Harness v0.7.1, Mar 29 25

Harness v0.7.1 published on Saturday, Mar 29, 2025 by Pulumi

harness.platform.AwsKmsConnector

Explore with Pulumi AI

Harness v0.7.1 published on Saturday, Mar 29, 2025 by Pulumi

Example Usage

Create AwsKmsConnector Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new AwsKmsConnector(name: string, args: AwsKmsConnectorArgs, opts?: CustomResourceOptions);

@overload
def AwsKmsConnector(resource_name: str,
                    args: AwsKmsConnectorArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def AwsKmsConnector(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    arn_ref: Optional[str] = None,
                    credentials: Optional[AwsKmsConnectorCredentialsArgs] = None,
                    identifier: Optional[str] = None,
                    region: Optional[str] = None,
                    default: Optional[bool] = None,
                    delegate_selectors: Optional[Sequence[str]] = None,
                    description: Optional[str] = None,
                    execute_on_delegate: Optional[bool] = None,
                    name: Optional[str] = None,
                    org_id: Optional[str] = None,
                    project_id: Optional[str] = None,
                    tags: Optional[Sequence[str]] = None)

func NewAwsKmsConnector(ctx *Context, name string, args AwsKmsConnectorArgs, opts ...ResourceOption) (*AwsKmsConnector, error)

public AwsKmsConnector(string name, AwsKmsConnectorArgs args, CustomResourceOptions? opts = null)

public AwsKmsConnector(String name, AwsKmsConnectorArgs args)
public AwsKmsConnector(String name, AwsKmsConnectorArgs args, CustomResourceOptions options)

type: harness:platform:AwsKmsConnector
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AwsKmsConnectorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AwsKmsConnectorArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AwsKmsConnectorArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AwsKmsConnectorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AwsKmsConnectorArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var awsKmsConnectorResource = new Harness.Platform.AwsKmsConnector("awsKmsConnectorResource", new()
{
    ArnRef = "string",
    Credentials = new Harness.Platform.Inputs.AwsKmsConnectorCredentialsArgs
    {
        AssumeRole = new Harness.Platform.Inputs.AwsKmsConnectorCredentialsAssumeRoleArgs
        {
            Duration = 0,
            RoleArn = "string",
            ExternalId = "string",
        },
        InheritFromDelegate = false,
        Manual = new Harness.Platform.Inputs.AwsKmsConnectorCredentialsManualArgs
        {
            AccessKeyRef = "string",
            SecretKeyRef = "string",
        },
        OidcAuthentication = new Harness.Platform.Inputs.AwsKmsConnectorCredentialsOidcAuthenticationArgs
        {
            IamRoleArn = "string",
        },
    },
    Identifier = "string",
    Region = "string",
    Default = false,
    DelegateSelectors = new[]
    {
        "string",
    },
    Description = "string",
    ExecuteOnDelegate = false,
    Name = "string",
    OrgId = "string",
    ProjectId = "string",
    Tags = new[]
    {
        "string",
    },
});

example, err := platform.NewAwsKmsConnector(ctx, "awsKmsConnectorResource", &platform.AwsKmsConnectorArgs{
	ArnRef: pulumi.String("string"),
	Credentials: &platform.AwsKmsConnectorCredentialsArgs{
		AssumeRole: &platform.AwsKmsConnectorCredentialsAssumeRoleArgs{
			Duration:   pulumi.Int(0),
			RoleArn:    pulumi.String("string"),
			ExternalId: pulumi.String("string"),
		},
		InheritFromDelegate: pulumi.Bool(false),
		Manual: &platform.AwsKmsConnectorCredentialsManualArgs{
			AccessKeyRef: pulumi.String("string"),
			SecretKeyRef: pulumi.String("string"),
		},
		OidcAuthentication: &platform.AwsKmsConnectorCredentialsOidcAuthenticationArgs{
			IamRoleArn: pulumi.String("string"),
		},
	},
	Identifier: pulumi.String("string"),
	Region:     pulumi.String("string"),
	Default:    pulumi.Bool(false),
	DelegateSelectors: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description:       pulumi.String("string"),
	ExecuteOnDelegate: pulumi.Bool(false),
	Name:              pulumi.String("string"),
	OrgId:             pulumi.String("string"),
	ProjectId:         pulumi.String("string"),
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
})

