Google Cloud v8.23.0, Mar 24 25

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

gcp.secretmanager.getSecrets

Explore with Pulumi AI

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

Example Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const secrets = gcp.secretmanager.getSecrets({});

import pulumi
import pulumi_gcp as gcp

secrets = gcp.secretmanager.get_secrets()

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.GetSecrets(ctx, &secretmanager.GetSecretsArgs{}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var secrets = Gcp.SecretManager.GetSecrets.Invoke();

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.SecretmanagerFunctions;
import com.pulumi.gcp.secretmanager.inputs.GetSecretsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var secrets = SecretmanagerFunctions.getSecrets();

    }
}

variables:
  secrets:
    fn::invoke:
      function: gcp:secretmanager:getSecrets
      arguments: {}

Using getSecrets

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

TypeScript
Python
Go
C#
Java
YAML

function getSecrets(args: GetSecretsArgs, opts?: InvokeOptions): Promise<GetSecretsResult>
function getSecretsOutput(args: GetSecretsOutputArgs, opts?: InvokeOptions): Output<GetSecretsResult>

def get_secrets(filter: Optional[str] = None,
                project: Optional[str] = None,
                opts: Optional[InvokeOptions] = None) -> GetSecretsResult
def get_secrets_output(filter: Optional[pulumi.Input[str]] = None,
                project: Optional[pulumi.Input[str]] = None,
                opts: Optional[InvokeOptions] = None) -> Output[GetSecretsResult]

func GetSecrets(ctx *Context, args *GetSecretsArgs, opts ...InvokeOption) (*GetSecretsResult, error)
func GetSecretsOutput(ctx *Context, args *GetSecretsOutputArgs, opts ...InvokeOption) GetSecretsResultOutput

> Note: This function is named GetSecrets in the Go SDK.

public static class GetSecrets 
{
    public static Task<GetSecretsResult> InvokeAsync(GetSecretsArgs args, InvokeOptions? opts = null)
    public static Output<GetSecretsResult> Invoke(GetSecretsInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)
public static Output<GetSecretsResult> getSecrets(GetSecretsArgs args, InvokeOptions options)

fn::invoke:
  function: gcp:secretmanager/getSecrets:getSecrets
  arguments:
    # arguments dictionary

The following arguments are supported:

Filter string: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
Project string: The ID of the project.

Filter string: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
Project string: The ID of the project.

filter String: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
project String: The ID of the project.

filter string: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
project string: The ID of the project.

filter str: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
project str: The ID of the project.

filter String: Filter string, adhering to the rules in List-operation filtering. List only secrets matching the filter. If filter is empty, all secrets are listed.
project String: The ID of the project.

getSecrets Result

The following output properties are available:

Id string: The provider-assigned unique ID for this managed resource.
Project string: The ID of the project in which the resource belongs.
Secrets List<GetSecretsSecret>: A list of secrets matching the filter. Structure is defined below.
Filter string

Id string: The provider-assigned unique ID for this managed resource.
Project string: The ID of the project in which the resource belongs.
Secrets []GetSecretsSecret: A list of secrets matching the filter. Structure is defined below.
Filter string

id String: The provider-assigned unique ID for this managed resource.
project String: The ID of the project in which the resource belongs.
secrets List<GetSecretsSecret>: A list of secrets matching the filter. Structure is defined below.
filter String

id string: The provider-assigned unique ID for this managed resource.
project string: The ID of the project in which the resource belongs.
secrets GetSecretsSecret[]: A list of secrets matching the filter. Structure is defined below.
filter string

id str: The provider-assigned unique ID for this managed resource.
project str: The ID of the project in which the resource belongs.
secrets Sequence[GetSecretsSecret]: A list of secrets matching the filter. Structure is defined below.
filter str

id String: The provider-assigned unique ID for this managed resource.
project String: The ID of the project in which the resource belongs.
secrets List<Property Map>: A list of secrets matching the filter. Structure is defined below.
filter String

