kvSecretV2.python.md

kvSecretV2 Submodule

Constructs

KvSecretV2

Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2 vault_kv_secret_v2}.

Initializers

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2(
  scope: Construct,
  id: str,
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  data_json: str,
  mount: str,
  name: str,
  cas: typing.Union[int, float] = None,
  custom_metadata: KvSecretV2CustomMetadata = None,
  delete_all_versions: typing.Union[bool, IResolvable] = None,
  disable_read: typing.Union[bool, IResolvable] = None,
  id: str = None,
  namespace: str = None,
  options: typing.Mapping[str] = None
)

Name	Type	Description
scope	constructs.Construct	The scope in which to define this construct.
id	str	The scoped construct ID.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
data_json	str	JSON-encoded secret data to write.
mount	str	Path where KV-V2 engine is mounted.
name	str	Full name of the secret.
cas	typing.Union[int, float]	This flag is required if cas_required is set to true on either the secret or the engine's config.
custom_metadata	KvSecretV2CustomMetadata	custom_metadata block.
delete_all_versions	typing.Union[bool, cdktf.IResolvable]	If set to true, permanently deletes all versions for the specified key.
disable_read	typing.Union[bool, cdktf.IResolvable]	If set to true, disables reading secret from Vault; note: drift won't be detected.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#id KvSecretV2#id}.
namespace	str	Target namespace. (requires Enterprise).
options	typing.Mapping[str]	An object that holds option settings.

---

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

id^Required

• Type: str

The scoped construct ID.

Must be unique amongst siblings in the same scope

---

connection^Optional

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

• Type: cdktf.TerraformProvider

---

provisioners^Optional

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

data_json^Required

• Type: str

JSON-encoded secret data to write.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#data_json KvSecretV2#data_json}

---

mount^Required

• Type: str

Path where KV-V2 engine is mounted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#mount KvSecretV2#mount}

---

name^Required

• Type: str

Full name of the secret.

For a nested secret, the name is the nested path excluding the mount and data prefix. For example, for a secret at 'kvv2/data/foo/bar/baz', the name is 'foo/bar/baz'

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#name KvSecretV2#name}

---

cas^Optional

• Type: typing.Union[int, float]

This flag is required if cas_required is set to true on either the secret or the engine's config.

In order for a write to be successful, cas must be set to the current version of the secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#cas KvSecretV2#cas}

---

custom_metadata^Optional

• Type: KvSecretV2CustomMetadata

custom_metadata block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#custom_metadata KvSecretV2#custom_metadata}

---

delete_all_versions^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

If set to true, permanently deletes all versions for the specified key.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#delete_all_versions KvSecretV2#delete_all_versions}

---

disable_read^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

If set to true, disables reading secret from Vault; note: drift won't be detected.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#disable_read KvSecretV2#disable_read}

---

id^Optional

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#id KvSecretV2#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

namespace^Optional

• Type: str

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#namespace KvSecretV2#namespace}

---

options^Optional

• Type: typing.Mapping[str]

An object that holds option settings.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#options KvSecretV2#options}

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
add_override	No description.
override_logical_id	Overrides the auto-generated logical ID with a specific ID.
reset_override_logical_id	Resets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraform	No description.
to_metadata	No description.
to_terraform	Adds this resource to the terraform JSON output.
add_move_target	Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
has_resource_move	No description.
import_from	No description.
interpolation_for_attribute	No description.
move_from_id	Move the resource corresponding to "id" to this resource.
move_to	Moves this resource to the target resource given by moveTarget.
move_to_id	Moves this resource to the resource corresponding to "id".
put_custom_metadata	No description.
reset_cas	No description.
reset_custom_metadata	No description.
reset_delete_all_versions	No description.
reset_disable_read	No description.
reset_id	No description.
reset_namespace	No description.
reset_options	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

add_override

def add_override(
  path: str,
  value: typing.Any
) -> None

path^Required

• Type: str

---

value^Required

• Type: typing.Any

---

override_logical_id

def override_logical_id(
  new_logical_id: str
) -> None

Overrides the auto-generated logical ID with a specific ID.

new_logical_id^Required

• Type: str

The new logical ID to use for this stack element.

