com.pulumi.aws.secretsmanager.SecretArgs Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws Show documentation
Show all versions of aws Show documentation
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.aws.secretsmanager;
import com.pulumi.aws.secretsmanager.inputs.SecretReplicaArgs;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
public final class SecretArgs extends com.pulumi.resources.ResourceArgs {
public static final SecretArgs Empty = new SecretArgs();
/**
* Description of the secret.
*
*/
@Import(name="description")
private @Nullable Output description;
/**
* @return Description of the secret.
*
*/
public Optional> description() {
return Optional.ofNullable(this.description);
}
/**
* Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.
*
*/
@Import(name="forceOverwriteReplicaSecret")
private @Nullable Output forceOverwriteReplicaSecret;
/**
* @return Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.
*
*/
public Optional> forceOverwriteReplicaSecret() {
return Optional.ofNullable(this.forceOverwriteReplicaSecret);
}
/**
* ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
*
*/
@Import(name="kmsKeyId")
private @Nullable Output kmsKeyId;
/**
* @return ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
*
*/
public Optional> kmsKeyId() {
return Optional.ofNullable(this.kmsKeyId);
}
/**
* Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.{@literal @}-` Conflicts with `name_prefix`.
*
*/
@Import(name="name")
private @Nullable Output name;
/**
* @return Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.{@literal @}-` Conflicts with `name_prefix`.
*
*/
public Optional> name() {
return Optional.ofNullable(this.name);
}
/**
* Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*
*/
@Import(name="namePrefix")
private @Nullable Output namePrefix;
/**
* @return Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*
*/
public Optional> namePrefix() {
return Optional.ofNullable(this.namePrefix);
}
/**
* Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = ""`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `"{}"` (an empty JSON document).
*
*/
@Import(name="policy")
private @Nullable Output policy;
/**
* @return Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = ""`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `"{}"` (an empty JSON document).
*
*/
public Optional> policy() {
return Optional.ofNullable(this.policy);
}
/**
* Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
*
*/
@Import(name="recoveryWindowInDays")
private @Nullable Output recoveryWindowInDays;
/**
* @return Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
*
*/
public Optional> recoveryWindowInDays() {
return Optional.ofNullable(this.recoveryWindowInDays);
}
/**
* Configuration block to support secret replication. See details below.
*
*/
@Import(name="replicas")
private @Nullable Output> replicas;
/**
* @return Configuration block to support secret replication. See details below.
*
*/
public Optional>> replicas() {
return Optional.ofNullable(this.replicas);
}
/**
* Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
@Import(name="tags")
private @Nullable Output> tags;
/**
* @return Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
public Optional>> tags() {
return Optional.ofNullable(this.tags);
}
private SecretArgs() {}
private SecretArgs(SecretArgs $) {
this.description = $.description;
this.forceOverwriteReplicaSecret = $.forceOverwriteReplicaSecret;
this.kmsKeyId = $.kmsKeyId;
this.name = $.name;
this.namePrefix = $.namePrefix;
this.policy = $.policy;
this.recoveryWindowInDays = $.recoveryWindowInDays;
this.replicas = $.replicas;
this.tags = $.tags;
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(SecretArgs defaults) {
return new Builder(defaults);
}
public static final class Builder {
private SecretArgs $;
public Builder() {
$ = new SecretArgs();
}
public Builder(SecretArgs defaults) {
$ = new SecretArgs(Objects.requireNonNull(defaults));
}
/**
* @param description Description of the secret.
*
* @return builder
*
*/
public Builder description(@Nullable Output description) {
$.description = description;
return this;
}
/**
* @param description Description of the secret.
*
* @return builder
*
*/
public Builder description(String description) {
return description(Output.of(description));
}
/**
* @param forceOverwriteReplicaSecret Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.
*
* @return builder
*
*/
public Builder forceOverwriteReplicaSecret(@Nullable Output forceOverwriteReplicaSecret) {
$.forceOverwriteReplicaSecret = forceOverwriteReplicaSecret;
return this;
}
/**
* @param forceOverwriteReplicaSecret Accepts boolean value to specify whether to overwrite a secret with the same name in the destination Region.
