1. Docs
  2. Reference
  3. API
  4. pulumi_openstack
  5. keymanager

This page documents the language specification for the openstack package. If you're looking for help working with the inputs, outputs, or functions of openstack resources in a Pulumi program, please see the resource documentation for examples and API reference.

keymanager

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-openstack repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-openstack repo.

class pulumi_openstack.keymanager.AwaitableGetContainerResult(acls=None, consumers=None, container_ref=None, created_at=None, creator_id=None, id=None, name=None, region=None, secret_refs=None, status=None, type=None, updated_at=None)
class pulumi_openstack.keymanager.AwaitableGetSecretResult(acl_only=None, acls=None, algorithm=None, bit_length=None, content_types=None, created_at=None, created_at_filter=None, creator_id=None, expiration=None, expiration_filter=None, id=None, metadata=None, mode=None, name=None, payload=None, payload_content_encoding=None, payload_content_type=None, region=None, secret_ref=None, secret_type=None, status=None, updated_at=None, updated_at_filter=None)
class pulumi_openstack.keymanager.ContainerV1(resource_name, opts=None, acl=None, name=None, region=None, secret_refs=None, type=None, __props__=None, __name__=None, __opts__=None)

Manages a V1 Barbican container resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

certificate1 = openstack.keymanager.SecretV1("certificate1",
    payload=(lambda path: open(path).read())("cert.pem"),
    payload_content_type="text/plain",
    secret_type="certificate")
private_key1 = openstack.keymanager.SecretV1("privateKey1",
    payload=(lambda path: open(path).read())("cert-key.pem"),
    payload_content_type="text/plain",
    secret_type="private")
intermediate1 = openstack.keymanager.SecretV1("intermediate1",
    payload=(lambda path: open(path).read())("intermediate-ca.pem"),
    payload_content_type="text/plain",
    secret_type="certificate")
tls1 = openstack.keymanager.ContainerV1("tls1",
    secret_refs=[
        {
            "name": "certificate",
            "secret_ref": certificate1.secret_ref,
        },
        {
            "name": "private_key",
            "secret_ref": private_key1.secret_ref,
        },
        {
            "name": "intermediates",
            "secret_ref": intermediate1.secret_ref,
        },
    ],
    type="certificate")
subnet1 = openstack.networking.get_subnet(name="my-subnet")
lb1 = openstack.loadbalancer.LoadBalancer("lb1", vip_subnet_id=subnet1.id)
listener1 = openstack.loadbalancer.Listener("listener1",
    default_tls_container_ref=tls1.container_ref,
    loadbalancer_id=lb1.id,
    protocol="TERMINATED_HTTPS",
    protocol_port=443)

import pulumi
import pulumi_openstack as openstack

tls1 = openstack.keymanager.ContainerV1("tls1",
    acl={
        "read": {
            "projectAccess": False,
            "users": [
                "userid1",
                "userid2",
            ],
        },
    },
    secret_refs=[
        {
            "name": "certificate",
            "secret_ref": openstack_keymanager_secret_v1["certificate_1"]["secret_ref"],
        },
        {
            "name": "private_key",
            "secret_ref": openstack_keymanager_secret_v1["private_key_1"]["secret_ref"],
        },
        {
            "name": "intermediates",
            "secret_ref": openstack_keymanager_secret_v1["intermediate_1"]["secret_ref"],
        },
    ],
    type="certificate")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • acl (pulumi.Input[dict]) – Allows to control an access to a container. Currently only the read operation is supported. If not specified, the container is accessible project wide. The read structure is described below.

  • name (pulumi.Input[str]) – The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the region argument of the provider is used. Changing this creates a new V1 container.

  • secret_refs (pulumi.Input[list]) – A set of dictionaries containing references to secrets. The structure is described below.

  • type (pulumi.Input[str]) – Used to indicate the type of container. Must be one of generic, rsa or certificate.