---

reset_override_logical_id

def reset_override_logical_id() -> None

Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform

def to_hcl_terraform() -> typing.Any

to_metadata

def to_metadata() -> typing.Any

to_terraform

def to_terraform() -> typing.Any

Adds this resource to the terraform JSON output.

add_move_target

def add_move_target(
  move_target: str
) -> None

Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.

move_target^Required

• Type: str

The string move target that will correspond to this resource.

---

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

has_resource_move

def has_resource_move() -> typing.Union[TerraformResourceMoveByTarget, TerraformResourceMoveById]

import_from

def import_from(
  id: str,
  provider: TerraformProvider = None
) -> None

id^Required

• Type: str

---

provider^Optional

• Type: cdktf.TerraformProvider

---

interpolation_for_attribute

def interpolation_for_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

move_from_id

def move_from_id(
  id: str
) -> None

Move the resource corresponding to "id" to this resource.

Note that the resource being moved from must be marked as moved using it's instance function.

id^Required

• Type: str

Full id of resource being moved from, e.g. "aws_s3_bucket.example".

---

move_to

def move_to(
  move_target: str,
  index: typing.Union[str, typing.Union[int, float]] = None
) -> None

Moves this resource to the target resource given by moveTarget.

move_target^Required

• Type: str

The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.

---

index^Optional

• Type: typing.Union[str, typing.Union[int, float]]

Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.

---

move_to_id

def move_to_id(
  id: str
) -> None

Moves this resource to the resource corresponding to "id".

id^Required

• Type: str

Full id of resource to move to, e.g. "aws_s3_bucket.example".

---

put_custom_metadata

def put_custom_metadata(
  cas_required: typing.Union[bool, IResolvable] = None,
  data: typing.Mapping[str] = None,
  delete_version_after: typing.Union[int, float] = None,
  max_versions: typing.Union[int, float] = None
) -> None

cas_required^Optional

• Type: typing.Union[bool, cdktf.IResolvable]

If true, all keys will require the cas parameter to be set on all write requests.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#cas_required KvSecretV2#cas_required}

---

data^Optional

• Type: typing.Mapping[str]

A map of arbitrary string to string valued user-provided metadata meant to describe the secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#data KvSecretV2#data}

---

delete_version_after^Optional

• Type: typing.Union[int, float]

If set, specifies the length of time before a version is deleted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#delete_version_after KvSecretV2#delete_version_after}

---

max_versions^Optional

• Type: typing.Union[int, float]

The number of versions to keep per key.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#max_versions KvSecretV2#max_versions}

---

reset_cas

def reset_cas() -> None

reset_custom_metadata

def reset_custom_metadata() -> None

reset_delete_all_versions

def reset_delete_all_versions() -> None

reset_disable_read

def reset_disable_read() -> None

reset_id

def reset_id() -> None

reset_namespace

def reset_namespace() -> None

reset_options

def reset_options() -> None

Static Functions

Name	Description
is_construct	Checks if x is a construct.
is_terraform_element	No description.
is_terraform_resource	No description.
generate_config_for_import	Generates CDKTF code for importing a KvSecretV2 resource upon running "cdktf plan ".

---

is_construct

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

x^Required

• Type: typing.Any

Any object.

---

is_terraform_element

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2.is_terraform_element(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

is_terraform_resource

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2.is_terraform_resource(
  x: typing.Any
)

x^Required

• Type: typing.Any

---

generate_config_for_import

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2.generate_config_for_import(
  scope: Construct,
  import_to_id: str,
  import_from_id: str,
  provider: TerraformProvider = None
)

Generates CDKTF code for importing a KvSecretV2 resource upon running "cdktf plan ".

scope^Required

• Type: constructs.Construct

The scope in which to define this construct.