Supporting Types

GetSecretsSecret

Annotations Dictionary<string, string>: Custom metadata about the secret.
CreateTime string: The time at which the Secret was created.
EffectiveAnnotations Dictionary<string, string>
EffectiveLabels Dictionary<string, string>
ExpireTime string: Timestamp in UTC when the Secret is scheduled to expire.
Labels Dictionary<string, string>: The labels assigned to this Secret.
Name string: The resource name of the Pub/Sub topic that will be published to.
Project string: The ID of the project.
PulumiLabels Dictionary<string, string>: The combination of labels configured directly on the resource and default labels configured on the provider.
Replications List<GetSecretsSecretReplication>: The replication policy of the secret data attached to the Secret. Structure is documented below.
Rotations List<GetSecretsSecretRotation>: The rotation time and period for a Secret. Structure is documented below.
SecretId string: This must be unique within the project.
Topics List<GetSecretsSecretTopic>: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
Ttl string: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
VersionAliases Dictionary<string, string>: Mapping from version alias to version name.
VersionDestroyTtl string: The version destroy ttl for the secret version.

Annotations map[string]string: Custom metadata about the secret.
CreateTime string: The time at which the Secret was created.
EffectiveAnnotations map[string]string
EffectiveLabels map[string]string
ExpireTime string: Timestamp in UTC when the Secret is scheduled to expire.
Labels map[string]string: The labels assigned to this Secret.
Name string: The resource name of the Pub/Sub topic that will be published to.
Project string: The ID of the project.
PulumiLabels map[string]string: The combination of labels configured directly on the resource and default labels configured on the provider.
Replications []GetSecretsSecretReplication: The replication policy of the secret data attached to the Secret. Structure is documented below.
Rotations []GetSecretsSecretRotation: The rotation time and period for a Secret. Structure is documented below.
SecretId string: This must be unique within the project.
Topics []GetSecretsSecretTopic: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
Ttl string: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
VersionAliases map[string]string: Mapping from version alias to version name.
VersionDestroyTtl string: The version destroy ttl for the secret version.

annotations Map<String,String>: Custom metadata about the secret.
createTime String: The time at which the Secret was created.
effectiveAnnotations Map<String,String>
effectiveLabels Map<String,String>
expireTime String: Timestamp in UTC when the Secret is scheduled to expire.
labels Map<String,String>: The labels assigned to this Secret.
name String: The resource name of the Pub/Sub topic that will be published to.
project String: The ID of the project.
pulumiLabels Map<String,String>: The combination of labels configured directly on the resource and default labels configured on the provider.
replications List<GetSecretsSecretReplication>: The replication policy of the secret data attached to the Secret. Structure is documented below.
rotations List<GetSecretsSecretRotation>: The rotation time and period for a Secret. Structure is documented below.
secretId String: This must be unique within the project.
topics List<GetSecretsSecretTopic>: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
ttl String: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
versionAliases Map<String,String>: Mapping from version alias to version name.
versionDestroyTtl String: The version destroy ttl for the secret version.

annotations {[key: string]: string}: Custom metadata about the secret.
createTime string: The time at which the Secret was created.
effectiveAnnotations {[key: string]: string}
effectiveLabels {[key: string]: string}
expireTime string: Timestamp in UTC when the Secret is scheduled to expire.
labels {[key: string]: string}: The labels assigned to this Secret.
name string: The resource name of the Pub/Sub topic that will be published to.
project string: The ID of the project.
pulumiLabels {[key: string]: string}: The combination of labels configured directly on the resource and default labels configured on the provider.
replications GetSecretsSecretReplication[]: The replication policy of the secret data attached to the Secret. Structure is documented below.
rotations GetSecretsSecretRotation[]: The rotation time and period for a Secret. Structure is documented below.
secretId string: This must be unique within the project.
topics GetSecretsSecretTopic[]: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
ttl string: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
versionAliases {[key: string]: string}: Mapping from version alias to version name.
versionDestroyTtl string: The version destroy ttl for the secret version.