The acl object supports the following:

  • read (pulumi.Input[dict])

    • created_at (pulumi.Input[str]) - The date the container ACL was created.

    • projectAccess (pulumi.Input[bool]) - Whether the container is accessible project wide. Defaults to true.

    • updated_at (pulumi.Input[str]) - The date the container ACL was last updated.

    • users (pulumi.Input[list]) - The list of user IDs, which are allowed to access the container, when project_access is set to false.

The secret_refs object supports the following:

  • name (pulumi.Input[str]) - The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • secret_ref (pulumi.Input[str]) - The secret reference / where to find the secret, URL.

acl: pulumi.Output[dict] = None

Allows to control an access to a container. Currently only the read operation is supported. If not specified, the container is accessible project wide. The read structure is described below.

  • read (dict)

    • created_at (str) - The date the container ACL was created.

    • projectAccess (bool) - Whether the container is accessible project wide. Defaults to true.

    • updated_at (str) - The date the container ACL was last updated.

    • users (list) - The list of user IDs, which are allowed to access the container, when project_access is set to false.

consumers: pulumi.Output[list] = None

The list of the container consumers. The structure is described below.

  • name (str) - The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • url (str) - The consumer URL.

container_ref: pulumi.Output[str] = None

The container reference / where to find the container.

created_at: pulumi.Output[str] = None

The date the container ACL was created.

creator_id: pulumi.Output[str] = None

The creator of the container.

name: pulumi.Output[str] = None

The name of the secret reference. The reference names must correspond the container type, more details are available here.

region: pulumi.Output[str] = None

The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the region argument of the provider is used. Changing this creates a new V1 container.

secret_refs: pulumi.Output[list] = None

A set of dictionaries containing references to secrets. The structure is described below.

  • name (str) - The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • secret_ref (str) - The secret reference / where to find the secret, URL.

status: pulumi.Output[str] = None

The status of the container.

type: pulumi.Output[str] = None

Used to indicate the type of container. Must be one of generic, rsa or certificate.

updated_at: pulumi.Output[str] = None

The date the container ACL was last updated.

static get(resource_name, id, opts=None, acl=None, consumers=None, container_ref=None, created_at=None, creator_id=None, name=None, region=None, secret_refs=None, status=None, type=None, updated_at=None)

Get an existing ContainerV1 resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • acl (pulumi.Input[dict]) – Allows to control an access to a container. Currently only the read operation is supported. If not specified, the container is accessible project wide. The read structure is described below.

  • consumers (pulumi.Input[list]) – The list of the container consumers. The structure is described below.

  • container_ref (pulumi.Input[str]) – The container reference / where to find the container.

  • created_at (pulumi.Input[str]) – The date the container ACL was created.

  • creator_id (pulumi.Input[str]) – The creator of the container.

  • name (pulumi.Input[str]) –

    The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a container. If omitted, the region argument of the provider is used. Changing this creates a new V1 container.

  • secret_refs (pulumi.Input[list]) – A set of dictionaries containing references to secrets. The structure is described below.

  • status (pulumi.Input[str]) – The status of the container.

  • type (pulumi.Input[str]) – Used to indicate the type of container. Must be one of generic, rsa or certificate.

  • updated_at (pulumi.Input[str]) – The date the container ACL was last updated.

The acl object supports the following:

  • read (pulumi.Input[dict])

    • created_at (pulumi.Input[str]) - The date the container ACL was created.

    • projectAccess (pulumi.Input[bool]) - Whether the container is accessible project wide. Defaults to true.

    • updated_at (pulumi.Input[str]) - The date the container ACL was last updated.

    • users (pulumi.Input[list]) - The list of user IDs, which are allowed to access the container, when project_access is set to false.

The consumers object supports the following:

  • name (pulumi.Input[str]) - The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • url (pulumi.Input[str]) - The consumer URL.