---

import_to_id^Required

• Type: str

The construct id used in the generated config for the KvSecretV2 to import.

---

import_from_id^Required

• Type: str

The id of the existing KvSecretV2 that should be imported.

Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#import import section} in the documentation of this resource for the id to use

---

provider^Optional

• Type: cdktf.TerraformProvider

? Optional instance of the provider where the KvSecretV2 to import is found.

---

Properties

Name	Type	Description
node	constructs.Node	The tree node.
cdktf_stack	cdktf.TerraformStack	No description.
fqn	str	No description.
friendly_unique_id	str	No description.
terraform_meta_arguments	typing.Mapping[typing.Any]	No description.
terraform_resource_type	str	No description.
terraform_generator_metadata	cdktf.TerraformProviderGeneratorMetadata	No description.
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[str]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
custom_metadata	KvSecretV2CustomMetadataOutputReference	No description.
data	cdktf.StringMap	No description.
metadata	cdktf.StringMap	No description.
path	str	No description.
cas_input	typing.Union[int, float]	No description.
custom_metadata_input	KvSecretV2CustomMetadata	No description.
data_json_input	str	No description.
delete_all_versions_input	typing.Union[bool, cdktf.IResolvable]	No description.
disable_read_input	typing.Union[bool, cdktf.IResolvable]	No description.
id_input	str	No description.
mount_input	str	No description.
name_input	str	No description.
namespace_input	str	No description.
options_input	typing.Mapping[str]	No description.
cas	typing.Union[int, float]	No description.
data_json	str	No description.
delete_all_versions	typing.Union[bool, cdktf.IResolvable]	No description.
disable_read	typing.Union[bool, cdktf.IResolvable]	No description.
id	str	No description.
mount	str	No description.
name	str	No description.
namespace	str	No description.
options	typing.Mapping[str]	No description.

---

node^Required

node: Node

• Type: constructs.Node

The tree node.

---

cdktf_stack^Required

cdktf_stack: TerraformStack

• Type: cdktf.TerraformStack

---

fqn^Required

fqn: str

• Type: str

---

friendly_unique_id^Required

friendly_unique_id: str

• Type: str

---

terraform_meta_arguments^Required

terraform_meta_arguments: typing.Mapping[typing.Any]

• Type: typing.Mapping[typing.Any]

---

terraform_resource_type^Required

terraform_resource_type: str

• Type: str

---

terraform_generator_metadata^Optional

terraform_generator_metadata: TerraformProviderGeneratorMetadata

• Type: cdktf.TerraformProviderGeneratorMetadata

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[str]

• Type: typing.List[str]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

custom_metadata^Required

custom_metadata: KvSecretV2CustomMetadataOutputReference

• Type: KvSecretV2CustomMetadataOutputReference

---

data^Required

data: StringMap

• Type: cdktf.StringMap

---

metadata^Required

metadata: StringMap

• Type: cdktf.StringMap

---

path^Required

path: str

• Type: str

---

cas_input^Optional

cas_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

custom_metadata_input^Optional

custom_metadata_input: KvSecretV2CustomMetadata

• Type: KvSecretV2CustomMetadata

---

data_json_input^Optional

data_json_input: str

• Type: str

---

delete_all_versions_input^Optional

delete_all_versions_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

disable_read_input^Optional

disable_read_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

id_input^Optional

id_input: str

• Type: str

---

mount_input^Optional

mount_input: str

• Type: str

---

name_input^Optional

name_input: str

• Type: str

---

namespace_input^Optional

namespace_input: str

• Type: str

---

options_input^Optional

options_input: typing.Mapping[str]

• Type: typing.Mapping[str]

---

cas^Required

cas: typing.Union[int, float]

• Type: typing.Union[int, float]

---

data_json^Required

data_json: str

• Type: str

---

delete_all_versions^Required

delete_all_versions: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

disable_read^Required

disable_read: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

id^Required

id: str

• Type: str

---

mount^Required

mount: str

• Type: str

---

name^Required

name: str

• Type: str

---

namespace^Required

namespace: str

• Type: str

---

options^Required

options: typing.Mapping[str]

• Type: typing.Mapping[str]

---

Constants

Name	Type	Description
tfResourceType	str	No description.

