Harness v0.5.7, Mar 8 25

Harness v0.5.7 published on Saturday, Mar 8, 2025 by Pulumi

harness.platform.AwsSecretManagerConnector

Explore with Pulumi AI

Harness v0.5.7 published on Saturday, Mar 8, 2025 by Pulumi

pulumi/pulumi-harness

Example Usage

Create AwsSecretManagerConnector Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AwsSecretManagerConnector(name: string, args: AwsSecretManagerConnectorArgs, opts?: CustomResourceOptions);

@overload
def AwsSecretManagerConnector(resource_name: str,
                              args: AwsSecretManagerConnectorArgs,
                              opts: Optional[ResourceOptions] = None)

@overload
def AwsSecretManagerConnector(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              credentials: Optional[AwsSecretManagerConnectorCredentialsArgs] = None,
                              region: Optional[str] = None,
                              identifier: Optional[str] = None,
                              description: Optional[str] = None,
                              execute_on_delegate: Optional[bool] = None,
                              force_delete_without_recovery: Optional[bool] = None,
                              delegate_selectors: Optional[Sequence[str]] = None,
                              name: Optional[str] = None,
                              org_id: Optional[str] = None,
                              project_id: Optional[str] = None,
                              recovery_window_in_days: Optional[int] = None,
                              default: Optional[bool] = None,
                              secret_name_prefix: Optional[str] = None,
                              tags: Optional[Sequence[str]] = None,
                              use_put_secret: Optional[bool] = None)

func NewAwsSecretManagerConnector(ctx *Context, name string, args AwsSecretManagerConnectorArgs, opts ...ResourceOption) (*AwsSecretManagerConnector, error)

public AwsSecretManagerConnector(string name, AwsSecretManagerConnectorArgs args, CustomResourceOptions? opts = null)

public AwsSecretManagerConnector(String name, AwsSecretManagerConnectorArgs args)
public AwsSecretManagerConnector(String name, AwsSecretManagerConnectorArgs args, CustomResourceOptions options)

type: harness:platform:AwsSecretManagerConnector
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AwsSecretManagerConnectorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AwsSecretManagerConnectorArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AwsSecretManagerConnectorArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AwsSecretManagerConnectorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AwsSecretManagerConnectorArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var awsSecretManagerConnectorResource = new Harness.Platform.AwsSecretManagerConnector("awsSecretManagerConnectorResource", new()
{
    Credentials = new Harness.Platform.Inputs.AwsSecretManagerConnectorCredentialsArgs
    {
        AssumeRole = new Harness.Platform.Inputs.AwsSecretManagerConnectorCredentialsAssumeRoleArgs
        {
            Duration = 0,
            RoleArn = "string",
            ExternalId = "string",
        },
        InheritFromDelegate = false,
        Manual = new Harness.Platform.Inputs.AwsSecretManagerConnectorCredentialsManualArgs
        {
            SecretKeyRef = "string",
            AccessKeyPlainText = "string",
            AccessKeyRef = "string",
        },
        OidcAuthentication = new Harness.Platform.Inputs.AwsSecretManagerConnectorCredentialsOidcAuthenticationArgs
        {
            IamRoleArn = "string",
        },
    },
    Region = "string",
    Identifier = "string",
    Description = "string",
    ExecuteOnDelegate = false,
    ForceDeleteWithoutRecovery = false,
    DelegateSelectors = new[]
    {
        "string",
    },
    Name = "string",
    OrgId = "string",
    ProjectId = "string",
    RecoveryWindowInDays = 0,
    Default = false,
    SecretNamePrefix = "string",
    Tags = new[]
    {
        "string",
    },
    UsePutSecret = false,
});

