Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
Ssh rotated secret resource
Create RotatedSecretSsh Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RotatedSecretSsh(name: string, args: RotatedSecretSshArgs, opts?: CustomResourceOptions);@overload
def RotatedSecretSsh(resource_name: str,
args: RotatedSecretSshArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RotatedSecretSsh(resource_name: str,
opts: Optional[ResourceOptions] = None,
rotator_type: Optional[str] = None,
target_name: Optional[str] = None,
rotation_event_ins: Optional[Sequence[str]] = None,
secure_access_allow_external_user: Optional[bool] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
keep_prev_version: Optional[str] = None,
key: Optional[str] = None,
key_data_base64: Optional[str] = None,
max_versions: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
public_key_remote_path: Optional[str] = None,
rotate_after_disconnect: Optional[str] = None,
rotated_password: Optional[str] = None,
rotated_secret_ssh_id: Optional[str] = None,
rotated_username: Optional[str] = None,
description: Optional[str] = None,
authentication_credentials: Optional[str] = None,
secure_access_enable: Optional[str] = None,
rotator_custom_cmd: Optional[str] = None,
delete_protection: Optional[str] = None,
same_password: Optional[str] = None,
rotation_hour: Optional[float] = None,
secure_access_certificate_issuer: Optional[str] = None,
rotation_interval: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
secure_access_rdp_domain: Optional[str] = None,
secure_access_rdp_user: Optional[str] = None,
secure_access_ssh_user: Optional[str] = None,
secure_access_target_type: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
auto_rotate: Optional[str] = None)func NewRotatedSecretSsh(ctx *Context, name string, args RotatedSecretSshArgs, opts ...ResourceOption) (*RotatedSecretSsh, error)public RotatedSecretSsh(string name, RotatedSecretSshArgs args, CustomResourceOptions? opts = null)
public RotatedSecretSsh(String name, RotatedSecretSshArgs args)
public RotatedSecretSsh(String name, RotatedSecretSshArgs args, CustomResourceOptions options)
type: akeyless:RotatedSecretSsh
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RotatedSecretSshArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RotatedSecretSshArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RotatedSecretSshArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RotatedSecretSshArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RotatedSecretSshArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var rotatedSecretSshResource = new Akeyless.RotatedSecretSsh("rotatedSecretSshResource", new()
{
RotatorType = "string",
TargetName = "string",
RotationEventIns = new[]
{
"string",
},
SecureAccessAllowExternalUser = false,
ItemCustomFields =
{
{ "string", "string" },
},
KeepPrevVersion = "string",
Key = "string",
KeyDataBase64 = "string",
MaxVersions = "string",
Name = "string",
PasswordLength = "string",
PublicKeyRemotePath = "string",
RotateAfterDisconnect = "string",
RotatedPassword = "string",
RotatedSecretSshId = "string",
RotatedUsername = "string",
Description = "string",
AuthenticationCredentials = "string",
SecureAccessEnable = "string",
RotatorCustomCmd = "string",
DeleteProtection = "string",
SamePassword = "string",
RotationHour = 0,
SecureAccessCertificateIssuer = "string",
RotationInterval = "string",
SecureAccessHosts = new[]
{
"string",
},
SecureAccessRdpDomain = "string",
SecureAccessRdpUser = "string",
SecureAccessSshUser = "string",
SecureAccessTargetType = "string",
Tags = new[]
{
"string",
},
AutoRotate = "string",
});
example, err := akeyless.NewRotatedSecretSsh(ctx, "rotatedSecretSshResource", &akeyless.RotatedSecretSshArgs{
RotatorType: pulumi.String("string"),
TargetName: pulumi.String("string"),
RotationEventIns: pulumi.StringArray{
pulumi.String("string"),
},
SecureAccessAllowExternalUser: pulumi.Bool(false),
ItemCustomFields: pulumi.StringMap{
"string": pulumi.String("string"),
},
KeepPrevVersion: pulumi.String("string"),
Key: pulumi.String("string"),
KeyDataBase64: pulumi.String("string"),
MaxVersions: pulumi.String("string"),
Name: pulumi.String("string"),
PasswordLength: pulumi.String("string"),
PublicKeyRemotePath: pulumi.String("string"),
RotateAfterDisconnect: pulumi.String("string"),
RotatedPassword: pulumi.String("string"),
RotatedSecretSshId: pulumi.String("string"),
RotatedUsername: pulumi.String("string"),
Description: pulumi.String("string"),
AuthenticationCredentials: pulumi.String("string"),