---

tfResourceType^Required

tfResourceType: str

• Type: str

---

Structs

KvSecretV2Config

Initializer

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2Config(
  connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection] = None,
  count: typing.Union[typing.Union[int, float], TerraformCount] = None,
  depends_on: typing.List[ITerraformDependable] = None,
  for_each: ITerraformIterator = None,
  lifecycle: TerraformResourceLifecycle = None,
  provider: TerraformProvider = None,
  provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]] = None,
  data_json: str,
  mount: str,
  name: str,
  cas: typing.Union[int, float] = None,
  custom_metadata: KvSecretV2CustomMetadata = None,
  delete_all_versions: typing.Union[bool, IResolvable] = None,
  disable_read: typing.Union[bool, IResolvable] = None,
  id: str = None,
  namespace: str = None,
  options: typing.Mapping[str] = None
)

Properties

Name	Type	Description
connection	typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]	No description.
count	typing.Union[typing.Union[int, float], cdktf.TerraformCount]	No description.
depends_on	typing.List[cdktf.ITerraformDependable]	No description.
for_each	cdktf.ITerraformIterator	No description.
lifecycle	cdktf.TerraformResourceLifecycle	No description.
provider	cdktf.TerraformProvider	No description.
provisioners	typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]	No description.
data_json	str	JSON-encoded secret data to write.
mount	str	Path where KV-V2 engine is mounted.
name	str	Full name of the secret.
cas	typing.Union[int, float]	This flag is required if cas_required is set to true on either the secret or the engine's config.
custom_metadata	KvSecretV2CustomMetadata	custom_metadata block.
delete_all_versions	typing.Union[bool, cdktf.IResolvable]	If set to true, permanently deletes all versions for the specified key.
disable_read	typing.Union[bool, cdktf.IResolvable]	If set to true, disables reading secret from Vault; note: drift won't be detected.
id	str	Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#id KvSecretV2#id}.
namespace	str	Target namespace. (requires Enterprise).
options	typing.Mapping[str]	An object that holds option settings.

---

connection^Optional

connection: typing.Union[SSHProvisionerConnection, WinrmProvisionerConnection]

• Type: typing.Union[cdktf.SSHProvisionerConnection, cdktf.WinrmProvisionerConnection]

---

count^Optional

count: typing.Union[typing.Union[int, float], TerraformCount]

• Type: typing.Union[typing.Union[int, float], cdktf.TerraformCount]

---

depends_on^Optional

depends_on: typing.List[ITerraformDependable]

• Type: typing.List[cdktf.ITerraformDependable]

---

for_each^Optional

for_each: ITerraformIterator

• Type: cdktf.ITerraformIterator

---

lifecycle^Optional

lifecycle: TerraformResourceLifecycle

• Type: cdktf.TerraformResourceLifecycle

---

provider^Optional

provider: TerraformProvider

• Type: cdktf.TerraformProvider

---

provisioners^Optional

provisioners: typing.List[typing.Union[FileProvisioner, LocalExecProvisioner, RemoteExecProvisioner]]

• Type: typing.List[typing.Union[cdktf.FileProvisioner, cdktf.LocalExecProvisioner, cdktf.RemoteExecProvisioner]]

---

data_json^Required

data_json: str

• Type: str

JSON-encoded secret data to write.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#data_json KvSecretV2#data_json}

---

mount^Required

mount: str

• Type: str

Path where KV-V2 engine is mounted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#mount KvSecretV2#mount}

---

name^Required

name: str

• Type: str

Full name of the secret.

