1. Packages
  2. Ibm Provider
  3. API Docs
  4. getSmIamCredentialsSecret
ibm 1.77.1 published on Monday, Apr 14, 2025 by ibm-cloud

ibm.getSmIamCredentialsSecret

Explore with Pulumi AI

Provides a read-only data source for an IAM credentials secret. You can then reference the fields of the data source in other resources within the same configuration using interpolation syntax. The data source can be defined by providing the secret ID or the secret and secret group names.

Example Usage

By secret id

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const iamSecret = ibm.getSmIamCredentialsSecret({
    instanceId: ibm_resource_instance.sm_instance.guid,
    region: "us-south",
    secretId: "0b5571f7-21e6-42b7-91c5-3f5ac9793a46",
});
Copy
import pulumi
import pulumi_ibm as ibm

iam_secret = ibm.get_sm_iam_credentials_secret(instance_id=ibm_resource_instance["sm_instance"]["guid"],
    region="us-south",
    secret_id="0b5571f7-21e6-42b7-91c5-3f5ac9793a46")
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.LookupSmIamCredentialsSecret(ctx, &ibm.LookupSmIamCredentialsSecretArgs{
			InstanceId: ibm_resource_instance.Sm_instance.Guid,
			Region:     pulumi.StringRef("us-south"),
			SecretId:   pulumi.StringRef("0b5571f7-21e6-42b7-91c5-3f5ac9793a46"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var iamSecret = Ibm.GetSmIamCredentialsSecret.Invoke(new()
    {
        InstanceId = ibm_resource_instance.Sm_instance.Guid,
        Region = "us-south",
        SecretId = "0b5571f7-21e6-42b7-91c5-3f5ac9793a46",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetSmIamCredentialsSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var iamSecret = IbmFunctions.getSmIamCredentialsSecret(GetSmIamCredentialsSecretArgs.builder()
            .instanceId(ibm_resource_instance.sm_instance().guid())
            .region("us-south")
            .secretId("0b5571f7-21e6-42b7-91c5-3f5ac9793a46")
            .build());

    }
}
Copy
variables:
  iamSecret:
    fn::invoke:
      function: ibm:getSmIamCredentialsSecret
      arguments:
        instanceId: ${ibm_resource_instance.sm_instance.guid}
        region: us-south
        secretId: 0b5571f7-21e6-42b7-91c5-3f5ac9793a46
Copy

By secret name and group name

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const iamSecret = ibm.getSmIamCredentialsSecret({
    instanceId: ibm_resource_instance.sm_instance.guid,
    region: "us-south",
    name: "secret-name",
    secretGroupName: "group-name",
});
Copy
import pulumi
import pulumi_ibm as ibm

iam_secret = ibm.get_sm_iam_credentials_secret(instance_id=ibm_resource_instance["sm_instance"]["guid"],
    region="us-south",
    name="secret-name",
    secret_group_name="group-name")
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.LookupSmIamCredentialsSecret(ctx, &ibm.LookupSmIamCredentialsSecretArgs{
			InstanceId:      ibm_resource_instance.Sm_instance.Guid,
			Region:          pulumi.StringRef("us-south"),
			Name:            pulumi.StringRef("secret-name"),
			SecretGroupName: pulumi.StringRef("group-name"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var iamSecret = Ibm.GetSmIamCredentialsSecret.Invoke(new()
    {
        InstanceId = ibm_resource_instance.Sm_instance.Guid,
        Region = "us-south",
        Name = "secret-name",
        SecretGroupName = "group-name",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetSmIamCredentialsSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var iamSecret = IbmFunctions.getSmIamCredentialsSecret(GetSmIamCredentialsSecretArgs.builder()
            .instanceId(ibm_resource_instance.sm_instance().guid())
            .region("us-south")
            .name("secret-name")
            .secretGroupName("group-name")
            .build());

    }
}
Copy
variables:
  iamSecret:
    fn::invoke:
      function: ibm:getSmIamCredentialsSecret
      arguments:
        instanceId: ${ibm_resource_instance.sm_instance.guid}
        region: us-south
        name: secret-name
        secretGroupName: group-name
Copy