SecureAccessEnable: pulumi.String("string"),
RotatorCustomCmd: pulumi.String("string"),
DeleteProtection: pulumi.String("string"),
SamePassword: pulumi.String("string"),
RotationHour: pulumi.Float64(0),
SecureAccessCertificateIssuer: pulumi.String("string"),
RotationInterval: pulumi.String("string"),
SecureAccessHosts: pulumi.StringArray{
pulumi.String("string"),
},
SecureAccessRdpDomain: pulumi.String("string"),
SecureAccessRdpUser: pulumi.String("string"),
SecureAccessSshUser: pulumi.String("string"),
SecureAccessTargetType: pulumi.String("string"),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
AutoRotate: pulumi.String("string"),
})
var rotatedSecretSshResource = new RotatedSecretSsh("rotatedSecretSshResource", RotatedSecretSshArgs.builder()
.rotatorType("string")
.targetName("string")
.rotationEventIns("string")
.secureAccessAllowExternalUser(false)
.itemCustomFields(Map.of("string", "string"))
.keepPrevVersion("string")
.key("string")
.keyDataBase64("string")
.maxVersions("string")
.name("string")
.passwordLength("string")
.publicKeyRemotePath("string")
.rotateAfterDisconnect("string")
.rotatedPassword("string")
.rotatedSecretSshId("string")
.rotatedUsername("string")
.description("string")
.authenticationCredentials("string")
.secureAccessEnable("string")
.rotatorCustomCmd("string")
.deleteProtection("string")
.samePassword("string")
.rotationHour(0.0)
.secureAccessCertificateIssuer("string")
.rotationInterval("string")
.secureAccessHosts("string")
.secureAccessRdpDomain("string")
.secureAccessRdpUser("string")
.secureAccessSshUser("string")
.secureAccessTargetType("string")
.tags("string")
.autoRotate("string")
.build());
rotated_secret_ssh_resource = akeyless.RotatedSecretSsh("rotatedSecretSshResource",
rotator_type="string",
target_name="string",
rotation_event_ins=["string"],
secure_access_allow_external_user=False,
item_custom_fields={
"string": "string",
},
keep_prev_version="string",
key="string",
key_data_base64="string",
max_versions="string",
name="string",
password_length="string",
public_key_remote_path="string",
rotate_after_disconnect="string",
rotated_password="string",
rotated_secret_ssh_id="string",
rotated_username="string",
description="string",
authentication_credentials="string",
secure_access_enable="string",
rotator_custom_cmd="string",
delete_protection="string",
same_password="string",
rotation_hour=float(0),
secure_access_certificate_issuer="string",
rotation_interval="string",
secure_access_hosts=["string"],
secure_access_rdp_domain="string",
secure_access_rdp_user="string",
secure_access_ssh_user="string",
secure_access_target_type="string",
tags=["string"],
auto_rotate="string")
const rotatedSecretSshResource = new akeyless.RotatedSecretSsh("rotatedSecretSshResource", {
rotatorType: "string",
targetName: "string",
rotationEventIns: ["string"],
secureAccessAllowExternalUser: false,
itemCustomFields: {
string: "string",
},
keepPrevVersion: "string",
key: "string",
keyDataBase64: "string",
maxVersions: "string",
name: "string",
passwordLength: "string",
publicKeyRemotePath: "string",
rotateAfterDisconnect: "string",
rotatedPassword: "string",
rotatedSecretSshId: "string",
rotatedUsername: "string",
description: "string",
authenticationCredentials: "string",
secureAccessEnable: "string",
rotatorCustomCmd: "string",
deleteProtection: "string",
samePassword: "string",
rotationHour: 0,
secureAccessCertificateIssuer: "string",
rotationInterval: "string",
secureAccessHosts: ["string"],
secureAccessRdpDomain: "string",
secureAccessRdpUser: "string",
secureAccessSshUser: "string",
secureAccessTargetType: "string",
tags: ["string"],
autoRotate: "string",
});
type: akeyless:RotatedSecretSsh
properties:
authenticationCredentials: string
autoRotate: string
deleteProtection: string
description: string
itemCustomFields:
string: string
keepPrevVersion: string
key: string
keyDataBase64: string
maxVersions: string
name: string
passwordLength: string
publicKeyRemotePath: string
rotateAfterDisconnect: string
rotatedPassword: string
rotatedSecretSshId: string
rotatedUsername: string
rotationEventIns:
- string
rotationHour: 0
rotationInterval: string
rotatorCustomCmd: string
rotatorType: string
samePassword: string
secureAccessAllowExternalUser: false
secureAccessCertificateIssuer: string
secureAccessEnable: string
secureAccessHosts:
- string
secureAccessRdpDomain: string
secureAccessRdpUser: string
secureAccessSshUser: string
secureAccessTargetType: string
tags:
- string
targetName: string