annotations Mapping[str, str]: Custom metadata about the secret.
create_time str: The time at which the Secret was created.
effective_annotations Mapping[str, str]
effective_labels Mapping[str, str]
expire_time str: Timestamp in UTC when the Secret is scheduled to expire.
labels Mapping[str, str]: The labels assigned to this Secret.
name str: The resource name of the Pub/Sub topic that will be published to.
project str: The ID of the project.
pulumi_labels Mapping[str, str]: The combination of labels configured directly on the resource and default labels configured on the provider.
replications Sequence[GetSecretsSecretReplication]: The replication policy of the secret data attached to the Secret. Structure is documented below.
rotations Sequence[GetSecretsSecretRotation]: The rotation time and period for a Secret. Structure is documented below.
secret_id str: This must be unique within the project.
topics Sequence[GetSecretsSecretTopic]: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
ttl str: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
version_aliases Mapping[str, str]: Mapping from version alias to version name.
version_destroy_ttl str: The version destroy ttl for the secret version.

annotations Map<String>: Custom metadata about the secret.
createTime String: The time at which the Secret was created.
effectiveAnnotations Map<String>
effectiveLabels Map<String>
expireTime String: Timestamp in UTC when the Secret is scheduled to expire.
labels Map<String>: The labels assigned to this Secret.
name String: The resource name of the Pub/Sub topic that will be published to.
project String: The ID of the project.
pulumiLabels Map<String>: The combination of labels configured directly on the resource and default labels configured on the provider.
replications List<Property Map>: The replication policy of the secret data attached to the Secret. Structure is documented below.
rotations List<Property Map>: The rotation time and period for a Secret. Structure is documented below.
secretId String: This must be unique within the project.
topics List<Property Map>: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. Structure is documented below.
ttl String: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s". Only one of 'ttl' or 'expire_time' can be provided.
versionAliases Map<String>: Mapping from version alias to version name.
versionDestroyTtl String: The version destroy ttl for the secret version.

GetSecretsSecretReplication

Autos List<GetSecretsSecretReplicationAuto>: The Secret will automatically be replicated without any restrictions. Structure is documented below.
UserManageds List<GetSecretsSecretReplicationUserManaged>: The Secret will be replicated to the regions specified by the user. Structure is documented below.

Autos []GetSecretsSecretReplicationAuto: The Secret will automatically be replicated without any restrictions. Structure is documented below.
UserManageds []GetSecretsSecretReplicationUserManaged: The Secret will be replicated to the regions specified by the user. Structure is documented below.

autos List<GetSecretsSecretReplicationAuto>: The Secret will automatically be replicated without any restrictions. Structure is documented below.
userManageds List<GetSecretsSecretReplicationUserManaged>: The Secret will be replicated to the regions specified by the user. Structure is documented below.

autos GetSecretsSecretReplicationAuto[]: The Secret will automatically be replicated without any restrictions. Structure is documented below.
userManageds GetSecretsSecretReplicationUserManaged[]: The Secret will be replicated to the regions specified by the user. Structure is documented below.

autos Sequence[GetSecretsSecretReplicationAuto]: The Secret will automatically be replicated without any restrictions. Structure is documented below.
user_manageds Sequence[GetSecretsSecretReplicationUserManaged]: The Secret will be replicated to the regions specified by the user. Structure is documented below.

autos List<Property Map>: The Secret will automatically be replicated without any restrictions. Structure is documented below.
userManageds List<Property Map>: The Secret will be replicated to the regions specified by the user. Structure is documented below.

GetSecretsSecretReplicationAuto

CustomerManagedEncryptions List<GetSecretsSecretReplicationAutoCustomerManagedEncryption>: Customer Managed Encryption for the secret. Structure is documented below.

CustomerManagedEncryptions []GetSecretsSecretReplicationAutoCustomerManagedEncryption: Customer Managed Encryption for the secret. Structure is documented below.

customerManagedEncryptions List<GetSecretsSecretReplicationAutoCustomerManagedEncryption>: Customer Managed Encryption for the secret. Structure is documented below.

customerManagedEncryptions GetSecretsSecretReplicationAutoCustomerManagedEncryption[]: Customer Managed Encryption for the secret. Structure is documented below.

customer_managed_encryptions Sequence[GetSecretsSecretReplicationAutoCustomerManagedEncryption]: Customer Managed Encryption for the secret. Structure is documented below.

customerManagedEncryptions List<Property Map>: Customer Managed Encryption for the secret. Structure is documented below.

