrInput
	// Whether to enable automatic key rotation.
	EnableAutomaticRotation pulumi.BoolPtrInput
	// The ID of the KMS CMK that is used to encrypt the secret value. If you do not specify this parameter, Secrets Manager automatically creates an encryption key to encrypt the secret.
	EncryptionKeyId pulumi.StringPtrInput
	// The extended configuration of the secret. This parameter specifies the properties of the secret of the specific type. The description can be up to 1,024 characters in length. For more information, see [How to use it](https://www.alibabacloud.com/help/en/key-management-service/latest/kms-createsecret).
	ExtendedConfig pulumi.StringPtrInput
	// Specifies whether to forcibly delete the secret. If this parameter is set to true, the secret cannot be recovered. Valid values: true, false. Default to: false.
	ForceDeleteWithoutRecovery pulumi.BoolPtrInput
	// The time when the secret is scheduled to be deleted.
	PlannedDeleteTime pulumi.StringPtrInput
	// Specifies the recovery period of the secret if you do not forcibly delete it. Default value: 30. It will be ignored when `forceDeleteWithoutRecovery` is true.
	RecoveryWindowInDays pulumi.IntPtrInput
	// The time period of automatic rotation. The format is integer[unit], where integer represents the length of time, and unit represents the unit of time. The legal unit units are: d (day), h (hour), m (minute), s (second). 7d or 604800s both indicate a 7-day cycle.
	RotationInterval pulumi.StringPtrInput
	// The value of the secret that you want to create. Secrets Manager encrypts the secret value and stores it in the initial version. **NOTE:** From version 1.204.1, attribute `secretData` updating diff will be ignored when `secretType` is not Generic.
	SecretData pulumi.StringPtrInput
	// The type of the secret value. Valid values: text, binary. Default to "text".
	SecretDataType pulumi.StringPtrInput
	// The name of the secret.
	SecretName pulumi.StringPtrInput
	// The type of the secret. Valid values:
	SecretType pulumi.StringPtrInput
	// A mapping of tags to assign to the resource.
	Tags pulumi.MapInput
	// The version number of the initial version. Version numbers are unique in each secret object.
	VersionId pulumi.StringPtrInput
	// ) The stage labels that mark the new secret version. If you do not specify this parameter, Secrets Manager marks it with "ACSCurrent".
	VersionStages pulumi.StringArrayInput
}

func (SecretState) ElementType 

func (SecretState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.