example, err := platform.NewAwsSecretManagerConnector(ctx, "awsSecretManagerConnectorResource", &platform.AwsSecretManagerConnectorArgs{
	Credentials: &platform.AwsSecretManagerConnectorCredentialsArgs{
		AssumeRole: &platform.AwsSecretManagerConnectorCredentialsAssumeRoleArgs{
			Duration:   pulumi.Int(0),
			RoleArn:    pulumi.String("string"),
			ExternalId: pulumi.String("string"),
		},
		InheritFromDelegate: pulumi.Bool(false),
		Manual: &platform.AwsSecretManagerConnectorCredentialsManualArgs{
			SecretKeyRef:       pulumi.String("string"),
			AccessKeyPlainText: pulumi.String("string"),
			AccessKeyRef:       pulumi.String("string"),
		},
		OidcAuthentication: &platform.AwsSecretManagerConnectorCredentialsOidcAuthenticationArgs{
			IamRoleArn: pulumi.String("string"),
		},
	},
	Region:                     pulumi.String("string"),
	Identifier:                 pulumi.String("string"),
	Description:                pulumi.String("string"),
	ExecuteOnDelegate:          pulumi.Bool(false),
	ForceDeleteWithoutRecovery: pulumi.Bool(false),
	DelegateSelectors: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:                 pulumi.String("string"),
	OrgId:                pulumi.String("string"),
	ProjectId:            pulumi.String("string"),
	RecoveryWindowInDays: pulumi.Int(0),
	Default:              pulumi.Bool(false),
	SecretNamePrefix:     pulumi.String("string"),
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
	UsePutSecret: pulumi.Bool(false),
})

var awsSecretManagerConnectorResource = new AwsSecretManagerConnector("awsSecretManagerConnectorResource", AwsSecretManagerConnectorArgs.builder()
    .credentials(AwsSecretManagerConnectorCredentialsArgs.builder()
        .assumeRole(AwsSecretManagerConnectorCredentialsAssumeRoleArgs.builder()
            .duration(0)
            .roleArn("string")
            .externalId("string")
            .build())
        .inheritFromDelegate(false)
        .manual(AwsSecretManagerConnectorCredentialsManualArgs.builder()
            .secretKeyRef("string")
            .accessKeyPlainText("string")
            .accessKeyRef("string")
            .build())
        .oidcAuthentication(AwsSecretManagerConnectorCredentialsOidcAuthenticationArgs.builder()
            .iamRoleArn("string")
            .build())
        .build())
    .region("string")
    .identifier("string")
    .description("string")
    .executeOnDelegate(false)
    .forceDeleteWithoutRecovery(false)
    .delegateSelectors("string")
    .name("string")
    .orgId("string")
    .projectId("string")
    .recoveryWindowInDays(0)
    .default_(false)
    .secretNamePrefix("string")
    .tags("string")
    .usePutSecret(false)
    .build());

aws_secret_manager_connector_resource = harness.platform.AwsSecretManagerConnector("awsSecretManagerConnectorResource",
    credentials={
        "assume_role": {
            "duration": 0,
            "role_arn": "string",
            "external_id": "string",
        },
        "inherit_from_delegate": False,
        "manual": {
            "secret_key_ref": "string",
            "access_key_plain_text": "string",
            "access_key_ref": "string",
        },
        "oidc_authentication": {
            "iam_role_arn": "string",
        },
    },
    region="string",
    identifier="string",
    description="string",
    execute_on_delegate=False,
    force_delete_without_recovery=False,
    delegate_selectors=["string"],
    name="string",
    org_id="string",
    project_id="string",
    recovery_window_in_days=0,
    default=False,
    secret_name_prefix="string",
    tags=["string"],
    use_put_secret=False)

const awsSecretManagerConnectorResource = new harness.platform.AwsSecretManagerConnector("awsSecretManagerConnectorResource", {
    credentials: {
        assumeRole: {
            duration: 0,
            roleArn: "string",
            externalId: "string",
        },
        inheritFromDelegate: false,
        manual: {
            secretKeyRef: "string",
            accessKeyPlainText: "string",
            accessKeyRef: "string",
        },
        oidcAuthentication: {
            iamRoleArn: "string",
        },
    },
    region: "string",
    identifier: "string",
    description: "string",
    executeOnDelegate: false,
    forceDeleteWithoutRecovery: false,
    delegateSelectors: ["string"],
    name: "string",
    orgId: "string",
    projectId: "string",
    recoveryWindowInDays: 0,
    "default": false,
    secretNamePrefix: "string",
    tags: ["string"],
    usePutSecret: false,
});

type: harness:platform:AwsSecretManagerConnector
properties:
    credentials:
        assumeRole:
            duration: 0
            externalId: string
            roleArn: string
        inheritFromDelegate: false
        manual:
            accessKeyPlainText: string
            accessKeyRef: string
            secretKeyRef: string
        oidcAuthentication:
            iamRoleArn: string
    default: false
    delegateSelectors:
        - string
    description: string
    executeOnDelegate: false
    forceDeleteWithoutRecovery: false
    identifier: string
    name: string
    orgId: string
    projectId: string
    recoveryWindowInDays: 0
    region: string
    secretNamePrefix: string
    tags:
        - string
    usePutSecret: false

AwsSecretManagerConnector Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AwsSecretManagerConnector resource accepts the following input properties:

Credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
Identifier string: Unique identifier of the resource.
Region string: The AWS region where the AWS Secret Manager is.
Default bool: Use as Default Secrets Manager.
DelegateSelectors List<string>: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Run the operation on the delegate or harness platform.
ForceDeleteWithoutRecovery bool: Whether to force delete secret value or not.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
RecoveryWindowInDays int: recovery duration in days in AWS Secrets Manager.
SecretNamePrefix string: A prefix to be added to all secrets.
Tags List<string>: Tags to associate with the resource.
UsePutSecret bool: Whether to update secret value using putSecretValue action.

Credentials AwsSecretManagerConnectorCredentialsArgs: Credentials to connect to AWS.
Identifier string: Unique identifier of the resource.
Region string: The AWS region where the AWS Secret Manager is.
Default bool: Use as Default Secrets Manager.
DelegateSelectors []string: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Run the operation on the delegate or harness platform.
ForceDeleteWithoutRecovery bool: Whether to force delete secret value or not.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
RecoveryWindowInDays int: recovery duration in days in AWS Secrets Manager.
SecretNamePrefix string: A prefix to be added to all secrets.
Tags []string: Tags to associate with the resource.
UsePutSecret bool: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
identifier String: Unique identifier of the resource.
region String: The AWS region where the AWS Secret Manager is.
default_ Boolean: Use as Default Secrets Manager.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery Boolean: Whether to force delete secret value or not.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
recoveryWindowInDays Integer: recovery duration in days in AWS Secrets Manager.
secretNamePrefix String: A prefix to be added to all secrets.
tags List<String>: Tags to associate with the resource.
usePutSecret Boolean: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
identifier string: Unique identifier of the resource.
region string: The AWS region where the AWS Secret Manager is.
default boolean: Use as Default Secrets Manager.
delegateSelectors string[]: Tags to filter delegates for connection.
description string: Description of the resource.
executeOnDelegate boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery boolean: Whether to force delete secret value or not.
name string: Name of the resource.
orgId string: Unique identifier of the organization.
projectId string: Unique identifier of the project.
recoveryWindowInDays number: recovery duration in days in AWS Secrets Manager.
secretNamePrefix string: A prefix to be added to all secrets.
tags string[]: Tags to associate with the resource.
usePutSecret boolean: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentialsArgs: Credentials to connect to AWS.
identifier str: Unique identifier of the resource.
region str: The AWS region where the AWS Secret Manager is.
default bool: Use as Default Secrets Manager.
delegate_selectors Sequence[str]: Tags to filter delegates for connection.
description str: Description of the resource.
execute_on_delegate bool: Run the operation on the delegate or harness platform.
force_delete_without_recovery bool: Whether to force delete secret value or not.
name str: Name of the resource.
org_id str: Unique identifier of the organization.
project_id str: Unique identifier of the project.
recovery_window_in_days int: recovery duration in days in AWS Secrets Manager.
secret_name_prefix str: A prefix to be added to all secrets.
tags Sequence[str]: Tags to associate with the resource.
use_put_secret bool: Whether to update secret value using putSecretValue action.