GetSecretsSecretReplicationAutoCustomerManagedEncryption

KmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

KmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName String: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kms_key_name str: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName String: Describes the Cloud KMS encryption key that will be used to protect destination secret.

GetSecretsSecretReplicationUserManaged

Replicas List<GetSecretsSecretReplicationUserManagedReplica>: The list of Replicas for this Secret. Structure is documented below.

Replicas []GetSecretsSecretReplicationUserManagedReplica: The list of Replicas for this Secret. Structure is documented below.

replicas List<GetSecretsSecretReplicationUserManagedReplica>: The list of Replicas for this Secret. Structure is documented below.

replicas GetSecretsSecretReplicationUserManagedReplica[]: The list of Replicas for this Secret. Structure is documented below.

replicas Sequence[GetSecretsSecretReplicationUserManagedReplica]: The list of Replicas for this Secret. Structure is documented below.

replicas List<Property Map>: The list of Replicas for this Secret. Structure is documented below.

GetSecretsSecretReplicationUserManagedReplica

CustomerManagedEncryptions List<GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption>: Customer Managed Encryption for the secret. Structure is documented below.
Location string: The canonical IDs of the location to replicate data.

CustomerManagedEncryptions []GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption: Customer Managed Encryption for the secret. Structure is documented below.
Location string: The canonical IDs of the location to replicate data.

customerManagedEncryptions List<GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption>: Customer Managed Encryption for the secret. Structure is documented below.
location String: The canonical IDs of the location to replicate data.

customerManagedEncryptions GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption[]: Customer Managed Encryption for the secret. Structure is documented below.
location string: The canonical IDs of the location to replicate data.

customer_managed_encryptions Sequence[GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption]: Customer Managed Encryption for the secret. Structure is documented below.
location str: The canonical IDs of the location to replicate data.

customerManagedEncryptions List<Property Map>: Customer Managed Encryption for the secret. Structure is documented below.
location String: The canonical IDs of the location to replicate data.

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption

KmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

KmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName String: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName string: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kms_key_name str: Describes the Cloud KMS encryption key that will be used to protect destination secret.

kmsKeyName String: Describes the Cloud KMS encryption key that will be used to protect destination secret.

GetSecretsSecretRotation

NextRotationTime string: Timestamp in UTC at which the Secret is scheduled to rotate.
RotationPeriod string: The Duration between rotation notifications.

NextRotationTime string: Timestamp in UTC at which the Secret is scheduled to rotate.
RotationPeriod string: The Duration between rotation notifications.

nextRotationTime String: Timestamp in UTC at which the Secret is scheduled to rotate.
rotationPeriod String: The Duration between rotation notifications.

nextRotationTime string: Timestamp in UTC at which the Secret is scheduled to rotate.
rotationPeriod string: The Duration between rotation notifications.

next_rotation_time str: Timestamp in UTC at which the Secret is scheduled to rotate.
rotation_period str: The Duration between rotation notifications.

nextRotationTime String: Timestamp in UTC at which the Secret is scheduled to rotate.
rotationPeriod String: The Duration between rotation notifications.

GetSecretsSecretTopic

Name string: The resource name of the Pub/Sub topic that will be published to.

Name string: The resource name of the Pub/Sub topic that will be published to.

name String: The resource name of the Pub/Sub topic that will be published to.

name string: The resource name of the Pub/Sub topic that will be published to.

name str: The resource name of the Pub/Sub topic that will be published to.

name String: The resource name of the Pub/Sub topic that will be published to.

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud v8.23.0 published on Monday, Mar 24, 2025 by Pulumi

pulumi/pulumi-gcp

gcp.secretmanager.getSecrets

On this page

On this page

Example Usage

Using getSecrets

getSecrets Result

Supporting Types

GetSecretsSecret

GetSecretsSecretReplication

GetSecretsSecretReplicationAuto

GetSecretsSecretReplicationAutoCustomerManagedEncryption

GetSecretsSecretReplicationUserManaged

GetSecretsSecretReplicationUserManagedReplica

GetSecretsSecretReplicationUserManagedReplicaCustomerManagedEncryption

GetSecretsSecretRotation

GetSecretsSecretTopic

Package Details

On this page

On this page