RotatedSecretSsh Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The RotatedSecretSsh resource accepts the following input properties:
- Rotator
Type string - The rotator type. options: [target/password/key]
- Target
Name string - The target name to associate
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Key
Data stringBase64 - Private key file contents encoded using base64
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- Name string
- Secret name
- Password
Length string - The length of the password to be generated
- Public
Key stringRemote Path - The path to the public key that will be rotated on the server
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- Rotated
Secret stringSsh Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- Rotation
Event List<string>Ins - How many days before the rotation of the item would you like to be notified
- Rotation
Hour double - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Custom stringCmd - Custom rotation command
- Same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- Secure
Access boolAllow External User - Allow providing external user for a domain users
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringRdp User - Override the RDP Domain username
- Secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- Secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- List<string>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Rotator
Type string - The rotator type. options: [target/password/key]
- Target
Name string - The target name to associate
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Key
Data stringBase64 - Private key file contents encoded using base64
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- Name string
- Secret name
- Password
Length string - The length of the password to be generated
- Public
Key stringRemote Path - The path to the public key that will be rotated on the server
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- Rotated
Secret stringSsh Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- Rotation
Event []stringIns - How many days before the rotation of the item would you like to be notified
- Rotation
Hour float64 - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Custom stringCmd - Custom rotation command
- Same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- Secure
Access boolAllow External User - Allow providing external user for a domain users
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringRdp User - Override the RDP Domain username
- Secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- Secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- []string
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- rotator
Type String - The rotator type. options: [target/password/key]
- target
Name String - The target name to associate
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data StringBase64 - Private key file contents encoded using base64
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults
- name String
- Secret name
- password
Length String - The length of the password to be generated
- public
Key StringRemote Path - The path to the public key that will be rotated on the server
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret StringSsh Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Double - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom StringCmd - Custom rotation command
- same
Password String - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access BooleanAllow External User - Allow providing external user for a domain users
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringRdp User - Override the RDP Domain username
- secure
Access StringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access StringTarget Type - Specify target type. Options are ssh or rdp
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- rotator
Type string - The rotator type. options: [target/password/key]
- target
Name string - The target name to associate
- authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- description string
- Description of the object
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data stringBase64 - Private key file contents encoded using base64
- max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- name string
- Secret name
- password
Length string - The length of the password to be generated
- public
Key stringRemote Path - The path to the public key that will be rotated on the server
- rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret stringSsh Id - The ID of this resource.
- rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event string[]Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour number - The Hour of the rotation in UTC
- rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom stringCmd - Custom rotation command
- same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access booleanAllow External User - Allow providing external user for a domain users
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access stringRdp User - Override the RDP Domain username
- secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- string[]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- rotator_
type str - The rotator type. options: [target/password/key]
- target_
name str - The target name to associate
- authentication_
credentials str - The credentials to connect with use-self-creds/use-target-creds
- auto_
rotate str - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- description str
- Description of the object
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- keep_
prev_ strversion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key str
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key_
data_ strbase64 - Private key file contents encoded using base64
- max_
versions str - Set the maximum number of versions, limited by the account settings defaults
- name str
- Secret name
- password_
length str - The length of the password to be generated
- public_
key_ strremote_ path - The path to the public key that will be rotated on the server
- rotate_
after_ strdisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated_
password str - rotated-username password (relevant only for rotator-type=password)
- rotated_
secret_ strssh_ id - The ID of this resource.
- rotated_
username str - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation_
event_ Sequence[str]ins - How many days before the rotation of the item would you like to be notified
- rotation_
hour float - The Hour of the rotation in UTC
- rotation_
interval str - The number of days to wait between every automatic key rotation (1-365)
- rotator_
custom_ strcmd - Custom rotation command
- same_
password str - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure_
access_ boolallow_ external_ user - Allow providing external user for a domain users
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrdp_ domain - Default domain name server. i.e. microsoft.com
- secure_
access_ strrdp_ user - Override the RDP Domain username
- secure_
access_ strssh_ user - Override the SSH username as indicated in SSH Certificate Issuer
- secure_
access_ strtarget_ type - Specify target type. Options are ssh or rdp
- Sequence[str]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- rotator
Type String - The rotator type. options: [target/password/key]
- target
Name String - The target name to associate
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data StringBase64 - Private key file contents encoded using base64
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults
- name String
- Secret name
- password
Length String - The length of the password to be generated
- public
Key StringRemote Path - The path to the public key that will be rotated on the server
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret StringSsh Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Number - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom StringCmd - Custom rotation command
- same
Password String - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access BooleanAllow External User - Allow providing external user for a domain users
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringRdp User - Override the RDP Domain username
- secure
Access StringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access StringTarget Type - Specify target type. Options are ssh or rdp
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
Outputs
All input properties are implicitly available as output properties. Additionally, the RotatedSecretSsh resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing RotatedSecretSsh Resource
Get an existing RotatedSecretSsh resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RotatedSecretSshState, opts?: CustomResourceOptions): RotatedSecretSsh@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_credentials: Optional[str] = None,
auto_rotate: Optional[str] = None,
delete_protection: Optional[str] = None,
description: Optional[str] = None,
item_custom_fields: Optional[Mapping[str, str]] = None,
keep_prev_version: Optional[str] = None,
key: Optional[str] = None,
key_data_base64: Optional[str] = None,
max_versions: Optional[str] = None,
name: Optional[str] = None,
password_length: Optional[str] = None,
public_key_remote_path: Optional[str] = None,
rotate_after_disconnect: Optional[str] = None,
rotated_password: Optional[str] = None,
rotated_secret_ssh_id: Optional[str] = None,
rotated_username: Optional[str] = None,
rotation_event_ins: Optional[Sequence[str]] = None,
rotation_hour: Optional[float] = None,
rotation_interval: Optional[str] = None,
rotator_custom_cmd: Optional[str] = None,
rotator_type: Optional[str] = None,
same_password: Optional[str] = None,
secure_access_allow_external_user: Optional[bool] = None,
secure_access_certificate_issuer: Optional[str] = None,
secure_access_enable: Optional[str] = None,
secure_access_hosts: Optional[Sequence[str]] = None,
secure_access_rdp_domain: Optional[str] = None,
secure_access_rdp_user: Optional[str] = None,
secure_access_ssh_user: Optional[str] = None,
secure_access_target_type: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
target_name: Optional[str] = None) -> RotatedSecretSshfunc GetRotatedSecretSsh(ctx *Context, name string, id IDInput, state *RotatedSecretSshState, opts ...ResourceOption) (*RotatedSecretSsh, error)public static RotatedSecretSsh Get(string name, Input<string> id, RotatedSecretSshState? state, CustomResourceOptions? opts = null)public static RotatedSecretSsh get(String name, Output<String> id, RotatedSecretSshState state, CustomResourceOptions options)resources: _: type: akeyless:RotatedSecretSsh get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Item
Custom Dictionary<string, string>Fields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Key
Data stringBase64 - Private key file contents encoded using base64
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- Name string
- Secret name
- Password
Length string - The length of the password to be generated
- Public
Key stringRemote Path - The path to the public key that will be rotated on the server
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- Rotated
Secret stringSsh Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- Rotation
Event List<string>Ins - How many days before the rotation of the item would you like to be notified
- Rotation
Hour double - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Custom stringCmd - Custom rotation command
- Rotator
Type string - The rotator type. options: [target/password/key]
- Same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- Secure