The secret_refs object supports the following:

  • name (pulumi.Input[str]) - The name of the secret reference. The reference names must correspond the container type, more details are available here.

  • secret_ref (pulumi.Input[str]) - The secret reference / where to find the secret, URL.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.keymanager.GetContainerResult(acls=None, consumers=None, container_ref=None, created_at=None, creator_id=None, id=None, name=None, region=None, secret_refs=None, status=None, type=None, updated_at=None)

A collection of values returned by getContainer.

acls = None

The list of ACLs assigned to a container. The read structure is described below.

consumers = None

The list of the container consumers. The structure is described below.

container_ref = None

The container reference / where to find the container.

created_at = None

The date the container ACL was created.

creator_id = None

The creator of the container.

id = None

The provider-assigned unique ID for this managed resource.

name = None

The name of the consumer.

region = None

See Argument Reference above.

secret_refs = None

A set of dictionaries containing references to secrets. The structure is described below.

status = None

The status of the container.

type = None

The container type.

updated_at = None

The date the container ACL was last updated.

class pulumi_openstack.keymanager.GetSecretResult(acl_only=None, acls=None, algorithm=None, bit_length=None, content_types=None, created_at=None, created_at_filter=None, creator_id=None, expiration=None, expiration_filter=None, id=None, metadata=None, mode=None, name=None, payload=None, payload_content_encoding=None, payload_content_type=None, region=None, secret_ref=None, secret_type=None, status=None, updated_at=None, updated_at_filter=None)

A collection of values returned by getSecret.

acl_only = None

See Argument Reference above.

acls = None

The list of ACLs assigned to a secret. The read structure is described below.

algorithm = None

See Argument Reference above.

bit_length = None

See Argument Reference above.

content_types = None

The map of the content types, assigned on the secret.

created_at = None

The date the secret ACL was created.

created_at_filter = None

See Argument Reference above.

creator_id = None

The creator of the secret.

expiration = None

The date the secret will expire.

expiration_filter = None

See Argument Reference above.

id = None

The provider-assigned unique ID for this managed resource.

metadata = None

The map of metadata, assigned on the secret, which has been explicitly and implicitly added.

mode = None

See Argument Reference above.

name = None

See Argument Reference above.

payload = None

The secret payload.

payload_content_encoding = None

The Secret encoding.

payload_content_type = None

The Secret content type.

region = None

See Argument Reference above.

secret_ref = None

The secret reference / where to find the secret.

secret_type = None

See Argument Reference above.

status = None

The status of the secret.

updated_at = None

The date the secret ACL was last updated.

updated_at_filter = None

See Argument Reference above.

class pulumi_openstack.keymanager.OrderV1(resource_name, opts=None, meta=None, region=None, type=None, __props__=None, __name__=None, __opts__=None)

Manages a V1 Barbican order resource within OpenStack.

import pulumi
import pulumi_openstack as openstack

order1 = openstack.keymanager.OrderV1("order1",
    meta={
        "algorithm": "aes",
        "bit_length": 256,
        "mode": "cbc",
        "name": "mysecret",
    },
    type="key")

import pulumi
import pulumi_openstack as openstack

order1 = openstack.keymanager.OrderV1("order1",
    meta={
        "algorithm": "rsa",
        "bit_length": 4096,
        "name": "mysecret",
    },
    type="asymmetric")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • meta (pulumi.Input[dict]) – Dictionary containing the order metadata used to generate the order. The structure is described below.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a order. If omitted, the region argument of the provider is used. Changing this creates a new V1 order.

  • type (pulumi.Input[str]) – The type of key to be generated. Must be one of asymmetric, key.

The meta object supports the following:

  • algorithm (pulumi.Input[str]) - Algorithm to use for key generation.

  • bit_length (pulumi.Input[float]) - - Bit lenght of key to be generated.

  • expiration (pulumi.Input[str]) - This is a UTC timestamp in ISO 8601 format YYYY-MM-DDTHH:MM:SSZ. If set, the secret will not be available after this time.

