Data Source: oci_vault_secret
This data source provides details about a specific Secret resource in Oracle Cloud Infrastructure Vault service.
Gets information about the specified secret.
Example Usage
data "oci_vault_secret" "test_secret" {
#Required
secret_id = oci_vault_secret.test_secret.id
}
Argument Reference
The following arguments are supported:
secret_id
- (Required) The OCID of the secret.
Attributes Reference
The following attributes are exported:
compartment_id
- The OCID of the compartment where you want to create the secret.current_version_number
- The version number of the secret version that’s currently in use.defined_tags
- Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:{"Operations.CostCenter": "42"}
description
- A brief description of the secret. Avoid entering confidential information.freeform_tags
- Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:{"Department": "Finance"}
id
- The OCID of the secret.key_id
- The OCID of the master encryption key that is used to encrypt the secret. You must specify a symmetric key to encrypt the secret during import to the vault. You cannot encrypt secrets with asymmetric keys. Furthermore, the key must exist in the vault that you specify.last_rotation_time
- A property indicating when the secret was last rotated successfully, expressed in RFC 3339 timestamp format. Example:2019-04-03T21:10:29.600Z
lifecycle_details
- Additional information about the current lifecycle state of the secret.metadata
- Additional metadata that you can use to provide context about how to use the secret or during rotation or other administrative tasks. For example, for a secret that you use to connect to a database, the additional metadata might specify the connection endpoint and the connection string. Provide additional metadata as key-value pairs.next_rotation_time
- A property indicating when the secret is scheduled to be rotated, expressed in RFC 3339 timestamp format. Example:2019-04-03T21:10:29.600Z
rotation_config
- Defines the frequency of the rotation and the information about the target systemis_scheduled_rotation_enabled
- Enables auto rotation, when set to true rotationInterval must be set.rotation_interval
- The time interval that indicates the frequency for rotating secret data, as described in ISO 8601 format. The minimum value is 1 day and maximum value is 360 days. For example, if you want to set the time interval for rotating a secret data as 30 days, the duration is expressed as “P30D.”target_system_details
- The TargetSystemDetails provides the targetSystem type and type-specific connection metadataadb_id
- The unique identifier (OCID) for the autonomous database that Vault Secret connects to.function_id
- The unique identifier (OCID) of the Oracle Cloud Infrastructure Functions that vault secret connects to.target_system_type
- Unique identifier of the target system that Vault Secret connects to.
rotation_status
- Additional information about the status of the secret rotationsecret_name
- The user-friendly name of the secret. Avoid entering confidential information.secret_rules
- A list of rules that control how the secret is used and managed.is_enforced_on_deleted_secret_versions
- A property indicating whether the rule is applied even if the secret version with the content you are trying to reuse was deleted.is_secret_content_retrieval_blocked_on_expiry
- A property indicating whether to block retrieval of the secret content, on expiry. The default is false. If the secret has already expired and you would like to retrieve the secret contents, you need to edit the secret rule to disable this property, to allow reading the secret content.rule_type
- The type of rule, which either controls when the secret contents expire or whether they can be reused.secret_version_expiry_interval
- A property indicating how long the secret contents will be considered valid, expressed in ISO 8601 format. The secret needs to be updated when the secret content expires. The timer resets after you update the secret contents. The minimum value is 1 day and the maximum value is 90 days for this property. Currently, only intervals expressed in days are supported. For example, passP3D
to have the secret version expire every 3 days.time_of_absolute_expiry
- An optional property indicating the absolute time when this secret will expire, expressed in RFC 3339 timestamp format. The minimum number of days from current time is 1 day and the maximum number of days from current time is 365 days. Example:2019-04-03T21:10:29.600Z
state
- The current lifecycle state of the secret.time_created
- A property indicating when the secret was created, expressed in RFC 3339 timestamp format. Example:2019-04-03T21:10:29.600Z
time_of_current_version_expiry
- An optional property indicating when the current secret version will expire, expressed in RFC 3339 timestamp format. Example:2019-04-03T21:10:29.600Z
time_of_deletion
- An optional property indicating when to delete the secret, expressed in RFC 3339 timestamp format. Example:2019-04-03T21:10:29.600Z
vault_id
- The OCID of the Vault in which the secret exists