oci_vault_secret

This resource provides the Secret resource in Oracle Cloud Infrastructure Vault service.

Creates a new secret according to the details of the request.

Example Usage

resource "oci_vault_secret" "test_secret" {
    #Required
    compartment_id = var.compartment_id
    secret_content {
        #Required
        content_type = var.secret_secret_content_content_type

        #Optional
        content = var.secret_secret_content_content
        name = var.secret_secret_content_name
        stage = var.secret_secret_content_stage
    }
    secret_name = oci_vault_secret.test_secret.name
    vault_id = oci_kms_vault.test_vault.id

    #Optional
    defined_tags = {"Operations.CostCenter"= "42"}
    description = var.secret_description
    freeform_tags = {"Department"= "Finance"}
    key_id = oci_kms_key.test_key.id
    metadata = var.secret_metadata
    rotation_config {
        #Required
        target_system_details {
            #Required
            target_system_type = var.secret_rotation_config_target_system_details_target_system_type

            #Optional
            adb_id = oci_vault_adb.test_adb.id
            function_id = oci_functions_function.test_function.id
        }

        #Optional
        is_scheduled_rotation_enabled = var.secret_rotation_config_is_scheduled_rotation_enabled
        rotation_interval = var.secret_rotation_config_rotation_interval
    }
    secret_content {
        #Required
        content_type = var.secret_secret_content_content_type

        #Optional
        content = var.secret_secret_content_content
        name = var.secret_secret_content_name
        stage = var.secret_secret_content_stage
    }
    secret_rules {
        #Required
        rule_type = var.secret_secret_rules_rule_type

        #Optional
        is_enforced_on_deleted_secret_versions = var.secret_secret_rules_is_enforced_on_deleted_secret_versions
        is_secret_content_retrieval_blocked_on_expiry = var.secret_secret_rules_is_secret_content_retrieval_blocked_on_expiry
        secret_version_expiry_interval = var.secret_secret_rules_secret_version_expiry_interval
        time_of_absolute_expiry = var.secret_secret_rules_time_of_absolute_expiry
    }
}

Argument Reference

The following arguments are supported:

* IMPORTANT * Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Attributes Reference

The following attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain operations: * create - (Defaults to 20 minutes), when creating the Secret * update - (Defaults to 20 minutes), when updating the Secret * delete - (Defaults to 20 minutes), when destroying the Secret

Import

Secrets can be imported using the id, e.g.

$ terraform import oci_vault_secret.test_secret "id"