Access boolAllow External User - Allow providing external user for a domain users
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access List<string>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringRdp User - Override the RDP Domain username
- Secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- Secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- List<string>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Target
Name string - The target name to associate
- Authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- Auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- Delete
Protection string - Protection from accidental deletion of this object [true/false]
- Description string
- Description of the object
- Item
Custom map[string]stringFields - Additional custom fields to associate with the item
- Keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- Key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- Key
Data stringBase64 - Private key file contents encoded using base64
- Max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- Name string
- Secret name
- Password
Length string - The length of the password to be generated
- Public
Key stringRemote Path - The path to the public key that will be rotated on the server
- Rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- Rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- Rotated
Secret stringSsh Id - The ID of this resource.
- Rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- Rotation
Event []stringIns - How many days before the rotation of the item would you like to be notified
- Rotation
Hour float64 - The Hour of the rotation in UTC
- Rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- Rotator
Custom stringCmd - Custom rotation command
- Rotator
Type string - The rotator type. options: [target/password/key]
- Same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- Secure
Access boolAllow External User - Allow providing external user for a domain users
- Secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- Secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- Secure
Access []stringHosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- Secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- Secure
Access stringRdp User - Override the RDP Domain username
- Secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- Secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- []string
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- Target
Name string - The target name to associate
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- item
Custom Map<String,String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data StringBase64 - Private key file contents encoded using base64
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults
- name String
- Secret name
- password
Length String - The length of the password to be generated
- public
Key StringRemote Path - The path to the public key that will be rotated on the server
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret StringSsh Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Double - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom StringCmd - Custom rotation command
- rotator
Type String - The rotator type. options: [target/password/key]
- same
Password String - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access BooleanAllow External User - Allow providing external user for a domain users
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringRdp User - Override the RDP Domain username
- secure
Access StringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access StringTarget Type - Specify target type. Options are ssh or rdp
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name String - The target name to associate
- authentication
Credentials string - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate string - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection string - Protection from accidental deletion of this object [true/false]
- description string
- Description of the object
- item
Custom {[key: string]: string}Fields - Additional custom fields to associate with the item
- keep
Prev stringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key string
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data stringBase64 - Private key file contents encoded using base64
- max
Versions string - Set the maximum number of versions, limited by the account settings defaults
- name string
- Secret name
- password
Length string - The length of the password to be generated
- public
Key stringRemote Path - The path to the public key that will be rotated on the server
- rotate
After stringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password string - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret stringSsh Id - The ID of this resource.
- rotated
Username string - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event string[]Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour number - The Hour of the rotation in UTC
- rotation
Interval string - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom stringCmd - Custom rotation command
- rotator
Type string - The rotator type. options: [target/password/key]
- same
Password string - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access booleanAllow External User - Allow providing external user for a domain users
- secure
Access stringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access stringEnable - Enable/Disable secure remote access [true/false]
- secure
Access string[]Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access stringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access stringRdp User - Override the RDP Domain username
- secure
Access stringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access stringTarget Type - Specify target type. Options are ssh or rdp
- string[]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name string - The target name to associate
- authentication_
credentials str - The credentials to connect with use-self-creds/use-target-creds
- auto_
rotate str - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete_
protection str - Protection from accidental deletion of this object [true/false]
- description str
- Description of the object
- item_
custom_ Mapping[str, str]fields - Additional custom fields to associate with the item
- keep_
prev_ strversion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key str
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key_
data_ strbase64 - Private key file contents encoded using base64
- max_
versions str - Set the maximum number of versions, limited by the account settings defaults
- name str
- Secret name
- password_
length str - The length of the password to be generated
- public_
key_ strremote_ path - The path to the public key that will be rotated on the server
- rotate_
after_ strdisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated_
password str - rotated-username password (relevant only for rotator-type=password)
- rotated_
secret_ strssh_ id - The ID of this resource.
- rotated_
username str - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation_
event_ Sequence[str]ins - How many days before the rotation of the item would you like to be notified
- rotation_
hour float - The Hour of the rotation in UTC
- rotation_
interval str - The number of days to wait between every automatic key rotation (1-365)
- rotator_
custom_ strcmd - Custom rotation command
- rotator_
type str - The rotator type. options: [target/password/key]
- same_
password str - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure_
access_ boolallow_ external_ user - Allow providing external user for a domain users
- secure_
access_ strcertificate_ issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure_
access_ strenable - Enable/Disable secure remote access [true/false]
- secure_
access_ Sequence[str]hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure_
access_ strrdp_ domain - Default domain name server. i.e. microsoft.com
- secure_
access_ strrdp_ user - Override the RDP Domain username
- secure_
access_ strssh_ user - Override the SSH username as indicated in SSH Certificate Issuer
- secure_
access_ strtarget_ type - Specify target type. Options are ssh or rdp
- Sequence[str]
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target_
name str - The target name to associate
- authentication
Credentials String - The credentials to connect with use-self-creds/use-target-creds
- auto
Rotate String - Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation
- delete
Protection String - Protection from accidental deletion of this object [true/false]
- description String
- Description of the object
- item
Custom Map<String>Fields - Additional custom fields to associate with the item
- keep
Prev StringVersion - Whether to keep previous version [true/false]. If not set, use default according to account settings
- key String
- The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
- key
Data StringBase64 - Private key file contents encoded using base64
- max
Versions String - Set the maximum number of versions, limited by the account settings defaults
- name String
- Secret name
- password
Length String - The length of the password to be generated
- public
Key StringRemote Path - The path to the public key that will be rotated on the server
- rotate
After StringDisconnect - Rotate the value of the secret after SRA session ends [true/false]
- rotated
Password String - rotated-username password (relevant only for rotator-type=password)
- rotated
Secret StringSsh Id - The ID of this resource.
- rotated
Username String - username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)
- rotation
Event List<String>Ins - How many days before the rotation of the item would you like to be notified
- rotation
Hour Number - The Hour of the rotation in UTC
- rotation
Interval String - The number of days to wait between every automatic key rotation (1-365)
- rotator
Custom StringCmd - Custom rotation command
- rotator
Type String - The rotator type. options: [target/password/key]
- same
Password String - Rotate same password for each host from the Linked Target (relevant only for Linked Target)
- secure
Access BooleanAllow External User - Allow providing external user for a domain users
- secure
Access StringCertificate Issuer - Path to the SSH Certificate Issuer for your Akeyless Secure Access
- secure
Access StringEnable - Enable/Disable secure remote access [true/false]
- secure
Access List<String>Hosts - Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)
- secure
Access StringRdp Domain - Default domain name server. i.e. microsoft.com
- secure
Access StringRdp User - Override the RDP Domain username
- secure
Access StringSsh User - Override the SSH username as indicated in SSH Certificate Issuer
- secure
Access StringTarget Type - Specify target type. Options are ssh or rdp
- List<String>
- List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
- target
Name String - The target name to associate
Package Details
- Repository
- akeyless akeyless-community/terraform-provider-akeyless
- License
- Notes
- This Pulumi package is based on the
akeylessTerraform Provider.
Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community
published on Monday, Apr 27, 2026 by akeyless-community