  • mode (pulumi.Input[str]) - The mode to use for key generation.

  • name (pulumi.Input[str]) - The name of the secret set by the user.

  • payload_content_type (pulumi.Input[str]) - The media type for the content of the secrets payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

container_ref: pulumi.Output[str] = None

The container reference / where to find the container.

created: pulumi.Output[str] = None

The date the order was created.

creator_id: pulumi.Output[str] = None

The creator of the order.

meta: pulumi.Output[dict] = None

Dictionary containing the order metadata used to generate the order. The structure is described below.

  • algorithm (str) - Algorithm to use for key generation.

  • bit_length (float) - - Bit lenght of key to be generated.

  • expiration (str) - This is a UTC timestamp in ISO 8601 format YYYY-MM-DDTHH:MM:SSZ. If set, the secret will not be available after this time.

  • mode (str) - The mode to use for key generation.

  • name (str) - The name of the secret set by the user.

  • payload_content_type (str) - The media type for the content of the secrets payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

order_ref: pulumi.Output[str] = None

The order reference / where to find the order.

region: pulumi.Output[str] = None

The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a order. If omitted, the region argument of the provider is used. Changing this creates a new V1 order.

secret_ref: pulumi.Output[str] = None

The secret reference / where to find the secret.

status: pulumi.Output[str] = None

The status of the order.

sub_status: pulumi.Output[str] = None

The sub status of the order.

sub_status_message: pulumi.Output[str] = None

The sub status message of the order.

type: pulumi.Output[str] = None

The type of key to be generated. Must be one of asymmetric, key.

updated: pulumi.Output[str] = None

The date the order was last updated.

static get(resource_name, id, opts=None, container_ref=None, created=None, creator_id=None, meta=None, order_ref=None, region=None, secret_ref=None, status=None, sub_status=None, sub_status_message=None, type=None, updated=None)

Get an existing OrderV1 resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • container_ref (pulumi.Input[str]) – The container reference / where to find the container.

  • created (pulumi.Input[str]) – The date the order was created.

  • creator_id (pulumi.Input[str]) – The creator of the order.

  • meta (pulumi.Input[dict]) – Dictionary containing the order metadata used to generate the order. The structure is described below.

  • order_ref (pulumi.Input[str]) – The order reference / where to find the order.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a order. If omitted, the region argument of the provider is used. Changing this creates a new V1 order.

  • secret_ref (pulumi.Input[str]) – The secret reference / where to find the secret.

  • status (pulumi.Input[str]) – The status of the order.

  • sub_status (pulumi.Input[str]) – The sub status of the order.

  • sub_status_message (pulumi.Input[str]) – The sub status message of the order.

  • type (pulumi.Input[str]) – The type of key to be generated. Must be one of asymmetric, key.

  • updated (pulumi.Input[str]) – The date the order was last updated.

The meta object supports the following:

  • algorithm (pulumi.Input[str]) - Algorithm to use for key generation.

  • bit_length (pulumi.Input[float]) - - Bit lenght of key to be generated.

  • expiration (pulumi.Input[str]) - This is a UTC timestamp in ISO 8601 format YYYY-MM-DDTHH:MM:SSZ. If set, the secret will not be available after this time.

  • mode (pulumi.Input[str]) - The mode to use for key generation.

  • name (pulumi.Input[str]) - The name of the secret set by the user.

  • payload_content_type (pulumi.Input[str]) - The media type for the content of the secrets payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_openstack.keymanager.SecretV1(resource_name, opts=None, acl=None, algorithm=None, bit_length=None, expiration=None, metadata=None, mode=None, name=None, payload=None, payload_content_encoding=None, payload_content_type=None, region=None, secret_type=None, __props__=None, __name__=None, __opts__=None)

Create a SecretV1 resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] acl: Allows to control an access to a secret. Currently only the

read operation is supported. If not specified, the secret is accessible project wide.