var awsKmsConnectorResource = new AwsKmsConnector("awsKmsConnectorResource", AwsKmsConnectorArgs.builder()
    .arnRef("string")
    .credentials(AwsKmsConnectorCredentialsArgs.builder()
        .assumeRole(AwsKmsConnectorCredentialsAssumeRoleArgs.builder()
            .duration(0)
            .roleArn("string")
            .externalId("string")
            .build())
        .inheritFromDelegate(false)
        .manual(AwsKmsConnectorCredentialsManualArgs.builder()
            .accessKeyRef("string")
            .secretKeyRef("string")
            .build())
        .oidcAuthentication(AwsKmsConnectorCredentialsOidcAuthenticationArgs.builder()
            .iamRoleArn("string")
            .build())
        .build())
    .identifier("string")
    .region("string")
    .default_(false)
    .delegateSelectors("string")
    .description("string")
    .executeOnDelegate(false)
    .name("string")
    .orgId("string")
    .projectId("string")
    .tags("string")
    .build());

aws_kms_connector_resource = harness.platform.AwsKmsConnector("awsKmsConnectorResource",
    arn_ref="string",
    credentials={
        "assume_role": {
            "duration": 0,
            "role_arn": "string",
            "external_id": "string",
        },
        "inherit_from_delegate": False,
        "manual": {
            "access_key_ref": "string",
            "secret_key_ref": "string",
        },
        "oidc_authentication": {
            "iam_role_arn": "string",
        },
    },
    identifier="string",
    region="string",
    default=False,
    delegate_selectors=["string"],
    description="string",
    execute_on_delegate=False,
    name="string",
    org_id="string",
    project_id="string",
    tags=["string"])

const awsKmsConnectorResource = new harness.platform.AwsKmsConnector("awsKmsConnectorResource", {
    arnRef: "string",
    credentials: {
        assumeRole: {
            duration: 0,
            roleArn: "string",
            externalId: "string",
        },
        inheritFromDelegate: false,
        manual: {
            accessKeyRef: "string",
            secretKeyRef: "string",
        },
        oidcAuthentication: {
            iamRoleArn: "string",
        },
    },
    identifier: "string",
    region: "string",
    "default": false,
    delegateSelectors: ["string"],
    description: "string",
    executeOnDelegate: false,
    name: "string",
    orgId: "string",
    projectId: "string",
    tags: ["string"],
});

type: harness:platform:AwsKmsConnector
properties:
    arnRef: string
    credentials:
        assumeRole:
            duration: 0
            externalId: string
            roleArn: string
        inheritFromDelegate: false
        manual:
            accessKeyRef: string
            secretKeyRef: string
        oidcAuthentication:
            iamRoleArn: string
    default: false
    delegateSelectors:
        - string
    description: string
    executeOnDelegate: false
    identifier: string
    name: string
    orgId: string
    projectId: string
    region: string
    tags:
        - string

AwsKmsConnector Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AwsKmsConnector resource accepts the following input properties:

ArnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
Credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
Identifier string: Unique identifier of the resource.
Region string: The AWS region where the AWS Secret Manager is.
Default bool: Set this connector as the default for all the services.
DelegateSelectors List<string>: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Execute the command on the delegate.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
Tags List<string>: Tags to associate with the resource.

ArnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
Credentials AwsKmsConnectorCredentialsArgs: Credentials to connect to AWS.
Identifier string: Unique identifier of the resource.
Region string: The AWS region where the AWS Secret Manager is.
Default bool: Set this connector as the default for all the services.
DelegateSelectors []string: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Execute the command on the delegate.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
Tags []string: Tags to associate with the resource.

arnRef String: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
identifier String: Unique identifier of the resource.
region String: The AWS region where the AWS Secret Manager is.
default_ Boolean: Set this connector as the default for all the services.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Execute the command on the delegate.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
tags List<String>: Tags to associate with the resource.

arnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
identifier string: Unique identifier of the resource.
region string: The AWS region where the AWS Secret Manager is.
default boolean: Set this connector as the default for all the services.
delegateSelectors string[]: Tags to filter delegates for connection.
description string: Description of the resource.
executeOnDelegate boolean: Execute the command on the delegate.
name string: Name of the resource.
orgId string: Unique identifier of the organization.
projectId string: Unique identifier of the project.
tags string[]: Tags to associate with the resource.

arn_ref str: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentialsArgs: Credentials to connect to AWS.
identifier str: Unique identifier of the resource.
region str: The AWS region where the AWS Secret Manager is.
default bool: Set this connector as the default for all the services.
delegate_selectors Sequence[str]: Tags to filter delegates for connection.
description str: Description of the resource.
execute_on_delegate bool: Execute the command on the delegate.
name str: Name of the resource.
org_id str: Unique identifier of the organization.
project_id str: Unique identifier of the project.
tags Sequence[str]: Tags to associate with the resource.

arnRef String: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials Property Map: Credentials to connect to AWS.
identifier String: Unique identifier of the resource.
region String: The AWS region where the AWS Secret Manager is.
default Boolean: Set this connector as the default for all the services.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Execute the command on the delegate.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
tags List<String>: Tags to associate with the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the AwsKmsConnector resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing AwsKmsConnector Resource

Get an existing AwsKmsConnector resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: AwsKmsConnectorState, opts?: CustomResourceOptions): AwsKmsConnector

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arn_ref: Optional[str] = None,
        credentials: Optional[AwsKmsConnectorCredentialsArgs] = None,
        default: Optional[bool] = None,
        delegate_selectors: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        execute_on_delegate: Optional[bool] = None,
        identifier: Optional[str] = None,
        name: Optional[str] = None,
        org_id: Optional[str] = None,
        project_id: Optional[str] = None,
        region: Optional[str] = None,
        tags: Optional[Sequence[str]] = None) -> AwsKmsConnector

func GetAwsKmsConnector(ctx *Context, name string, id IDInput, state *AwsKmsConnectorState, opts ...ResourceOption) (*AwsKmsConnector, error)

public static AwsKmsConnector Get(string name, Input<string> id, AwsKmsConnectorState? state, CustomResourceOptions? opts = null)

public static AwsKmsConnector get(String name, Output<String> id, AwsKmsConnectorState state, CustomResourceOptions options)

resources:  _:    type: harness:platform:AwsKmsConnector    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

ArnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
Credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
Default bool: Set this connector as the default for all the services.
DelegateSelectors List<string>: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Execute the command on the delegate.
Identifier string: Unique identifier of the resource.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
Region string: The AWS region where the AWS Secret Manager is.
Tags List<string>: Tags to associate with the resource.

ArnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
Credentials AwsKmsConnectorCredentialsArgs: Credentials to connect to AWS.
Default bool: Set this connector as the default for all the services.
DelegateSelectors []string: Tags to filter delegates for connection.
Description string: Description of the resource.
ExecuteOnDelegate bool: Execute the command on the delegate.
Identifier string: Unique identifier of the resource.
Name string: Name of the resource.
OrgId string: Unique identifier of the organization.
ProjectId string: Unique identifier of the project.
Region string: The AWS region where the AWS Secret Manager is.
Tags []string: Tags to associate with the resource.

arnRef String: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
default_ Boolean: Set this connector as the default for all the services.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Execute the command on the delegate.
identifier String: Unique identifier of the resource.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
region String: The AWS region where the AWS Secret Manager is.
tags List<String>: Tags to associate with the resource.

