Secrets
Contents
Secrets
Secrets represent a piece of sensitive data that a user wants to keep away from other users of the platform, but wants to be used by different resources deployed on a cloud provider. These secrets can be added to a key vault already deployed on a cloud provider. Secrets can have different versions which each one represents a different value for a specific secret, normally related to a time mark. These versions can be deployed inside a secret on a cloud provider.
Show secret
GET /v3/secret/secrets/:id
This action returns information about the secret identified by the given id.
Inputs
None
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| name | String | Logical name of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| state | String | State of the secret. It can be one of these values: start, deploying, available, decommissioning, stalled, updating_versions, updating_error, end. |
| brownfield | Boolean | Flag indicating if the secret has been imported from a cloud account (true) or created using IMCO (false). |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. |
| resource_type | String | An identifier for the type of resource, specifically "secret". |
Create secret
POST /v3/secret/key_vaults/:key_vault_id/secrets
This action creates a new secret inside the key vault identified by the given id.
Inputs
| Field | Type | Description | Required |
|---|---|---|---|
| name | String | Logical name of the secret. | Yes |
| content | String | Unencrypted content that the user wants to securely store on the cloud | Yes |
| label_ids | Array of strings | List of ids corresponding to the labels to assign to the secret. | No |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. | No |
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| name | String | Logical name of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| state | String | State of the secret. It can be one of these values: start, deploying, available, decommissioning, stalled, updating_versions, updating_error, end. |
| brownfield | Boolean | Flag indicating if the secret has been imported from a cloud account (true) or created using IMCO (false). |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. |
| resource_type | String | An identifier for the type of resource, specifically "secret". |
Update secret
PUT /v3/secret/secrets/:id
This action modifies the secret with the given parameters.
Inputs
| Field | Type | Description | Required |
|---|---|---|---|
| name | String | Logical name of the secret. | No |
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| name | String | Logical name of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| state | String | State of the secret. It can be one of these values: start, deploying, available, decommissioning, stalled, updating_versions, updating_error, end. |
| brownfield | Boolean | Flag indicating if the secret has been imported from a cloud account (true) or created using IMCO (false). |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. |
| resource_type | String | An identifier for the type of resource, specifically "secret". |
Delete secret
DELETE /v3/secret/secrets/:id
This action deletes the secret with the given id.
Inputs
None
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| name | String | Logical name of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| state | String | State of the secret. It can be one of these values: start, deploying, available, decommissioning, stalled, updating_versions, updating_error, end. |
| brownfield | Boolean | Flag indicating if the secret has been imported from a cloud account (true) or created using IMCO (false). |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. |
| resource_type | String | An identifier for the type of resource, specifically "secret". |
Retry secret
PUT /v3/secret/secrets/:id/retry
This action retries the application of a secret with the given id on IMCO.
Inputs
None
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| name | String | Logical name of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| state | String | State of the secret. It can be one of these values: start, deploying, available, decommissioning, stalled, updating_versions, updating_error, end. |
| brownfield | Boolean | Flag indicating if the secret has been imported from a cloud account (true) or created using IMCO (false). |
| desired_remote_id | String | Identifier that the user wants to have as Identifier of the resource on the cloud. |
| resource_type | String | An identifier for the type of resource, specifically "secret". |
List secret versions of a secret
GET /v3/secret/secrets/:secret_id/versions
This action lists all secret versions of a secret identified by the given id on IMCO.
Inputs
None
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| last | Boolean | Flag indicating whether this secret version is the last version of a secret (true) or not (false). |
| resource_type | String | An identifier for the type of resource, specifically "secret_version". |
Create secret version of a secret
POST /v3/secret/secrets/:secret_id/versions
This action creates a new version of a secret identified by the given id on IMCO.
Inputs
| Field | Type | Description | Required |
|---|---|---|---|
| content | String | Unencrypted content that the user wants to securely store on the cloud | Yes |
Returns
| Field | Type | Description |
|---|---|---|
| id | String | Identifier of the secret. |
| key vault_id | String | Identifier of the key vault which the secret belongs. |
| remote_id | String | Identifier of the secret on the cloud provider. |
| last | Boolean | Flag indicating whether this secret version is the last version of a secret (true) or not (false). |
| resource_type | String | An identifier for the type of resource, specifically "secret_version". |