credentials Property Map: Credentials to connect to AWS.
identifier String: Unique identifier of the resource.
region String: The AWS region where the AWS Secret Manager is.
default Boolean: Use as Default Secrets Manager.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery Boolean: Whether to force delete secret value or not.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
recoveryWindowInDays Number: recovery duration in days in AWS Secrets Manager.
secretNamePrefix String: A prefix to be added to all secrets.
tags List<String>: Tags to associate with the resource.
usePutSecret Boolean: Whether to update secret value using putSecretValue action.

Outputs

All input properties are implicitly available as output properties. Additionally, the AwsSecretManagerConnector resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing AwsSecretManagerConnector Resource

Get an existing AwsSecretManagerConnector resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AwsSecretManagerConnectorState, opts?: CustomResourceOptions): AwsSecretManagerConnector

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        credentials: Optional[AwsSecretManagerConnectorCredentialsArgs] = None,
        default: Optional[bool] = None,
        delegate_selectors: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        execute_on_delegate: Optional[bool] = None,
        force_delete_without_recovery: Optional[bool] = None,
        identifier: Optional[str] = None,
        name: Optional[str] = None,
        org_id: Optional[str] = None,
        project_id: Optional[str] = None,
        recovery_window_in_days: Optional[int] = None,
        region: Optional[str] = None,
        secret_name_prefix: Optional[str] = None,
        tags: Optional[Sequence[str]] = None,
        use_put_secret: Optional[bool] = None) -> AwsSecretManagerConnector

func GetAwsSecretManagerConnector(ctx *Context, name string, id IDInput, state *AwsSecretManagerConnectorState, opts ...ResourceOption) (*AwsSecretManagerConnector, error)

public static AwsSecretManagerConnector Get(string name, Input<string> id, AwsSecretManagerConnectorState? state, CustomResourceOptions? opts = null)

public static AwsSecretManagerConnector get(String name, Output<String> id, AwsSecretManagerConnectorState state, CustomResourceOptions options)

resources:  _:    type: harness:platform:AwsSecretManagerConnector    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
Default bool: Use as Default Secrets Manager.
DelegateSelectors List<string>: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Run the operation on the delegate or harness platform.
ForceDeleteWithoutRecovery bool: Whether to force delete secret value or not.
Identifier string: Unique identifier of the resource.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
RecoveryWindowInDays int: recovery duration in days in AWS Secrets Manager.
Region string: The AWS region where the AWS Secret Manager is.
SecretNamePrefix string: A prefix to be added to all secrets.
Tags List<string>: Tags to associate with the resource.
UsePutSecret bool: Whether to update secret value using putSecretValue action.

Credentials AwsSecretManagerConnectorCredentialsArgs: Credentials to connect to AWS.
Default bool: Use as Default Secrets Manager.
DelegateSelectors []string: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Run the operation on the delegate or harness platform.
ForceDeleteWithoutRecovery bool: Whether to force delete secret value or not.
Identifier string: Unique identifier of the resource.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
RecoveryWindowInDays int: recovery duration in days in AWS Secrets Manager.
Region string: The AWS region where the AWS Secret Manager is.
SecretNamePrefix string: A prefix to be added to all secrets.
Tags []string: Tags to associate with the resource.
UsePutSecret bool: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
default_ Boolean: Use as Default Secrets Manager.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery Boolean: Whether to force delete secret value or not.
identifier String: Unique identifier of the resource.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
recoveryWindowInDays Integer: recovery duration in days in AWS Secrets Manager.
region String: The AWS region where the AWS Secret Manager is.
secretNamePrefix String: A prefix to be added to all secrets.
tags List<String>: Tags to associate with the resource.
usePutSecret Boolean: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentials: Credentials to connect to AWS.
default boolean: Use as Default Secrets Manager.
delegateSelectors string[]: Tags to filter delegates for connection.
description string: Description of the resource.
executeOnDelegate boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery boolean: Whether to force delete secret value or not.
identifier string: Unique identifier of the resource.
name string: Name of the resource.
orgId string: Unique identifier of the organization.
projectId string: Unique identifier of the project.
recoveryWindowInDays number: recovery duration in days in AWS Secrets Manager.
region string: The AWS region where the AWS Secret Manager is.
secretNamePrefix string: A prefix to be added to all secrets.
tags string[]: Tags to associate with the resource.
usePutSecret boolean: Whether to update secret value using putSecretValue action.

