Class SecretCiphertext

Encrypts secret data with Google Cloud KMS and provides access to the ciphertext.

NOTE: Using this resource will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.

To get more information about SecretCiphertext, see:

API documentation
How-to Guides
Encrypting and decrypting data with a symmetric key

Warning: All arguments including plaintext and additional_authenticated_data will be stored in the raw state as plain-text. Read more about secrets in state.

Inheritance

System.Object

Resource

CustomResource

SecretCiphertext

Inherited Members

CustomResource.Id

Resource.GetResourceType()

Resource.GetResourceName()

Resource.Urn

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: Pulumi.Gcp.Kms

Assembly: Pulumi.Gcp.dll

Syntax

public class SecretCiphertext : CustomResource

Constructors

View Source

SecretCiphertext(String, SecretCiphertextArgs, CustomResourceOptions)

Create a SecretCiphertext resource with the given unique name, arguments, and options.

Declaration

public SecretCiphertext(string name, SecretCiphertextArgs args, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resource
SecretCiphertextArgs	args	The arguments used to populate this resource's properties
CustomResourceOptions	options	A bag of options that control this resource's behavior

Properties

View Source

AdditionalAuthenticatedData

The additional authenticated data used for integrity checks during encryption and decryption. Note: This property is sensitive and will not be displayed in the plan.

Declaration

public Output<string> AdditionalAuthenticatedData { get; }

Property Value

Type	Description
Output<System.String>

View Source

Ciphertext

Contains the result of encrypting the provided plaintext, encoded in base64.

Declaration

public Output<string> Ciphertext { get; }

Property Value

Type	Description
Output<System.String>

View Source

CryptoKey

The full name of the CryptoKey that will be used to encrypt the provided plaintext. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}/cryptoKeys/{{cryptoKey}}'

Declaration

public Output<string> CryptoKey { get; }

Property Value

Type	Description
Output<System.String>

View Source

Plaintext

The plaintext to be encrypted. Note: This property is sensitive and will not be displayed in the plan.

Declaration

public Output<string> Plaintext { get; }

Property Value

Type	Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, SecretCiphertextState, CustomResourceOptions)

Get an existing SecretCiphertext resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration

public static SecretCiphertext Get(string name, Input<string> id, SecretCiphertextState state = null, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resulting resource.
Input<System.String>	id	The unique provider ID of the resource to lookup.
SecretCiphertextState	state	Any extra arguments used during the lookup.
CustomResourceOptions	options	A bag of options that control this resource's behavior

Returns

Type	Description
SecretCiphertext