arnRef string: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentials: Credentials to connect to AWS.
default boolean: Set this connector as the default for all the services.
delegateSelectors string[]: Tags to filter delegates for connection.
description string: Description of the resource.
executeOnDelegate boolean: Execute the command on the delegate.
identifier string: Unique identifier of the resource.
name string: Name of the resource.
orgId string: Unique identifier of the organization.
projectId string: Unique identifier of the project.
region string: The AWS region where the AWS Secret Manager is.
tags string[]: Tags to associate with the resource.

arn_ref str: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials AwsKmsConnectorCredentialsArgs: Credentials to connect to AWS.
default bool: Set this connector as the default for all the services.
delegate_selectors Sequence[str]: Tags to filter delegates for connection.
description str: Description of the resource.
execute_on_delegate bool: Execute the command on the delegate.
identifier str: Unique identifier of the resource.
name str: Name of the resource.
org_id str: Unique identifier of the organization.
project_id str: Unique identifier of the project.
region str: The AWS region where the AWS Secret Manager is.
tags Sequence[str]: Tags to associate with the resource.

arnRef String: A reference to the Harness secret containing the ARN of the AWS KMS. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
credentials Property Map: Credentials to connect to AWS.
default Boolean: Set this connector as the default for all the services.
delegateSelectors List<String>: Tags to filter delegates for connection.
description String: Description of the resource.
executeOnDelegate Boolean: Execute the command on the delegate.
identifier String: Unique identifier of the resource.
name String: Name of the resource.
orgId String: Unique identifier of the organization.
projectId String: Unique identifier of the project.
region String: The AWS region where the AWS Secret Manager is.
tags List<String>: Tags to associate with the resource.

Supporting Types

AwsKmsConnectorCredentials
, AwsKmsConnectorCredentialsArgs

AssumeRole AwsKmsConnectorCredentialsAssumeRole: Connect using STS assume role.
InheritFromDelegate bool: Inherit the credentials from from the delegate.
Manual AwsKmsConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
OidcAuthentication AwsKmsConnectorCredentialsOidcAuthentication: Connect using OIDC authentication.

AssumeRole AwsKmsConnectorCredentialsAssumeRole: Connect using STS assume role.
InheritFromDelegate bool: Inherit the credentials from from the delegate.
Manual AwsKmsConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
OidcAuthentication AwsKmsConnectorCredentialsOidcAuthentication: Connect using OIDC authentication.

assumeRole AwsKmsConnectorCredentialsAssumeRole: Connect using STS assume role.
inheritFromDelegate Boolean: Inherit the credentials from from the delegate.
manual AwsKmsConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidcAuthentication AwsKmsConnectorCredentialsOidcAuthentication: Connect using OIDC authentication.

assumeRole AwsKmsConnectorCredentialsAssumeRole: Connect using STS assume role.
inheritFromDelegate boolean: Inherit the credentials from from the delegate.
manual AwsKmsConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidcAuthentication AwsKmsConnectorCredentialsOidcAuthentication: Connect using OIDC authentication.

assume_role AwsKmsConnectorCredentialsAssumeRole: Connect using STS assume role.
inherit_from_delegate bool: Inherit the credentials from from the delegate.
manual AwsKmsConnectorCredentialsManual: Specify the AWS key and secret used for authenticating.
oidc_authentication AwsKmsConnectorCredentialsOidcAuthentication: Connect using OIDC authentication.

assumeRole Property Map: Connect using STS assume role.
inheritFromDelegate Boolean: Inherit the credentials from from the delegate.
manual Property Map: Specify the AWS key and secret used for authenticating.
oidcAuthentication Property Map: Connect using OIDC authentication.

AwsKmsConnectorCredentialsAssumeRole
, AwsKmsConnectorCredentialsAssumeRoleArgs

Duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
RoleArn string: The ARN of the role to assume.
ExternalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

Duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
RoleArn string: The ARN of the role to assume.
ExternalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration Integer: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn String: The ARN of the role to assume.
externalId String: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration number: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn string: The ARN of the role to assume.
externalId string: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration int: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
role_arn str: The ARN of the role to assume.
external_id str: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

duration Number: The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the value is set to 3600 seconds. An expiration can also be specified in the client request body. The minimum value is 1 hour.
roleArn String: The ARN of the role to assume.
externalId String: If the administrator of the account to which the role belongs provided you with an external ID, then enter that value.

AwsKmsConnectorCredentialsManual
, AwsKmsConnectorCredentialsManualArgs

AccessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
SecretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

AccessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
SecretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

accessKeyRef String: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
secretKeyRef String: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

accessKeyRef string: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
secretKeyRef string: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

access_key_ref str: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
secret_key_ref str: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

accessKeyRef String: The reference to the Harness secret containing the AWS access key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
secretKeyRef String: The reference to the Harness secret containing the AWS secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.

AwsKmsConnectorCredentialsOidcAuthentication
, AwsKmsConnectorCredentialsOidcAuthenticationArgs

IamRoleArn string: The ARN of the IAM role to assume.

IamRoleArn string: The ARN of the IAM role to assume.

iamRoleArn String: The ARN of the IAM role to assume.

iamRoleArn string: The ARN of the IAM role to assume.

iam_role_arn str: The ARN of the IAM role to assume.

iamRoleArn String: The ARN of the IAM role to assume.

Import

Import account level awskms connector

$ pulumi import harness:platform/awsKmsConnector:AwsKmsConnector example <connector_id>

Import org level awskms connector

$ pulumi import harness:platform/awsKmsConnector:AwsKmsConnector example <ord_id>/<connector_id>

Import project level awskms connector

$ pulumi import harness:platform/awsKmsConnector:AwsKmsConnector example <org_id>/<project_id>/<connector_id>

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: harness pulumi/pulumi-harness
License: Apache-2.0
Notes: This Pulumi package is based on the harness Terraform Provider.

Harness v0.7.1 published on Saturday, Mar 29, 2025 by Pulumi

pulumi/pulumi-harness

harness.platform.AwsKmsConnector

On this page

On this page

Example Usage

Create AwsKmsConnector Resource

Constructor syntax

Parameters

Constructor example

AwsKmsConnector Resource Properties

Inputs

Outputs

Look up Existing AwsKmsConnector Resource

Supporting Types

AwsKmsConnectorCredentials
, AwsKmsConnectorCredentialsArgs

AwsKmsConnectorCredentialsAssumeRole
, AwsKmsConnectorCredentialsAssumeRoleArgs

AwsKmsConnectorCredentialsManual
, AwsKmsConnectorCredentialsManualArgs

AwsKmsConnectorCredentialsOidcAuthentication
, AwsKmsConnectorCredentialsOidcAuthenticationArgs

Import

Package Details

On this page

On this page

harness.platform.AwsKmsConnector

On this page

On this page

Example Usage

Create AwsKmsConnector Resource

Constructor syntax

Parameters

Constructor example

AwsKmsConnector Resource Properties

Inputs

Outputs

Look up Existing AwsKmsConnector Resource

Supporting Types

AwsKmsConnectorCredentials, AwsKmsConnectorCredentialsArgs

AwsKmsConnectorCredentialsAssumeRole, AwsKmsConnectorCredentialsAssumeRoleArgs

AwsKmsConnectorCredentialsManual, AwsKmsConnectorCredentialsManualArgs

AwsKmsConnectorCredentialsOidcAuthentication, AwsKmsConnectorCredentialsOidcAuthenticationArgs

Import

Package Details

On this page

On this page

AwsKmsConnectorCredentials
, AwsKmsConnectorCredentialsArgs

AwsKmsConnectorCredentialsAssumeRole
, AwsKmsConnectorCredentialsAssumeRoleArgs

AwsKmsConnectorCredentialsManual
, AwsKmsConnectorCredentialsManualArgs

AwsKmsConnectorCredentialsOidcAuthentication
, AwsKmsConnectorCredentialsOidcAuthenticationArgs