alicloud_kms_plaintext

Decrypt a given ciphertext with KMS to use the resulting plaintext in resources.

Example Usage

resource "alicloud_kms_key" "key" {
  description             = "example key"
  is_enabled              = true
}

# Encrypt plaintext 'example'
resource "alicloud_kms_ciphertext" "encrypted" {
  key_id    = alicloud_kms_key.key.id
  plaintext = "example"
}

# Decrypt encrypted ciphertext
data "alicloud_kms_plaintext" "plaintext" {
  ciphertext_blob = alicloud_kms_ciphertext.encrypted.ciphertext_blob
}

# Output 'example' should match the plaintext encrypted in the beginning
output "decrypted" {
  value = data.alicloud_kms_plaintext.plaintext.plaintext
}

Argument Reference

The following arguments are supported:

Attributes Reference

The following attributes are exported in addition to the arguments listed above: