iSharkFly-Docs/pulumi-hugo-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
pulumi-hugo-cn/themes/default/content/docs/concepts/options/additionalsecretoutputs.md
susan evans ad4f7527b9
add meta imgs for docs (#3018)
2023-06-08 16:15:52 -07:00

2.5 KiB
Raw Permalink Blame History

title_tag, meta_desc, title, h1, meta_image, menu, aliases
title_tag meta_desc title h1 meta_image menu aliases
additionalSecretOutputs | Resource Options The additionalSecretOutputs resource option specifies a list of named output properties that should be treated as secrets. additionalSecretOutputs Resource option: additionalSecretOutputs /images/docs/meta-images/docs-meta.png
concepts
identifier parent weight
additionalSecretOutputs options 1
/docs/intro/concepts/resources/options/additionalsecretoutputs/

The additionalSecretOutputs resource option specifies a list of named output properties that should be treated as secrets, which means they will be encrypted. It augments the list of values that Pulumi detects, based on secret inputs to the resource.

This example ensures that the password generated for a database resource is an encrypted secret:

{{< chooser language "javascript,typescript,python,go,csharp,java,yaml" >}}

{{% choosable language javascript %}}

let db = new Database("new-name-for-db", { /*...*/ },
    { additionalSecretOutputs: ["password"] });

{{% /choosable %}} {{% choosable language typescript %}}

let db = new Database("new-name-for-db", { /*...*/ },
    { additionalSecretOutputs: ["password"] });

{{% /choosable %}} {{% choosable language python %}}

db = Database('db',
    opts=ResourceOptions(additional_secret_outputs=['password']))

{{% /choosable %}} {{% choosable language go %}}

db, err := NewDatabase(ctx, "db", &DatabaseArgs{ /*...*/ },
    pulumi.AdditionalSecretOutputs([]string{"password"}))

{{% /choosable %}} {{% choosable language csharp %}}

var db = new Database("new-name-for-db", new DatabaseArgs(),
    new CustomResourceOptions { AdditionalSecretOutputs = { "password" } });

{{% /choosable %}} {{% choosable language java %}}

var db = new Database("new-name-for-db",
    DatabaseArgs.Empty,
    CustomResourceOptions.builder()
        .additionalSecretOutputs("password")
        .build());

{{% /choosable %}} {{% choosable language yaml %}}

resources:
  db:
    type: Database
    options:
      additionalSecretOutputs:
        - password

{{% /choosable %}}

{{< /chooser >}}

Only top-level resource properties can be designated secret. If sensitive data is nested inside of a property, you must mark the entire top-level output property as secret.

{{% notes type="warning" %}} The additionalSecretOutputs resource option does not apply to component resources, and will not have the intended effect. {{% /notes %}}