Parameters

  • algorithm (pulumi.Input[str]) – Metadata provided by a user or system for informational purposes.

  • bit_length (pulumi.Input[float]) – Metadata provided by a user or system for informational purposes.

  • expiration (pulumi.Input[str]) – The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.

  • metadata (pulumi.Input[dict]) – Additional Metadata for the secret.

  • mode (pulumi.Input[str]) – Metadata provided by a user or system for informational purposes.

  • name (pulumi.Input[str]) – Human-readable name for the Secret. Does not have to be unique.

  • payload (pulumi.Input[str]) – The secret’s data to be stored. payload_content_type must also be supplied if payload is included.

  • payload_content_encoding (pulumi.Input[str]) – (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.

  • payload_content_type (pulumi.Input[str]) – (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.

  • secret_type (pulumi.Input[str]) – Used to indicate the type of secret being stored. For more information see Secret types.

The acl object supports the following:

  • read (pulumi.Input[dict])

    • created_at (pulumi.Input[str]) - The date the secret ACL was created.

    • projectAccess (pulumi.Input[bool]) - Whether the secret is accessible project wide. Defaults to true.

    • updated_at (pulumi.Input[str]) - The date the secret ACL was last updated.

    • users (pulumi.Input[list]) - The list of user IDs, which are allowed to access the secret, when project_access is set to false.

acl: pulumi.Output[dict] = None

Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.

  • read (dict)

    • created_at (str) - The date the secret ACL was created.

    • projectAccess (bool) - Whether the secret is accessible project wide. Defaults to true.

    • updated_at (str) - The date the secret ACL was last updated.

    • users (list) - The list of user IDs, which are allowed to access the secret, when project_access is set to false.

algorithm: pulumi.Output[str] = None

Metadata provided by a user or system for informational purposes.

all_metadata: pulumi.Output[dict] = None

The map of metadata, assigned on the secret, which has been explicitly and implicitly added.

bit_length: pulumi.Output[float] = None

Metadata provided by a user or system for informational purposes.

content_types: pulumi.Output[dict] = None

The map of the content types, assigned on the secret.

created_at: pulumi.Output[str] = None

The date the secret ACL was created.

creator_id: pulumi.Output[str] = None

The creator of the secret.

expiration: pulumi.Output[str] = None

The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.

metadata: pulumi.Output[dict] = None

Additional Metadata for the secret.

mode: pulumi.Output[str] = None

Metadata provided by a user or system for informational purposes.

name: pulumi.Output[str] = None

Human-readable name for the Secret. Does not have to be unique.

payload: pulumi.Output[str] = None

The secret’s data to be stored. payload_content_type must also be supplied if payload is included.

payload_content_encoding: pulumi.Output[str] = None

(required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.

payload_content_type: pulumi.Output[str] = None

(required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

region: pulumi.Output[str] = None

The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.

secret_ref: pulumi.Output[str] = None

The secret reference / where to find the secret.

secret_type: pulumi.Output[str] = None

Used to indicate the type of secret being stored. For more information see Secret types.

status: pulumi.Output[str] = None

The status of the secret.

updated_at: pulumi.Output[str] = None

The date the secret ACL was last updated.

static get(resource_name, id, opts=None, acl=None, algorithm=None, all_metadata=None, bit_length=None, content_types=None, created_at=None, creator_id=None, expiration=None, metadata=None, mode=None, name=None, payload=None, payload_content_encoding=None, payload_content_type=None, region=None, secret_ref=None, secret_type=None, status=None, updated_at=None)

Get an existing SecretV1 resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • acl (pulumi.Input[dict]) – Allows to control an access to a secret. Currently only the read operation is supported. If not specified, the secret is accessible project wide.

  • algorithm (pulumi.Input[str]) – Metadata provided by a user or system for informational purposes.

