github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/kms/getSecrets.go

github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/kms/getSecrets.go (about)

     1  // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT.
     2  // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
     3  
     4  package kms
     5  
     6  import (
     7  	"context"
     8  	"reflect"
     9  
    10  	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal"
    11  	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    12  )
    13  
    14  // Decrypt multiple secrets from data encrypted with the AWS KMS service.
    15  //
    16  // ## Example Usage
    17  //
    18  // If you do not already have a `CiphertextBlob` from encrypting a KMS secret, you can use the below commands to obtain one using the [AWS CLI kms encrypt](https://docs.aws.amazon.com/cli/latest/reference/kms/encrypt.html) command. This requires you to have your AWS CLI setup correctly and replace the `--key-id` with your own. Alternatively you can use `--plaintext 'master-password'` (CLIv1) or `--plaintext fileb://<(echo -n 'master-password')` (CLIv2) instead of reading from a file.
    19  //
    20  // > If you have a newline character at the end of your file, it will be decrypted with this newline character intact. For most use cases this is undesirable and leads to incorrect passwords or invalid values, as well as possible changes in the plan. Be sure to use `echo -n` if necessary.
    21  // If you are using asymmetric keys ensure you are using the right encryption algorithm when you encrypt and decrypt else you will get IncorrectKeyException during the decrypt phase.
    22  //
    23  // That encrypted output can now be inserted into provider configurations without exposing the plaintext secret directly.
    24  func GetSecrets(ctx *pulumi.Context, args *GetSecretsArgs, opts ...pulumi.InvokeOption) (*GetSecretsResult, error) {
    25  	opts = internal.PkgInvokeDefaultOpts(opts)
    26  	var rv GetSecretsResult
    27  	err := ctx.Invoke("aws:kms/getSecrets:getSecrets", args, &rv, opts...)
    28  	if err != nil {
    29  		return nil, err
    30  	}
    31  	return &rv, nil
    32  }
    33  
    34  // A collection of arguments for invoking getSecrets.
    35  type GetSecretsArgs struct {
    36  	// One or more encrypted payload definitions from the KMS service. See the Secret Definitions below.
    37  	Secrets []GetSecretsSecret `pulumi:"secrets"`
    38  }
    39  
    40  // A collection of values returned by getSecrets.
    41  type GetSecretsResult struct {
    42  	// The provider-assigned unique ID for this managed resource.
    43  	Id string `pulumi:"id"`
    44  	// Map containing each `secret` `name` as the key with its decrypted plaintext value
    45  	Plaintext map[string]string  `pulumi:"plaintext"`
    46  	Secrets   []GetSecretsSecret `pulumi:"secrets"`
    47  }
    48  
    49  func GetSecretsOutput(ctx *pulumi.Context, args GetSecretsOutputArgs, opts ...pulumi.InvokeOption) GetSecretsResultOutput {
    50  	return pulumi.ToOutputWithContext(context.Background(), args).
    51  		ApplyT(func(v interface{}) (GetSecretsResult, error) {
    52  			args := v.(GetSecretsArgs)
    53  			r, err := GetSecrets(ctx, &args, opts...)
    54  			var s GetSecretsResult
    55  			if r != nil {
    56  				s = *r
    57  			}
    58  			return s, err
    59  		}).(GetSecretsResultOutput)
    60  }
    61  
    62  // A collection of arguments for invoking getSecrets.
    63  type GetSecretsOutputArgs struct {
    64  	// One or more encrypted payload definitions from the KMS service. See the Secret Definitions below.
    65  	Secrets GetSecretsSecretArrayInput `pulumi:"secrets"`
    66  }
    67  
    68  func (GetSecretsOutputArgs) ElementType() reflect.Type {
    69  	return reflect.TypeOf((*GetSecretsArgs)(nil)).Elem()
    70  }
    71  
    72  // A collection of values returned by getSecrets.
    73  type GetSecretsResultOutput struct{ *pulumi.OutputState }
    74  
    75  func (GetSecretsResultOutput) ElementType() reflect.Type {
    76  	return reflect.TypeOf((*GetSecretsResult)(nil)).Elem()
    77  }
    78  
    79  func (o GetSecretsResultOutput) ToGetSecretsResultOutput() GetSecretsResultOutput {
    80  	return o
    81  }
    82  
    83  func (o GetSecretsResultOutput) ToGetSecretsResultOutputWithContext(ctx context.Context) GetSecretsResultOutput {
    84  	return o
    85  }
    86  
    87  // The provider-assigned unique ID for this managed resource.
    88  func (o GetSecretsResultOutput) Id() pulumi.StringOutput {
    89  	return o.ApplyT(func(v GetSecretsResult) string { return v.Id }).(pulumi.StringOutput)
    90  }
    91  
    92  // Map containing each `secret` `name` as the key with its decrypted plaintext value
    93  func (o GetSecretsResultOutput) Plaintext() pulumi.StringMapOutput {
    94  	return o.ApplyT(func(v GetSecretsResult) map[string]string { return v.Plaintext }).(pulumi.StringMapOutput)
    95  }
    96  
    97  func (o GetSecretsResultOutput) Secrets() GetSecretsSecretArrayOutput {
    98  	return o.ApplyT(func(v GetSecretsResult) []GetSecretsSecret { return v.Secrets }).(GetSecretsSecretArrayOutput)
    99  }
   100  
   101  func init() {
   102  	pulumi.RegisterOutputType(GetSecretsResultOutput{})
   103  }