credentials AwsSecretManagerConnectorCredentialsArgs: Credentials to connect to AWS.
default bool: Use as Default Secrets Manager.
delegate_selectors Sequence[str]: Tags to filter delegates for connection.
description str: Description of the resource.
execute_on_delegate bool: Run the operation on the delegate or harness platform.
force_delete_without_recovery bool: Whether to force delete secret value or not.
identifier str: Unique identifier of the resource.
name str: Name of the resource.
org_id str: Unique identifier of the organization.
project_id str: Unique identifier of the project.
recovery_window_in_days int: recovery duration in days in AWS Secrets Manager.
region str: The AWS region where the AWS Secret Manager is.
secret_name_prefix str: A prefix to be added to all secrets.
tags Sequence[str]: Tags to associate with the resource.
use_put_secret bool: Whether to update secret value using putSecretValue action.

credentials Property Map: Credentials to connect to AWS.
default Boolean: Use as Default Secrets Manager.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Run the operation on the delegate or harness platform.
forceDeleteWithoutRecovery Boolean: Whether to force delete secret value or not.
identifier String: Unique identifier of the resource.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
recoveryWindowInDays Number: recovery duration in days in AWS Secrets Manager.
region String: The AWS region where the AWS Secret Manager is.
secretNamePrefix String: A prefix to be added to all secrets.
tags List<String>: Tags to associate with the resource.
usePutSecret Boolean: Whether to update secret value using putSecretValue action.

Supporting Types

AwsSecretManagerConnectorCredentials, AwsSecretManagerConnectorCredentialsArgs

AssumeRole AwsSecretManagerConnectorCredentialsAssumeRole: Connect using STS assume role.
InheritFromDelegate bool: Inherit the credentials from from the delegate.
Manual AwsSecretManagerConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
OidcAuthentication AwsSecretManagerConnectorCredentialsOidcAuthentication: Authentication using harness oidc.

AssumeRole AwsSecretManagerConnectorCredentialsAssumeRole: Connect using STS assume role.
InheritFromDelegate bool: Inherit the credentials from from the delegate.
Manual AwsSecretManagerConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
OidcAuthentication AwsSecretManagerConnectorCredentialsOidcAuthentication: Authentication using harness oidc.

assumeRole AwsSecretManagerConnectorCredentialsAssumeRole: Connect using STS assume role.
inheritFromDelegate Boolean: Inherit the credentials from from the delegate.
manual AwsSecretManagerConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidcAuthentication AwsSecretManagerConnectorCredentialsOidcAuthentication: Authentication using harness oidc.

assumeRole AwsSecretManagerConnectorCredentialsAssumeRole: Connect using STS assume role.
inheritFromDelegate boolean: Inherit the credentials from from the delegate.
manual AwsSecretManagerConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidcAuthentication AwsSecretManagerConnectorCredentialsOidcAuthentication: Authentication using harness oidc.

assume_role AwsSecretManagerConnectorCredentialsAssumeRole: Connect using STS assume role.
inherit_from_delegate bool: Inherit the credentials from from the delegate.
manual AwsSecretManagerConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidc_authentication AwsSecretManagerConnectorCredentialsOidcAuthentication: Authentication using harness oidc.

assumeRole Property Map: Connect using STS assume role.
inheritFromDelegate Boolean: Inherit the credentials from from the delegate.
manual Property Map: Specify the AWS key and secret used for authenticating.
oidcAuthentication Property Map: Authentication using harness oidc.

