iSharkFly-Docs/pulumi-hugo-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
pulumi-hugo-cn/themes/default/content/docs/pulumi-cloud/esc/providers/aws-secrets.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

65 lines
2.8 KiB
Markdown
Raw Permalink Normal View History

Split out individual providers and add Vault (#162)
2023-10-09 19:54:53 -07:00
---
title_tag: aws-secrets Pulumi ESC Provider
meta_desc: The aws-secrets Pulumi ESC Provider enables you to dynamically import Secrets from AWS Secrets Manager.
title: aws-secrets
h1: aws-secrets
meta_image: /images/docs/meta-images/docs-meta.png
menu:
pulumicloud:
identifier: aws-secrets
parent: esc-providers
weight: 2
---
The `aws-secrets` provider enables you to dynamically import Secrets from AWS Secrets Manager into your Environment. The provider will return a map of names to Secrets.
## Example
```yaml
aws:
login:
fn::open::aws-login:
oidc:
roleArn: arn:aws:iam::123456789:role/esc-oidc
sessionName: pulumi-environments-session
secrets:
fn::open::aws-secrets:
region: us-west-1
login: ${aws.login}
get:
api-key:
secretId: api-key
app-secret:
secretId: app-secret
```
## Inputs
| Property | Type | Description |
|----------|--------------------------------------------|------------------------------------------------------------------------------------------------------------------------------|
| `region` | string | The AWS region to use. |
| `login` | [AWSSecretsLogin](#awssecretslogin) | Credentials to use to log in to AWS. |
| `get` | map[string][AWSSecretsGet](#awssecretsget) | A map from names to secrets to read from AWS Secrets Manager. The outputs will map each name to the secret's sensitive data. |
### AWSSecretsLogin
| Property | Type | Description |
|-------------------|--------|---------------------------------------------|
| `accessKeyId` | string | The AWS access key ID |
| `secretAccessKey` | string | The AWS secret access key |
| `sessionToken` | string | [Optional] - The AWS session token, if any. |
### AWSSecretsGet
| Property | Type | Description |
|----------------|--------|---------------------------------------------------------|
| `secretId` | string | The ID of the secret to import. |
| `versionId` | string | [Optional] - The version of the secret to import. |
| `versionStage` | string | [Optional] - The version stage of the secret to import. |
## Outputs
| Property | Type | Description |
|----------|--------|-------------------------------------|
| N/A | object | A map of names to imported Secrets. |
Reference in New Issue Copy Permalink