Using getSmIamCredentialsSecret

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSmIamCredentialsSecret(args: GetSmIamCredentialsSecretArgs, opts?: InvokeOptions): Promise<GetSmIamCredentialsSecretResult>
function getSmIamCredentialsSecretOutput(args: GetSmIamCredentialsSecretOutputArgs, opts?: InvokeOptions): Output<GetSmIamCredentialsSecretResult>
Copy
def get_sm_iam_credentials_secret(endpoint_type: Optional[str] = None,
                                  id: Optional[str] = None,
                                  instance_id: Optional[str] = None,
                                  name: Optional[str] = None,
                                  region: Optional[str] = None,
                                  secret_group_name: Optional[str] = None,
                                  secret_id: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetSmIamCredentialsSecretResult
def get_sm_iam_credentials_secret_output(endpoint_type: Optional[pulumi.Input[str]] = None,
                                  id: Optional[pulumi.Input[str]] = None,
                                  instance_id: Optional[pulumi.Input[str]] = None,
                                  name: Optional[pulumi.Input[str]] = None,
                                  region: Optional[pulumi.Input[str]] = None,
                                  secret_group_name: Optional[pulumi.Input[str]] = None,
                                  secret_id: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetSmIamCredentialsSecretResult]
Copy
func LookupSmIamCredentialsSecret(ctx *Context, args *LookupSmIamCredentialsSecretArgs, opts ...InvokeOption) (*LookupSmIamCredentialsSecretResult, error)
func LookupSmIamCredentialsSecretOutput(ctx *Context, args *LookupSmIamCredentialsSecretOutputArgs, opts ...InvokeOption) LookupSmIamCredentialsSecretResultOutput
Copy

> Note: This function is named LookupSmIamCredentialsSecret in the Go SDK.

public static class GetSmIamCredentialsSecret 
{
    public static Task<GetSmIamCredentialsSecretResult> InvokeAsync(GetSmIamCredentialsSecretArgs args, InvokeOptions? opts = null)
    public static Output<GetSmIamCredentialsSecretResult> Invoke(GetSmIamCredentialsSecretInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetSmIamCredentialsSecretResult> getSmIamCredentialsSecret(GetSmIamCredentialsSecretArgs args, InvokeOptions options)
public static Output<GetSmIamCredentialsSecretResult> getSmIamCredentialsSecret(GetSmIamCredentialsSecretArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: ibm:index/getSmIamCredentialsSecret:getSmIamCredentialsSecret
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

InstanceId This property is required. string
The GUID of the Secrets Manager instance.
EndpointType string
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
Id string
Name string
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
Region string
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
SecretGroupName string
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
SecretId string
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.
InstanceId This property is required. string
The GUID of the Secrets Manager instance.
EndpointType string
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
Id string
Name string
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
Region string
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
SecretGroupName string
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
SecretId string
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.
instanceId This property is required. String
The GUID of the Secrets Manager instance.
endpointType String
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
id String
name String
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
region String
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
secretGroupName String
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
secretId String
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.
instanceId This property is required. string
The GUID of the Secrets Manager instance.
endpointType string
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
id string
name string
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
region string
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
secretGroupName string
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
secretId string
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.
instance_id This property is required. str
The GUID of the Secrets Manager instance.
endpoint_type str
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
id str
name str
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
region str
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
secret_group_name str
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
secret_id str
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.
instanceId This property is required. String
The GUID of the Secrets Manager instance.
endpointType String
The endpoint type. If not provided the endpoint type is determined by the visibility argument provided in the provider configuration.

  • Constraints: Allowable values are: private, public.
id String
name String
The human-readable name of your secret. To be used in combination with secret_group_name.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters. The value must match regular expression ^[A-Za-z0-9][A-Za-z0-9]*(?:_*-*\\.*[A-Za-z0-9]+)*$.
region String
The region of the Secrets Manager instance. If not provided defaults to the region defined in the IBM provider configuration.
secretGroupName String
The name of your existing secret group. To be used in combination with name.

  • Constraints: The maximum length is 64 characters. The minimum length is 2 characters. The value must match regular expression /(.*?)/.
secretId String
The ID of the secret.

  • Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/.

getSmIamCredentialsSecret Result

The following output properties are available:

AccessGroups List<string>
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
AccountId string
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
ApiKey string
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
ApiKeyId string
(String) The ID of the API key that is generated for this secret.
CreatedAt string
(String) The date when a resource was created. The date format follows RFC 3339.
CreatedBy string
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
Crn string
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
CustomMetadata Dictionary<string, string>
(Map) The secret metadata that a user can customize.
Description string
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
Downloaded bool
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
ExpirationDate string
(String) The date a secret is expired. The date format follows RFC 3339.
Id string
InstanceId string
Labels List<string>
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
LocksTotal double
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
Name string
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
NextRotationDate string
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
Region string
ReuseApiKey bool
Rotations List<GetSmIamCredentialsSecretRotation>
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
SecretGroupId string
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
SecretId string
SecretType string
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
ServiceId string
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
ServiceIdIsStatic bool
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
State double
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
StateDescription string
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
Ttl string
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
UpdatedAt string
(String) The date when a resource was recently modified. The date format follows RFC 3339.
VersionsTotal double
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
EndpointType string
SecretGroupName string
AccessGroups []string
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
AccountId string
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
ApiKey string
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
ApiKeyId string
(String) The ID of the API key that is generated for this secret.
CreatedAt string
(String) The date when a resource was created. The date format follows RFC 3339.
CreatedBy string
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
Crn string
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
CustomMetadata map[string]string
(Map) The secret metadata that a user can customize.
Description string
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
Downloaded bool
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
ExpirationDate string
(String) The date a secret is expired. The date format follows RFC 3339.
Id string
InstanceId string
Labels []string
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
LocksTotal float64
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
Name string
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
NextRotationDate string
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
Region string
ReuseApiKey bool
Rotations []GetSmIamCredentialsSecretRotation
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
SecretGroupId string
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
SecretId string
SecretType string
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
ServiceId string
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
ServiceIdIsStatic bool
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
State float64
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
StateDescription string
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
Ttl string
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
UpdatedAt string
(String) The date when a resource was recently modified. The date format follows RFC 3339.
VersionsTotal float64
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
EndpointType string
SecretGroupName string
accessGroups List<String>
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
accountId String
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
apiKey String
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
apiKeyId String
(String) The ID of the API key that is generated for this secret.
createdAt String
(String) The date when a resource was created. The date format follows RFC 3339.
createdBy String
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
crn String
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
customMetadata Map<String,String>
(Map) The secret metadata that a user can customize.
description String
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
downloaded Boolean
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
expirationDate String
(String) The date a secret is expired. The date format follows RFC 3339.
id String
instanceId String
labels List<String>
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
locksTotal Double
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
name String
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
nextRotationDate String
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
region String
reuseApiKey Boolean
rotations List<GetSmIamCredentialsSecretRotation>
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
secretGroupId String
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
secretId String
secretType String
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
serviceId String
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
serviceIdIsStatic Boolean
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
state Double
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
stateDescription String
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
ttl String
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
updatedAt String
(String) The date when a resource was recently modified. The date format follows RFC 3339.
versionsTotal Double
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
endpointType String
secretGroupName String
accessGroups string[]
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
accountId string
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
apiKey string
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
apiKeyId string
(String) The ID of the API key that is generated for this secret.
createdAt string
(String) The date when a resource was created. The date format follows RFC 3339.
createdBy string
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
crn string
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
customMetadata {[key: string]: string}
(Map) The secret metadata that a user can customize.
description string
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
downloaded boolean
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
expirationDate string
(String) The date a secret is expired. The date format follows RFC 3339.
id string
instanceId string
labels string[]
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
locksTotal number
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
name string
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
nextRotationDate string
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
region string
reuseApiKey boolean
rotations GetSmIamCredentialsSecretRotation[]
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
secretGroupId string
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
secretId string
secretType string
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
serviceId string
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
serviceIdIsStatic boolean
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
state number
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
stateDescription string
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
ttl string
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
updatedAt string
(String) The date when a resource was recently modified. The date format follows RFC 3339.
versionsTotal number
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
endpointType string
secretGroupName string
access_groups Sequence[str]
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
account_id str
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
api_key str
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
api_key_id str
(String) The ID of the API key that is generated for this secret.
created_at str
(String) The date when a resource was created. The date format follows RFC 3339.
created_by str
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
crn str
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
custom_metadata Mapping[str, str]
(Map) The secret metadata that a user can customize.
description str
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
downloaded bool
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
expiration_date str
(String) The date a secret is expired. The date format follows RFC 3339.
id str
instance_id str
labels Sequence[str]
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
locks_total float
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
name str
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
next_rotation_date str
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
region str
reuse_api_key bool
rotations Sequence[GetSmIamCredentialsSecretRotation]
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
secret_group_id str
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
secret_id str
secret_type str
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
service_id str
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
service_id_is_static bool
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
state float
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
state_description str
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
ttl str
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
updated_at str
(String) The date when a resource was recently modified. The date format follows RFC 3339.
versions_total float
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
endpoint_type str
secret_group_name str
accessGroups List<String>
(List) Access Groups that you can use for an iam_credentials secret.Up to 10 Access Groups can be used for each secret.

  • Constraints: The list items must match regular expression /^AccessGroupId-[a-z0-9-]+[a-z0-9]$/. The maximum length is 10 items. The minimum length is 1 item.
accountId String
(String) The ID of the account in which the IAM credentials are created. This field is omitted if the target account is the same as the account of the Secrets Manager instance.
apiKey String
(String) The API key that is generated for this secret. After the secret reaches the end of its lease (see the ttl field), the API key is deleted automatically.

  • Constraints: The maximum length is 60 characters. The minimum length is 5 characters. The value must match regular expression /^(?:[A-Za-z0-9_\\-]{4})*(?:[A-Za-z0-9_\\-]{2}==|[A-Za-z0-9_\\-]{3}=)?$/.
apiKeyId String
(String) The ID of the API key that is generated for this secret.
createdAt String
(String) The date when a resource was created. The date format follows RFC 3339.
createdBy String
(String) The unique identifier that is associated with the entity that created the secret.