  • all_metadata (pulumi.Input[dict]) – The map of metadata, assigned on the secret, which has been explicitly and implicitly added.

  • bit_length (pulumi.Input[float]) – Metadata provided by a user or system for informational purposes.

  • content_types (pulumi.Input[dict]) – The map of the content types, assigned on the secret.

  • created_at (pulumi.Input[str]) – The date the secret ACL was created.

  • creator_id (pulumi.Input[str]) – The creator of the secret.

  • expiration (pulumi.Input[str]) – The expiration time of the secret in the RFC3339 timestamp format (e.g. 2019-03-09T12:58:49Z). If omitted, a secret will never expire. Changing this creates a new secret.

  • metadata (pulumi.Input[dict]) – Additional Metadata for the secret.

  • mode (pulumi.Input[str]) – Metadata provided by a user or system for informational purposes.

  • name (pulumi.Input[str]) – Human-readable name for the Secret. Does not have to be unique.

  • payload (pulumi.Input[str]) – The secret’s data to be stored. payload_content_type must also be supplied if payload is included.

  • payload_content_encoding (pulumi.Input[str]) – (required if payload is encoded) The encoding used for the payload to be able to include it in the JSON request. Must be either base64 or binary.

  • payload_content_type (pulumi.Input[str]) – (required if payload is included) The media type for the content of the payload. Must be one of text/plain, text/plain;charset=utf-8, text/plain; charset=utf-8, application/octet-stream, application/pkcs8.

  • region (pulumi.Input[str]) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to create a secret. If omitted, the region argument of the provider is used. Changing this creates a new V1 secret.

  • secret_ref (pulumi.Input[str]) – The secret reference / where to find the secret.

  • secret_type (pulumi.Input[str]) –

    Used to indicate the type of secret being stored. For more information see Secret types.

  • status (pulumi.Input[str]) – The status of the secret.

  • updated_at (pulumi.Input[str]) – The date the secret ACL was last updated.

The acl object supports the following:

  • read (pulumi.Input[dict])

    • created_at (pulumi.Input[str]) - The date the secret ACL was created.

    • projectAccess (pulumi.Input[bool]) - Whether the secret is accessible project wide. Defaults to true.

    • updated_at (pulumi.Input[str]) - The date the secret ACL was last updated.

    • users (pulumi.Input[list]) - The list of user IDs, which are allowed to access the secret, when project_access is set to false.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_openstack.keymanager.get_container(name=None, region=None, opts=None)

Use this data source to get the ID of an available Barbican container.

import pulumi
import pulumi_openstack as openstack

example = openstack.keymanager.get_container(name="my_container")
Parameters

  • name (str) – The Container name.

  • region (str) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a container. If omitted, the region argument of the provider is used.

pulumi_openstack.keymanager.get_secret(acl_only=None, algorithm=None, bit_length=None, created_at_filter=None, expiration_filter=None, mode=None, name=None, region=None, secret_type=None, updated_at_filter=None, opts=None)

Use this data source to access information about an existing resource.

Parameters

  • acl_only (bool) – Select the Secret with an ACL that contains the user. Project scope is ignored. Defaults to false.

  • algorithm (str) – The Secret algorithm.

  • bit_length (float) – The Secret bit length.

  • created_at_filter (str) – Date filter to select the Secret with created matching the specified criteria. See Date Filters below for more detail.

  • expiration_filter (str) – Date filter to select the Secret with expiration matching the specified criteria. See Date Filters below for more detail.

  • mode (str) – The Secret mode.

  • name (str) – The Secret name.

  • region (str) – The region in which to obtain the V1 KeyManager client. A KeyManager client is needed to fetch a secret. If omitted, the region argument of the provider is used.

  • secret_type (str) –

    The Secret type. For more information see Secret types.

  • updated_at_filter (str) – Date filter to select the Secret with updated matching the specified criteria. See Date Filters below for more detail.