For a nested secret, the name is the nested path excluding the mount and data prefix. For example, for a secret at 'kvv2/data/foo/bar/baz', the name is 'foo/bar/baz'

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#name KvSecretV2#name}

---

cas^Optional

cas: typing.Union[int, float]

• Type: typing.Union[int, float]

This flag is required if cas_required is set to true on either the secret or the engine's config.

In order for a write to be successful, cas must be set to the current version of the secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#cas KvSecretV2#cas}

---

custom_metadata^Optional

custom_metadata: KvSecretV2CustomMetadata

• Type: KvSecretV2CustomMetadata

custom_metadata block.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#custom_metadata KvSecretV2#custom_metadata}

---

delete_all_versions^Optional

delete_all_versions: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

If set to true, permanently deletes all versions for the specified key.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#delete_all_versions KvSecretV2#delete_all_versions}

---

disable_read^Optional

disable_read: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

If set to true, disables reading secret from Vault; note: drift won't be detected.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#disable_read KvSecretV2#disable_read}

---

id^Optional

id: str

• Type: str

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#id KvSecretV2#id}.

Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.

---

namespace^Optional

namespace: str

• Type: str

Target namespace. (requires Enterprise).

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#namespace KvSecretV2#namespace}

---

options^Optional

options: typing.Mapping[str]

• Type: typing.Mapping[str]

An object that holds option settings.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#options KvSecretV2#options}

---

KvSecretV2CustomMetadata

Initializer

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2CustomMetadata(
  cas_required: typing.Union[bool, IResolvable] = None,
  data: typing.Mapping[str] = None,
  delete_version_after: typing.Union[int, float] = None,
  max_versions: typing.Union[int, float] = None
)

Properties

Name	Type	Description
cas_required	typing.Union[bool, cdktf.IResolvable]	If true, all keys will require the cas parameter to be set on all write requests.
data	typing.Mapping[str]	A map of arbitrary string to string valued user-provided metadata meant to describe the secret.
delete_version_after	typing.Union[int, float]	If set, specifies the length of time before a version is deleted.
max_versions	typing.Union[int, float]	The number of versions to keep per key.

---

cas_required^Optional

cas_required: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

If true, all keys will require the cas parameter to be set on all write requests.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#cas_required KvSecretV2#cas_required}

---

data^Optional

data: typing.Mapping[str]

• Type: typing.Mapping[str]

A map of arbitrary string to string valued user-provided metadata meant to describe the secret.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#data KvSecretV2#data}

---

delete_version_after^Optional

delete_version_after: typing.Union[int, float]

• Type: typing.Union[int, float]

If set, specifies the length of time before a version is deleted.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#delete_version_after KvSecretV2#delete_version_after}

---

max_versions^Optional

max_versions: typing.Union[int, float]

• Type: typing.Union[int, float]

The number of versions to keep per key.

Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.2.0/docs/resources/kv_secret_v2#max_versions KvSecretV2#max_versions}

---

Classes

KvSecretV2CustomMetadataOutputReference

Initializers

from cdktf_cdktf_provider_vault import kv_secret_v2

kvSecretV2.KvSecretV2CustomMetadataOutputReference(
  terraform_resource: IInterpolatingParent,
  terraform_attribute: str
)

Name	Type	Description
terraform_resource	cdktf.IInterpolatingParent	The parent resource.
terraform_attribute	str	The attribute on the parent resource this class is referencing.

---

terraform_resource^Required

• Type: cdktf.IInterpolatingParent

The parent resource.

---

terraform_attribute^Required

• Type: str

The attribute on the parent resource this class is referencing.

---

Methods

Name	Description
compute_fqn	No description.
get_any_map_attribute	No description.
get_boolean_attribute	No description.
get_boolean_map_attribute	No description.
get_list_attribute	No description.
get_number_attribute	No description.
get_number_list_attribute	No description.
get_number_map_attribute	No description.
get_string_attribute	No description.
get_string_map_attribute	No description.
interpolation_for_attribute	No description.
resolve	Produce the Token's value at resolution time.
to_string	Return a string representation of this resolvable object.
reset_cas_required	No description.
reset_data	No description.
reset_delete_version_after	No description.
reset_max_versions	No description.