  • Constraints: The maximum length is 128 characters. The minimum length is 4 characters.
crn String
(String) A CRN that uniquely identifies an IBM Cloud resource.

  • Constraints: The maximum length is 512 characters. The minimum length is 9 characters. The value must match regular expression /^crn:v0-9*+,;=@\/]|%[0-9A-Z]{2})*){8}$/.
customMetadata Map<String>
(Map) The secret metadata that a user can customize.
description String
(String) An extended description of your secret.To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.

  • Constraints: The maximum length is 1024 characters. The minimum length is 0 characters. The value must match regular expression /(.*?)/.
downloaded Boolean
(Boolean) Indicates whether the secret data that is associated with a secret version was retrieved in a call to the service API.
expirationDate String
(String) The date a secret is expired. The date format follows RFC 3339.
id String
instanceId String
labels List<String>
(List) Labels that you can use to search for secrets in your instance.Up to 30 labels can be created.

  • Constraints: The list items must match regular expression /(.*?)/. The maximum length is 30 items. The minimum length is 0 items.
locksTotal Number
(Integer) The number of locks of the secret.

  • Constraints: The maximum value is 1000. The minimum value is 0.
name String
(String) The human-readable name of your secret.

  • Constraints: The maximum length is 256 characters. The minimum length is 2 characters.
nextRotationDate String
(String) The date that the secret is scheduled for automatic rotation.The service automatically creates a new version of the secret on its next rotation date. This field exists only for secrets that have an existing rotation policy.
region String
reuseApiKey Boolean
rotations List<Property Map>
(List) Determines whether Secrets Manager rotates your secrets automatically. Nested scheme for rotation:
secretGroupId String
(String) A UUID identifier, or default secret group.

  • Constraints: The maximum length is 36 characters. The minimum length is 7 characters. The value must match regular expression /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|default)$/.
secretId String
secretType String
(String) The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials.

  • Constraints: Allowable values are: arbitrary, imported_cert, public_cert, iam_credentials, kv, username_password, private_cert.
serviceId String
(String) The service ID under which the API key (see the api_key field) is created.If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds it to the access groups that you assign.Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the access_groups parameter.

  • Constraints: The maximum length is 50 characters. The minimum length is 40 characters. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9]*(?:-?[A-Za-z0-9]+)*$/.
serviceIdIsStatic Boolean
(Boolean) Indicates whether an iam_credentials secret was created with a static service ID.If it is set to true, the service ID for the secret was provided by the user at secret creation. If it is set to false, the service ID was generated by Secrets Manager.
state Number
(Integer) The secret state that is based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0, Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.

  • Constraints: Allowable values are: 0, 1, 2, 3, 5.
stateDescription String
(String) A text representation of the secret state.

  • Constraints: Allowable values are: pre_activation, active, suspended, deactivated, destroyed.
ttl String
(String) The time-to-live (TTL) or lease duration to assign to generated credentials.For iam_credentials secrets, the TTL defines for how long each generated API key remains valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as 120m or 24h.Minimum duration is 1 minute. Maximum is 90 days.

  • Constraints: The maximum length is 10 characters. The minimum length is 2 characters. The value must match regular expression /^[0-9]+[s,m,h,d]{0,1}$/.
updatedAt String
(String) The date when a resource was recently modified. The date format follows RFC 3339.
versionsTotal Number
(Integer) The number of versions of the secret.

  • Constraints: The maximum value is 50. The minimum value is 0.
endpointType String
secretGroupName String

Supporting Types

GetSmIamCredentialsSecretRotation

AutoRotate This property is required. bool
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
Interval This property is required. double
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
Unit This property is required. string
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.
AutoRotate This property is required. bool
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
Interval This property is required. float64
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
Unit This property is required. string
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.
autoRotate This property is required. Boolean
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
interval This property is required. Double
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
unit This property is required. String
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.
autoRotate This property is required. boolean
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
interval This property is required. number
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
unit This property is required. string
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.
auto_rotate This property is required. bool
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
interval This property is required. float
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
unit This property is required. str
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.
autoRotate This property is required. Boolean
(Boolean) Determines whether Secrets Manager rotates your secret automatically.Default is false. If auto_rotate is set to true the service rotates your secret based on the defined interval.
interval This property is required. Number
(Integer) The length of the secret rotation time interval.

  • Constraints: The minimum value is 1.
unit This property is required. String
(String) The units for the secret rotation time interval.

  • Constraints: Allowable values are: day, month.

Package Details

Repository
ibm ibm-cloud/terraform-provider-ibm
License
Notes
This Pulumi package is based on the ibm Terraform Provider.