AwsSecretManagerConnectorCredentialsAssumeRole, AwsSecretManagerConnectorCredentialsAssumeRoleArgs

Duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
RoleArn string: The ARN of the role to assume.
ExternalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

Duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
RoleArn string: The ARN of the role to assume.
ExternalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration Integer: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn String: The ARN of the role to assume.
externalId String: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration number: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn string: The ARN of the role to assume.
externalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
role_arn str: The ARN of the role to assume.
external_id str: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration Number: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn String: The ARN of the role to assume.
externalId String: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

AwsSecretManagerConnectorCredentialsManual, AwsSecretManagerConnectorCredentialsManualArgs

SecretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
AccessKeyPlainText string: The plain text AWS access key. This is required if the accesskeyref is not provided.
AccessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

SecretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
AccessKeyPlainText string: The plain text AWS access key. This is required if the accesskeyref is not provided.
AccessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

secretKeyRef String: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
accessKeyPlainText String: The plain text AWS access key. This is required if the accesskeyref is not provided.
accessKeyRef String: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

secretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
accessKeyPlainText string: The plain text AWS access key. This is required if the accesskeyref is not provided.
accessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

secret_key_ref str: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
access_key_plain_text str: The plain text AWS access key. This is required if the accesskeyref is not provided.
access_key_ref str: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

secretKeyRef String: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
accessKeyPlainText String: The plain text AWS access key. This is required if the accesskeyref is not provided.
accessKeyRef String: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

AwsSecretManagerConnectorCredentialsOidcAuthentication, AwsSecretManagerConnectorCredentialsOidcAuthenticationArgs

IamRoleArn string: The IAM role ARN.

IamRoleArn string: The IAM role ARN.

iamRoleArn String: The IAM role ARN.

iamRoleArn string: The IAM role ARN.

iam_role_arn str: The IAM role ARN.

iamRoleArn String: The IAM role ARN.

Import

Import account level aws secret manager connector

$ pulumi import harness:platform/awsSecretManagerConnector:AwsSecretManagerConnector example <connector_id>

Import org level aws secret manager connector

$ pulumi import harness:platform/awsSecretManagerConnector:AwsSecretManagerConnector example <ord_id>/<connector_id>

Import project level aws secret manager connector

$ pulumi import harness:platform/awsSecretManagerConnector:AwsSecretManagerConnector example <org_id>/<project_id>/<connector_id>

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: harness pulumi/pulumi-harness
License: Apache-2.0
Notes: This Pulumi package is based on the harness Terraform Provider.

Harness v0.5.7 published on Saturday, Mar 8, 2025 by Pulumi

pulumi/pulumi-harness

harness.platform.AwsSecretManagerConnector

On this page

On this page

Example Usage

Create AwsSecretManagerConnector Resource

Constructor syntax

Parameters

Constructor example

AwsSecretManagerConnector Resource Properties

Inputs

Outputs

Look up Existing AwsSecretManagerConnector Resource

Supporting Types

AwsSecretManagerConnectorCredentials, AwsSecretManagerConnectorCredentialsArgs

AwsSecretManagerConnectorCredentialsAssumeRole, AwsSecretManagerConnectorCredentialsAssumeRoleArgs

AwsSecretManagerConnectorCredentialsManual, AwsSecretManagerConnectorCredentialsManualArgs

AwsSecretManagerConnectorCredentialsOidcAuthentication, AwsSecretManagerConnectorCredentialsOidcAuthenticationArgs

Import

Package Details

On this page

On this page