---

compute_fqn

def compute_fqn() -> str

get_any_map_attribute

def get_any_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Any]

terraform_attribute^Required

• Type: str

---

get_boolean_attribute

def get_boolean_attribute(
  terraform_attribute: str
) -> IResolvable

terraform_attribute^Required

• Type: str

---

get_boolean_map_attribute

def get_boolean_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[bool]

terraform_attribute^Required

• Type: str

---

get_list_attribute

def get_list_attribute(
  terraform_attribute: str
) -> typing.List[str]

terraform_attribute^Required

• Type: str

---

get_number_attribute

def get_number_attribute(
  terraform_attribute: str
) -> typing.Union[int, float]

terraform_attribute^Required

• Type: str

---

get_number_list_attribute

def get_number_list_attribute(
  terraform_attribute: str
) -> typing.List[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_number_map_attribute

def get_number_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[typing.Union[int, float]]

terraform_attribute^Required

• Type: str

---

get_string_attribute

def get_string_attribute(
  terraform_attribute: str
) -> str

terraform_attribute^Required

• Type: str

---

get_string_map_attribute

def get_string_map_attribute(
  terraform_attribute: str
) -> typing.Mapping[str]

terraform_attribute^Required

• Type: str

---

interpolation_for_attribute

def interpolation_for_attribute(
  property: str
) -> IResolvable

property^Required

• Type: str

---

resolve

def resolve(
  _context: IResolveContext
) -> typing.Any

Produce the Token's value at resolution time.

_context^Required

• Type: cdktf.IResolveContext

---

to_string

def to_string() -> str

Return a string representation of this resolvable object.

Returns a reversible string representation.

reset_cas_required

def reset_cas_required() -> None

reset_data

def reset_data() -> None

reset_delete_version_after

def reset_delete_version_after() -> None

reset_max_versions

def reset_max_versions() -> None

Properties

Name	Type	Description
creation_stack	typing.List[str]	The creation stack of this resolvable which will be appended to errors thrown during resolution.
fqn	str	No description.
cas_required_input	typing.Union[bool, cdktf.IResolvable]	No description.
data_input	typing.Mapping[str]	No description.
delete_version_after_input	typing.Union[int, float]	No description.
max_versions_input	typing.Union[int, float]	No description.
cas_required	typing.Union[bool, cdktf.IResolvable]	No description.
data	typing.Mapping[str]	No description.
delete_version_after	typing.Union[int, float]	No description.
max_versions	typing.Union[int, float]	No description.
internal_value	KvSecretV2CustomMetadata	No description.

---

creation_stack^Required

creation_stack: typing.List[str]

• Type: typing.List[str]

The creation stack of this resolvable which will be appended to errors thrown during resolution.

If this returns an empty array the stack will not be attached.

---

fqn^Required

fqn: str

• Type: str

---

cas_required_input^Optional

cas_required_input: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

data_input^Optional

data_input: typing.Mapping[str]

• Type: typing.Mapping[str]

---

delete_version_after_input^Optional

delete_version_after_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

max_versions_input^Optional

max_versions_input: typing.Union[int, float]

• Type: typing.Union[int, float]

---

cas_required^Required

cas_required: typing.Union[bool, IResolvable]

• Type: typing.Union[bool, cdktf.IResolvable]

---

data^Required

data: typing.Mapping[str]

• Type: typing.Mapping[str]

---

delete_version_after^Required

delete_version_after: typing.Union[int, float]

• Type: typing.Union[int, float]

---

max_versions^Required

max_versions: typing.Union[int, float]

• Type: typing.Union[int, float]

---

internal_value^Optional

internal_value: KvSecretV2CustomMetadata

• Type: KvSecretV2CustomMetadata

---