*
* @return builder
*
*/
public Builder forceOverwriteReplicaSecret(Boolean forceOverwriteReplicaSecret) {
return forceOverwriteReplicaSecret(Output.of(forceOverwriteReplicaSecret));
}
/**
* @param kmsKeyId ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
*
* @return builder
*
*/
public Builder kmsKeyId(@Nullable Output kmsKeyId) {
$.kmsKeyId = kmsKeyId;
return this;
}
/**
* @param kmsKeyId ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. If you need to reference a CMK in a different account, you can use only the key ARN. If you don't specify this value, then Secrets Manager defaults to using the AWS account's default KMS key (the one named `aws/secretsmanager`). If the default KMS key with that name doesn't yet exist, then AWS Secrets Manager creates it for you automatically the first time.
*
* @return builder
*
*/
public Builder kmsKeyId(String kmsKeyId) {
return kmsKeyId(Output.of(kmsKeyId));
}
/**
* @param name Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.{@literal @}-` Conflicts with `name_prefix`.
*
* @return builder
*
*/
public Builder name(@Nullable Output name) {
$.name = name;
return this;
}
/**
* @param name Friendly name of the new secret. The secret name can consist of uppercase letters, lowercase letters, digits, and any of the following characters: `/_+=.{@literal @}-` Conflicts with `name_prefix`.
*
* @return builder
*
*/
public Builder name(String name) {
return name(Output.of(name));
}
/**
* @param namePrefix Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*
* @return builder
*
*/
public Builder namePrefix(@Nullable Output namePrefix) {
$.namePrefix = namePrefix;
return this;
}
/**
* @param namePrefix Creates a unique name beginning with the specified prefix. Conflicts with `name`.
*
* @return builder
*
*/
public Builder namePrefix(String namePrefix) {
return namePrefix(Output.of(namePrefix));
}
/**
* @param policy Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = ""`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `"{}"` (an empty JSON document).
*
* @return builder
*
*/
public Builder policy(@Nullable Output policy) {
$.policy = policy;
return this;
}
/**
* @param policy Valid JSON document representing a [resource policy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html). Removing `policy` from your configuration or setting `policy` to null or an empty string (i.e., `policy = ""`) _will not_ delete the policy since it could have been set by `aws.secretsmanager.SecretPolicy`. To delete the `policy`, set it to `"{}"` (an empty JSON document).
*
* @return builder
*
*/
public Builder policy(String policy) {
return policy(Output.of(policy));
}
/**
* @param recoveryWindowInDays Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
*
* @return builder
*
*/
public Builder recoveryWindowInDays(@Nullable Output recoveryWindowInDays) {
$.recoveryWindowInDays = recoveryWindowInDays;
return this;
}
/**
* @param recoveryWindowInDays Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be `0` to force deletion without recovery or range from `7` to `30` days. The default value is `30`.
*
* @return builder
*
*/
public Builder recoveryWindowInDays(Integer recoveryWindowInDays) {
return recoveryWindowInDays(Output.of(recoveryWindowInDays));
}
/**
* @param replicas Configuration block to support secret replication. See details below.
*
* @return builder
*
*/
public Builder replicas(@Nullable Output> replicas) {
$.replicas = replicas;
return this;
}
/**
* @param replicas Configuration block to support secret replication. See details below.
*
* @return builder
*
*/
public Builder replicas(List replicas) {
return replicas(Output.of(replicas));
}
/**
* @param replicas Configuration block to support secret replication. See details below.
*
* @return builder
*
*/
public Builder replicas(SecretReplicaArgs... replicas) {
return replicas(List.of(replicas));
}
/**
* @param tags Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
* @return builder
*
*/
public Builder tags(@Nullable Output> tags) {
$.tags = tags;
return this;
}
/**
* @param tags Key-value map of user-defined tags that are attached to the secret. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
* @return builder
*
*/
public Builder tags(Map tags) {
return tags(Output.of(tags));
}
public SecretArgs build() {
return $;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy