Class Secret

Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes.

Note: While Pulumi automatically encrypts the 'data' and 'stringData' fields, this encryption only applies to Pulumi's context, including the state file, the Service, the CLI, etc. Kubernetes does not encrypt Secret resources by default, and the contents are visible to users with access to the Secret in Kubernetes using tools like 'kubectl'.

For more information on securing Kubernetes Secrets, see the following links: https://kubernetes.io/docs/concepts/configuration/secret/#security-properties https://kubernetes.io/docs/concepts/configuration/secret/#risks

Inheritance

System.Object

Resource

CustomResource

KubernetesResource

Secret

Inherited Members

CustomResource.Id

Resource.GetResourceType()

Resource.GetResourceName()

Resource.Urn

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: Pulumi.Kubernetes.Core.V1

Assembly: Pulumi.Kubernetes.dll

Syntax

public class Secret : KubernetesResource

Constructors

View Source

Secret(String, SecretArgs, CustomResourceOptions)

Create a Secret resource with the given unique name, arguments, and options.

Declaration

public Secret(string name, SecretArgs args = null, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resource
SecretArgs	args	The arguments used to populate this resource's properties
CustomResourceOptions	options	A bag of options that control this resource's behavior

Properties

View Source

ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

Declaration

public Output<string> ApiVersion { get; }

Property Value

Type	Description
Output<System.String>

View Source

Data

Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4

Declaration

public Output<ImmutableDictionary<string, string>> Data { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.String>>

View Source

Immutable

Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil. This is an alpha field enabled by ImmutableEphemeralVolumes feature gate.

Declaration

public Output<bool> Immutable { get; }

Property Value

Type	Description
Output<System.Boolean>

View Source

Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

Declaration

public Output<string> Kind { get; }

Property Value

Type	Description
Output<System.String>

View Source

Metadata

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

Declaration

public Output<ObjectMeta> Metadata { get; }

Property Value

Type	Description
Output<ObjectMeta>

View Source

StringData

stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API.

Declaration

public Output<ImmutableDictionary<string, string>> StringData { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableDictionary<System.String, System.String>>

View Source

Type

Used to facilitate programmatic handling of secret data.

Declaration

public Output<string> Type { get; }

Property Value

Type	Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, CustomResourceOptions)

Get an existing Secret resource's state with the given name and ID.

Declaration

public static Secret Get(string name, Input<string> id, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resulting resource.
Input<System.String>	id	The unique provider ID of the resource to lookup.
CustomResourceOptions	options	A bag of options that control this resource's behavior

Returns

Type	Description
Secret